Re: [directfb-dev] IDirectFBSurface Dispatch_Write bugs

Fri, 25 Apr 2014 01:20:08 -0700 

On 03/27/14 00:41, Frédéric Basse wrote:
> 
> * CWE-787: Out-of-bounds Write
> 'count' can exceed 'dst' buffer size.
> =>
> http://git.directfb.org/?p=core/DirectFB.git;a=blob;f=proxy/dispatcher/idirectfbsurface_dispatcher.c;h=6e99cbba8a8430869b318936ed63a80f44b83201;hb=HEAD#l1676
> =>
> http://git.directfb.org/?p=core/DirectFB.git;a=blob;f=proxy/dispatcher/idirectfbsurface_dispatcher.c;h=6e99cbba8a8430869b318936ed63a80f44b83201;hb=HEAD#l1626

Does it mean that 'count' has to be checked against 'num', as done for 'out'?

-- 
Denis Oliver Kropp
CEO
DirectFB integrated media GmbH
_______________________________________________
directfb-dev mailing list
directfb-dev@directfb.org
http://mail.directfb.org/cgi-bin/mailman/listinfo/directfb-dev

Reply via email to