Bug 187

Summary: Need fix for an exploitable buffer overflow in font code
Product: xprint Reporter: Roland Mainz <roland.mainz>
Component: Server: Font engine: OtherAssignee: Roland Mainz <roland.mainz>
Status: RESOLVED FIXED QA Contact:
Severity: blocker    
Priority: highest    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments:
Description Flags
Patch for 2004-02-12-trunk
none
2nd patch for 2004-02-16-trunk
none
Backout patch for prevous patch none

Description Roland Mainz 2004-02-12 21:37:48 UTC
We need fix for an exploitable buffer overflow in font code - the same patch as
Xfree86 applied recently to their codebase.
Comment 1 Roland Mainz 2004-02-12 21:40:07 UTC
Weired. I thought Slashdot had an article about the issue but I cannot find it
anymore... ;-(
Comment 2 Roland Mainz 2004-02-12 21:41:05 UTC
Created attachment 91 [details] [review]
Patch for 2004-02-12-trunk
Comment 3 Roland Mainz 2004-02-12 21:43:08 UTC
Patch checked-in...

Checking in xc/lib/font/fontfile/dirfile.c;
/cvs/xprint/xprint/src/xprint_main/xc/lib/font/fontfile/dirfile.c,v  <-- 
dirfile.c
new revision: 1.2; previous revision: 1.1
done

... marking bug as FIXED.
Comment 4 Roland Mainz 2004-02-16 04:20:21 UTC
Reopening to include more fixes for the same issue (taken from Xfree86
2004-02-16-trunk CVS) ...
Comment 5 Roland Mainz 2004-02-16 04:23:36 UTC
Created attachment 95 [details] [review]
2nd patch for 2004-02-16-trunk
Comment 6 Roland Mainz 2004-02-16 04:25:59 UTC
Patch checked-in...

Checking in xc/lib/font/fontfile/dirfile.c;
/cvs/xprint/xprint/src/xprint_main/xc/lib/font/fontfile/dirfile.c,v  <-- 
dirfile.c
new revision: 1.3; previous revision: 1.2
done
Checking in xc/lib/font/fontfile/encparse.c;
/cvs/xprint/xprint/src/xprint_main/xc/lib/font/fontfile/encparse.c,v  <-- 
encparse.c
new revision: 1.2; previous revision: 1.1
done
Checking in xc/lib/font/fontfile/fontfile.c;
/cvs/xprint/xprint/src/xprint_main/xc/lib/font/fontfile/fontfile.c,v  <-- 
fontfile.c
new revision: 1.3; previous revision: 1.2
done

... marking bug as FIXED.
Comment 7 Roland Mainz 2004-02-16 04:44:05 UTC
Unfortunately the change broke per-model-config font paths (e.g. Xprt fails to
start up) ... reopening for backout... ;-((
Comment 8 Roland Mainz 2004-02-16 04:45:33 UTC
Created attachment 96 [details] [review]
Backout patch for prevous patch
Comment 9 Roland Mainz 2004-02-16 04:48:29 UTC
Backout patch (attachment 96 [details] [review]) checked-in...

Checking in xc/lib/font/fontfile/dirfile.c;
/cvs/xprint/xprint/src/xprint_main/xc/lib/font/fontfile/dirfile.c,v  <-- 
dirfile.c
new revision: 1.4; previous revision: 1.3
done
Checking in xc/lib/font/fontfile/encparse.c;
/cvs/xprint/xprint/src/xprint_main/xc/lib/font/fontfile/encparse.c,v  <-- 
encparse.c
new revision: 1.3; previous revision: 1.2
done
Checking in xc/lib/font/fontfile/fontfile.c;
/cvs/xprint/xprint/src/xprint_main/xc/lib/font/fontfile/fontfile.c,v  <-- 
fontfile.c
new revision: 1.4; previous revision: 1.3
done

... marking bug as FIXED (for now until Xfree86 comes up with a solution).

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.