File DirectFB-CVE-2014-2978.patch of Package DirectFB
Index: proxy/dispatcher/idirectfbsurface_dispatcher.c
===================================================================
--- proxy/dispatcher/idirectfbsurface_dispatcher.c.orig 2014-03-22 21:05:18.000000000 +0100
+++ proxy/dispatcher/idirectfbsurface_dispatcher.c 2015-03-23 15:03:28.650053384 +0100
@@ -1629,6 +1629,11 @@
dst[out++] = RLE16_KEY;
}
else {
+ /* CVE-2014-2978 */
+ if (count > num - out ) {
+ break;
+ }
+
last = src[n++];
while (count >= 4) {
@@ -1679,6 +1684,11 @@
dst[out++] = RLE32_KEY;
}
else {
+ /* CVE-2014-2978 */
+ if (count > num - out ) {
+ break;
+ }
+
last = src[n++];
while (count >= 4) {
