debian/patches/CVE-2015-5260_CVE-2015-5261/0019-Prevent-leak-if-size-from-red_get_data_chunks-don-t-.patch

   1 From 6e3547f8b192f5b01d478ca222bf46736f5c700c Mon Sep 17 00:00:00 2001
   2 From: Frediano Ziglio <fziglio@redhat.com>
   3 Date: Thu, 17 Sep 2015 15:01:05 +0100
   4 Subject: [PATCH 19/19] Prevent leak if size from red_get_data_chunks don't
   5  match in red_get_image
   6
   7 Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
   8 ---
   9  server/red_parse_qxl.c | 2 ++
  10  1 file changed, 2 insertions(+)
  11
  12 --- a/server/red_parse_qxl.c
  13 +++ b/server/red_parse_qxl.c
  14 @@ -530,6 +530,7 @@ static SpiceImage *red_get_image(RedMemS
  15                                         &chunks, qxl->bitmap.data);
  16              spice_assert(size == bitmap_size);
  17              if (size != bitmap_size) {
  18 +                red_put_data_chunks(&chunks);
  19                  goto error;
  20              }
  21              red->u.bitmap.data = red_get_image_data_chunked(slots, group_id,
  22 @@ -550,6 +551,7 @@ static SpiceImage *red_get_image(RedMemS
  23                                         &chunks, (QXLDataChunk *)qxl->quic.data);
  24          spice_assert(size == red->u.quic.data_size);
  25          if (size != red->u.quic.data_size) {
  26 +            red_put_data_chunks(&chunks);
  27              goto error;
  28          }
  29          red->u.quic.data = red_get_image_data_chunked(slots, group_id,