Linked by Thom Holwerda on Thu 23rd May 2013 23:22 UTC
X11, Window Managers "Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues."
Thread beginning with comment 562570
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Overflowing
by chekr on Fri 24th May 2013 03:23 UTC in reply to "Overflowing"
chekr
Member since:
2005-11-05

Surely there should be some automated process just to go through and check for this kind of fundamental error.


And which automated process would that be? Coverity already have coverage over x.org and they are arguably one of the most effective automated tools.

Reply Parent Score: 3

RE[2]: Overflowing
by kwan_e on Fri 24th May 2013 04:18 in reply to "RE: Overflowing"
kwan_e Member since:
2007-02-18

Coverity already have coverage over x.org and they are arguably one of the most effective automated tools.


Does it cover this kind of error?

"These calls do not check that the lengths and/or indexes returned by the
server are within the bounds specified by the caller or the bounds of the
memory allocated by the function, so could write past the bounds of
allocated memory when storing the returned data."

Reply Parent Score: 2