29 lines
1.5 KiB
Text
29 lines
1.5 KiB
Text
$NetBSD: patch-CVE-2010-4352-4,v 1.1 2010/12/29 10:49:21 tron Exp $
|
|
|
|
Fix for CVE-2010-4352 taken from here:
|
|
|
|
http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.2&id=5042c1e5e6df31700215c9dc0618634911b0c9f5
|
|
|
|
--- doc/dbus-specification.xml.orig 2009-04-17 20:45:29.000000000 +0100
|
|
+++ doc/dbus-specification.xml 2010-12-29 10:35:49.000000000 +0000
|
|
@@ -561,12 +561,14 @@
|
|
</row><row>
|
|
<entry><literal>VARIANT</literal></entry>
|
|
<entry>
|
|
- A variant type has a marshaled <literal>SIGNATURE</literal>
|
|
- followed by a marshaled value with the type
|
|
- given in the signature.
|
|
- Unlike a message signature, the variant signature
|
|
- can contain only a single complete type.
|
|
- So "i", "ai" or "(ii)" is OK, but "ii" is not.
|
|
+ A variant type has a marshaled
|
|
+ <literal>SIGNATURE</literal> followed by a marshaled
|
|
+ value with the type given in the signature. Unlike
|
|
+ a message signature, the variant signature can
|
|
+ contain only a single complete type. So "i", "ai"
|
|
+ or "(ii)" is OK, but "ii" is not. Use of variants may not
|
|
+ cause a total message depth to be larger than 64, including
|
|
+ other container types such as structures.
|
|
</entry>
|
|
<entry>
|
|
1 (alignment of the signature)
|