Received: by mail.netbsd.org (Postfix, from userid 605) id 9FE4814A487; Wed, 14 May 2014 05:24:28 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id A939214A485 for ; Wed, 14 May 2014 05:24:27 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id icfJPnEF_MFs for ; Wed, 14 May 2014 05:24:27 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id DF5DA14A483 for ; Wed, 14 May 2014 05:24:26 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id AAEE396; Wed, 14 May 2014 05:24:26 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Wed, 14 May 2014 05:24:26 +0000 From: "SAITOH Masanobu" Subject: CVS commit: [netbsd-5] xsrc To: source-changes@NetBSD.org X-Mailer: log_accum Message-Id: <20140514052426.AAEE396@cvs.netbsd.org> Sender: source-changes-owner@NetBSD.org List-Id: source-changes.NetBSD.org Precedence: bulk Reply-To: source-changes-d@NetBSD.org Mail-Reply-To: "SAITOH Masanobu" Mail-Followup-To: source-changes-d@NetBSD.org Module Name: xsrc Committed By: msaitoh Date: Wed May 14 05:24:26 UTC 2014 Modified Files: xsrc/external/mit/libXfont/dist/src/fc [netbsd-5]: fsconvert.c fserve.c xsrc/external/mit/libXfont/dist/src/fontfile [netbsd-5]: dirfile.c xsrc/xfree/xc/lib/font/fc [netbsd-5]: fsconvert.c fserve.c xsrc/xfree/xc/lib/font/fontfile [netbsd-5]: dirfile.c Log Message: Pull up following revision(s) (requested by maxv in ticket #1905): src/sys/compat/linux/common/linux_exec_elf32.c 1.91 via patch A specially-crafted binary could easily control a kernel array index. Add some checks to ensure that nothing will be read outside the allocated area. Rewrite the code so that we don't need to allocate the whole section. Spotted by several developers, patch from chs@/enami@ To generate a diff of this commit: cvs rdiff -u -r1.1.1.1.2.1 -r1.1.1.1.2.2 \ xsrc/external/mit/libXfont/dist/src/fc/fsconvert.c \ xsrc/external/mit/libXfont/dist/src/fc/fserve.c cvs rdiff -u -r1.1.1.1.2.1 -r1.1.1.1.2.2 \ xsrc/external/mit/libXfont/dist/src/fontfile/dirfile.c cvs rdiff -u -r1.4 -r1.4.20.1 xsrc/xfree/xc/lib/font/fc/fsconvert.c \ xsrc/xfree/xc/lib/font/fc/fserve.c cvs rdiff -u -r1.4 -r1.4.8.1 xsrc/xfree/xc/lib/font/fontfile/dirfile.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.