1
0
mirror of https://github.com/mpv-player/mpv synced 2024-12-27 09:32:40 +00:00
mpv/video/out
wm4 11d35b72a6 x11: fix X property out of bounds memory reads
The size overflow check was inverted: instead of allowing reading only
the first dst_size bytes of the property, it allowed copying past the
property buffer (as returned by xlib). xlib doesn't return the size of
the buffer in bytes, so it has to be computed and checked manually.

Wouldn't it be great if C allowed me to write the overflow check in a
readable way, so it doesn't trick me into writing dumb security bugs?

Relying on X security is even dumber than creating a X security bug,
though, so this was not a real problem. But I found that one specific
call tried to read more than what the property provided, so reduce that.

Also, len*ib obviously can't overflow, so there's an additional layer of
dumb to this whole thing.

While we're at dumb things, why the hell does xlib use "long" for 32 bit
types. It's a god damn pain.
2019-12-18 07:12:53 +01:00
..
cocoa cocoa_common: remove deprecated VOCTRLs/VO_EVENTs 2019-12-12 19:56:03 +01:00
cocoa-cb cocoa-cb: report fullscreen state for legacy fullscreen 2019-12-17 23:48:13 +01:00
d3d11 vo_gpu/d3d11: add support for configuring swap chain color space 2019-10-30 02:41:25 +02:00
gpu vf_gpu: render subtitles 2019-11-30 18:09:31 +01:00
hwdec vo_gpu: hwdec_vaapi_gl: use gl_check_extension() instead of strstr() 2019-12-07 14:16:30 +01:00
opengl vo_gpu: opengl: make it work with EGL 1.4 2019-12-16 00:25:51 +01:00
placebo
vulkan wayland: fix presentation time 2019-10-20 19:50:10 +00:00
win32
android_common.c context_android: move common code to a separate file 2019-09-27 00:05:06 +03:00
android_common.h context_android: move common code to a separate file 2019-09-27 00:05:06 +03:00
aspect.c
aspect.h
bitmap_packer.c video/out/bitmap_packer: Avoid empty initializer list 2019-11-18 16:50:21 +01:00
bitmap_packer.h
cocoa_cb_common.swift cocoa-cb: update and add more options to use new options handling 2019-12-15 20:07:11 +01:00
cocoa_common.h
cocoa_common.m cocoa_common: remove deprecated VOCTRLs/VO_EVENTs 2019-12-12 19:56:03 +01:00
d3d_shader_420p.h
d3d_shader_yuv.hlsl
dither.c
dither.h
dr_helper.c client API: fix potential deadlock problems by throwing more shit at it 2019-09-26 14:14:49 +02:00
dr_helper.h client API: fix potential deadlock problems by throwing more shit at it 2019-09-26 14:14:49 +02:00
drm_atomic.c
drm_atomic.h
drm_common.c drm: avoid division by 0 in drm_pflip_cb with bad drivers 2019-12-07 18:34:25 +01:00
drm_common.h drm: avoid division by 0 in drm_pflip_cb with bad drivers 2019-12-07 18:34:25 +01:00
drm_prime.c
drm_prime.h
filter_kernels.c
filter_kernels.h
libmpv.h
vo_caca.c vo_caca: Implement VOCTRL_UPDATE_WINDOW_TITLE 2019-10-29 17:07:41 +01:00
vo_direct3d.c
vo_drm.c vo_drm: replace drmModeAddFB usage with drmModeAddFB2 2019-12-07 19:23:58 +01:00
vo_gpu.c Revert "vo: add support for externally driven renderloop and make wayland use it" 2019-10-10 17:41:19 +00:00
vo_image.c screenshot, vo_image: use global swscale/zimg parameters 2019-10-31 15:44:09 +01:00
vo_lavc.c
vo_libmpv.c client API: fix potential deadlock problems by throwing more shit at it 2019-09-26 14:14:49 +02:00
vo_mediacodec_embed.c
vo_null.c
vo_rpi.c rpi: destroy fullscreen change handling 2019-12-11 18:50:37 +01:00
vo_sdl.c vo_sdl: use new fullscreen change mechanism 2019-12-11 18:47:57 +01:00
vo_tct.c video/out/vo_tct: Use octal escape sequence instead of non-standard \e 2019-11-18 16:50:21 +01:00
vo_vaapi.c
vo_vdpau.c Replace uses of FFMIN/MAX with MPMIN/MAX 2019-10-31 11:24:20 +01:00
vo_wlshm.c sws_utils: shuffle around some shit 2019-10-31 15:26:03 +01:00
vo_x11.c vo_x11: accept zimg formats 2019-11-03 22:52:12 +01:00
vo_xv.c
vo.c vo: redraw dropped frame if paused between queuing and drawing frame 2019-12-04 23:55:42 +01:00
vo.h command, vo: remove old option change notification mechanisms 2019-12-17 23:18:17 +01:00
w32_common.c video/w32_common: follow updates to the border option instead of VOCTRL_BORDER 2019-12-18 00:02:49 +02:00
w32_common.h
wayland_common.c wayland: remove unnecessary VO_EVENT_FULLSCREEN_STATE 2019-12-12 14:47:52 +01:00
wayland_common.h wayland: fix cursor behavior on an edge case 2019-12-04 00:47:05 +00:00
win_state.c win_state: silence a valgrind warning 2019-09-19 20:37:05 +02:00
win_state.h
x11_common.c x11: fix X property out of bounds memory reads 2019-12-18 07:12:53 +01:00
x11_common.h x11: use new option stuff to implement fullscreen 2019-11-29 13:56:58 +01:00