Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes for CVE-2014-0250 #1874

Merged
merged 4 commits into from May 30, 2014
Merged

Fixes for CVE-2014-0250 #1874

merged 4 commits into from May 30, 2014

Commits on May 28, 2014

  1. Fixes for CVE-2014-0250 

    This patch introduce misc checks when receiving pointer updates. We check
that the cursor are in the bounds defined by the spec. We also check that
the announced mask sizes are what they should be.
    @hardening
    hardening committed May 28, 2014
    Copy the full SHA
    532c420 View commit details
    Browse the repository at this point in the history

  2. Set checks to be strict and also check xorBpp field 

    This patch:
* renames bpp to xorBpp ;
* changes checks to strict ;
* adds checks on the xorBpp field
    @hardening
    hardening committed May 28, 2014
    Copy the full SHA
    640b901 View commit details
    Browse the repository at this point in the history

Commits on May 29, 2014

  1. Check for bpp > 0 

    Bpp == 0 just makes no sense
    @hardening
    hardening committed May 29, 2014
    Copy the full SHA
    61a5853 View commit details
    Browse the repository at this point in the history

  2. Check that bpp has reasonable value 

    As bpp is often used for malloc computations, let's check that it has
a reasonable value.
    @hardening
    hardening committed May 29, 2014
    Copy the full SHA
    07e0eba View commit details
    Browse the repository at this point in the history