- Mar 28, 2017
-
-
derf authored
Fix double-free/OOB-write while receiving IPC data
-
- Mar 23, 2017
-
-
Tobias Stoeckmann authored
If a malicious client pretends to be the E17 window manager, it is possible to trigger an out of boundary heap write while receiving an IPC message. The length of the already received message is stored in an unsigned short, which overflows after receiving 64 KB of data. It's comparably small amount of data and therefore achievable for an attacker. When len overflows, realloc() will either be called with a small value and therefore chars will be appended out of bounds, or len + 1 will be exactly 0, in which case realloc() behaves like free(). This could be abused for a later double-free attack as it's even possible to overwrite the free information -- but this depends on the malloc implementation. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
-
- Feb 26, 2017
-
-
Birte Kristina Friesel authored
-
- Feb 23, 2017
-
-
Birte Kristina Friesel authored
-
- Feb 16, 2017
-
-
Birte Kristina Friesel authored
-
- Jan 22, 2017
-
-
Birte Kristina Friesel authored
-
- Jan 15, 2017
-
-
Birte Kristina Friesel authored
-
- Jan 14, 2017
-
-
Birte Kristina Friesel authored
-
- Jan 12, 2017
-
-
ANogin authored
like %o and %z in slideshow actions (I would like to use this to zoom in, pan, and then use an action to crop the window to zoomed in view).
-
- Jan 11, 2017
-
-
Birte Kristina Friesel authored
-
- Jan 02, 2017
-
-
Birte Kristina Friesel authored
-
- Dec 07, 2016
-
-
Birte Kristina Friesel authored
-
Birte Kristina Friesel authored
-
- Nov 01, 2016
-
-
Birte Kristina Friesel authored
-
- Oct 31, 2016
-
-
Birte Kristina Friesel authored
-
- Oct 30, 2016
-
-
Birte Kristina Friesel authored
-
Birte Kristina Friesel authored
-
Birte Kristina Friesel authored
-
- Oct 29, 2016
-
-
Birte Kristina Friesel authored
This reverts commit 465238bd.
-
Elliot Wolk authored
-
Elliot Wolk authored
-
Elliot Wolk authored
-
- Oct 24, 2016
-
-
Birte Kristina Friesel authored
-
- Oct 17, 2016
-
-
Birte Kristina Friesel authored
-
Birte Kristina Friesel authored
-
- Oct 15, 2016
-
-
Ernie Ewert authored
-
Ernie Ewert authored
Fixed(?) Makefile document build issue for README.md
-
- Oct 01, 2016
-
-
Birte Kristina Friesel authored
-
- Sep 21, 2016
-
-
derf authored
Convert README to markdown
-
Fahad Hossain authored
Looks prettier
-
- Sep 06, 2016
-
-
Birte Kristina Friesel authored
-
- Sep 01, 2016
-
-
derf authored
Fix FSF address
-
Fabio Alessandro Locati authored
-
- Aug 31, 2016
-
-
Birte Kristina Friesel authored
-
Birte Kristina Friesel authored
-
Birte Kristina Friesel authored
-
Niclas Zeising authored
On some systsems sysconf() can return a very large value, unsuitable for use with malloc(). Only use sysconf() if HOST_NAME_MAX isn't avalable.
-
Niclas Zeising authored
FreeBSD lacks the constant HOST_NAME_MAX, instead using sysconf(3) to find out the value of the maximum host name length at run time. Patch to use this instead of HOST_NAME_MAX. This brings with it the need to use malloc instead of using a statically sized buffer for the host name, since the size of the buffer cannot be known at run time. Errors from sysconf or malloc just means that the entire block of code is skipped over (the same way it's skipped if the call to gethostname() fails), rather than returning any kind of error to the caller or logging an error message somewhere.
-
- Aug 28, 2016
-
-
Birte Kristina Friesel authored
-
Birte Kristina Friesel authored
-