From 123fd2183361a2d5e244e28a603567a2e6f30314 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Sun, 2 Aug 2020 18:20:30 +0000
Subject: Sun Aug  2 18:20:30 UTC 2020

d/bison-3.7.1-x86_64-1.txz:  Upgraded.
d/python-setuptools-49.2.1-x86_64-1.txz:  Upgraded.
l/libcap-2.42-x86_64-1.txz:  Upgraded.
x/libX11-1.6.10-x86_64-2.txz:  Rebuilt.
  Fix size calculation in _XimAttributeToValue.
  Thanks to chrisVV and Yichao Yu.
extra/xfractint/xfractint-20.04p16-x86_64-1.txz:  Upgraded.
---
 source/x/x11/patch/libX11/libX11.fix_size.diff | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 source/x/x11/patch/libX11/libX11.fix_size.diff

(limited to 'source/x/x11/patch/libX11')

diff --git a/source/x/x11/patch/libX11/libX11.fix_size.diff b/source/x/x11/patch/libX11/libX11.fix_size.diff
new file mode 100644
index 000000000..ab2a0cf77
--- /dev/null
+++ b/source/x/x11/patch/libX11/libX11.fix_size.diff
@@ -0,0 +1,20 @@
+--- ./modules/im/ximcp/imRmAttr.c.orig	2020-07-31 08:46:40.000000000 -0500
++++ ./modules/im/ximcp/imRmAttr.c	2020-08-02 13:07:15.343940851 -0500
+@@ -265,7 +265,7 @@
+ 
+ 	    if (num > (USHRT_MAX / sizeof(XIMStyle)))
+ 		return False;
+-	    if ((sizeof(num) + (num * sizeof(XIMStyle))) > data_len)
++           if ((2 * sizeof(CARD16) + (num * sizeof(CARD32))) > data_len)
+ 		return False;
+ 	    alloc_len = sizeof(XIMStyles) + sizeof(XIMStyle) * num;
+ 	    if (alloc_len < sizeof(XIMStyles))
+@@ -379,7 +379,7 @@
+ 
+ 	    if (num > (UINT_MAX / sizeof(XIMHotKeyTrigger)))
+ 		return False;
+-	    if ((sizeof(num) + (num * sizeof(XIMHotKeyTrigger))) > data_len)
++           if ((2 * sizeof(CARD16) + (num * 3 * sizeof(CARD32))) > data_len)
+ 		return False;
+ 	    alloc_len = sizeof(XIMHotKeyTriggers)
+ 		      + sizeof(XIMHotKeyTrigger) * num;
-- 
cgit v1.2.3-79-gdb01