Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P1: Critical
Fix Version/s: None
Affects Version/s: 5.0.0 RC 1
Component/s: GUI: Window management
Labels:
None

Commits:
70f3c78218c59d1029ea47d1b4fcc869a747f268

Description

There is a potential buffer overflow bug in src/plugins/platforms/xcb/qxcbwindow.cpp.

The code uses a fixed-length array in stack to construct a buffer that can have varying number of elements. The array has length of 4, but in certain conditions, up to 5 elements can be written, causing stack corruption.

Attached is a patch for current qtbase HEAD.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

0001-qxcbwindow-Increase-properties-array-size-to-prevent.patch
1 kB
03 Sep '12 21:17

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Shawn Rutledge

Reporter:: Janne Kulmala

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03 Sep '12 21:17

Updated:: 26 Aug '13 15:01

Resolved:: 24 Sep '12 17:12

Gerrit Reviews

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

Prevent buffer overflow in QXcbWindow.: Gerrit Review: