For some reasons (documented in cursor_init) the function
uses 128 bytes more of data causing a reading buffer overflow.
Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx>
---
Is it still valid the reason or the buffer should be just the right
size? Was it a old client bug?
---
server/tests/test-display-base.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/server/tests/test-display-base.c b/server/tests/test-display-base.c
index f77f9659..ed62a607 100644
--- a/server/tests/test-display-base.c
+++ b/server/tests/test-display-base.c
@@ -694,7 +694,7 @@ static void release_resource(SPICE_GNUC_UNUSED QXLInstance *qin,
static struct {
QXLCursor cursor;
- uint8_t data[CURSOR_WIDTH * CURSOR_HEIGHT * 4]; // 32bit per pixel
+ uint8_t data[CURSOR_WIDTH * CURSOR_HEIGHT * 4 + 128]; // 32bit per pixel
} cursor;
static void cursor_init(void)
--
2.13.5
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/spice-devel