Overview

File u_xkb-Escape-non-printable-characters-correctly.patch of Package xorg-x11-server.24940

Patch-mainline: To be upstreamed
Author: Michal Srb <msrb@suse.com>
Subject: xkb: Escape non-printable characters correctly.
References: bnc#1051150 CVE-2017-13723

XkbStringText escapes non-printable characters using octal numbers. Such escape
sequence would be at most 5 characters long ("\0123"), so it reserves 5 bytes
in the buffer. Due to char->unsigned int conversion, it would print much longer
string for negative numbers.
---
It can be triggered for example with long string containing "\xff" characters.

 xkb/xkbtext.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xkb/xkbtext.c b/xkb/xkbtext.c
index ffbc546b3..ead2b1aee 100644
--- a/xkb/xkbtext.c
+++ b/xkb/xkbtext.c
@@ -603,7 +603,7 @@ XkbStringText(char *str, unsigned format)
             }
             else {
                 *out++ = '0';
-                sprintf(out, "%o", *in);
+                sprintf(out, "%o", (unsigned char) *in);
                 while (*out != '\0')
                     out++;
             }
-- 
2.12.3
openSUSE Build Service is sponsored by
Places