Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes for CVE-2014-0250 #1874

Merged
merged 4 commits into from May 30, 2014
Merged

Fixes for CVE-2014-0250 #1874

merged 4 commits into from May 30, 2014

Conversation

hardening
Copy link
Contributor

This patch introduce misc checks when receiving pointer updates. We check that the cursor are in the bounds defined by the spec. We also check that the announced mask sizes are what they should be.

@hardening
Fixes for CVE-2014-0250
532c420 
This patch introduce misc checks when receiving pointer updates. We check
that the cursor are in the bounds defined by the spec. We also check that
the announced mask sizes are what they should be.
@hardening hardening mentioned this pull request May 28, 2014
Closed
@freerdp-bot
Copy link

Test PASSed.
Refer to this link for build results: https://ci.freerdp.com/job/PullRequestBuilder/351/

@hardening
Set checks to be strict and also check xorBpp field
640b901 
This patch:
* renames bpp to xorBpp ;
* changes checks to strict ;
* adds checks on the xorBpp field
@freerdp-bot
Copy link

Test PASSed.
Refer to this link for build results: https://ci.freerdp.com/job/PullRequestBuilder/352/

@hardening
Check for bpp > 0
61a5853 
Bpp == 0 just makes no sense
@freerdp-bot
Copy link

Test PASSed.
Refer to this link for build results: https://ci.freerdp.com/job/PullRequestBuilder/353/

@nfedera
Copy link
Contributor

nfedera commented May 29, 2014

+1 all is well now

@hardening
Check that bpp has reasonable value
07e0eba 
As bpp is often used for malloc computations, let's check that it has
a reasonable value.
@freerdp-bot
Copy link

Test FAILed.
Refer to this link for build results: https://ci.freerdp.com/job/PullRequestBuilder/354/

@nfedera
Copy link
Contributor

nfedera commented May 29, 2014

ios build bot has issues. can be ignored.

@bmiklautz
Copy link
Member

@freerdp-bot test

@bmiklautz
Copy link
Member

+1

@freerdp-bot
Copy link

Test PASSed.
Refer to this link for build results: https://ci.freerdp.com/job/PullRequestBuilder/355/

awakecoding added a commit that referenced this pull request May 30, 2014
@awakecoding
Merge pull request #1874 from hardening/CVE-2014-0250
2309169 
Fixes for CVE-2014-0250
@awakecoding awakecoding merged commit 2309169 into FreeRDP:master May 30, 2014
@hardening hardening deleted the CVE-2014-0250 branch June 19, 2014 08:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@hardening @freerdp-bot @nfedera @bmiklautz @awakecoding