cairo-xlib: Check for maximum surface size

X11 use uint16_t for the width/height of things. Anything too large will be truncated when sending the request to the X11 server. This commit adds a size check to a function that did not check things and then later caused a segmentation fault. Not adding a test case because the test case from the below bug report allocates 3,5 GiB of memory, which I find too much for a test. Fixes: https://gitlab.freedesktop.org/cairo/cairo/-/issues/414 Signed-off-by: Uli Schlachter <psychon@znc.in>
author: Uli Schlachter <psychon@znc.in> 2021-01-13 16:36:33 +0100
committer: Uli Schlachter <psychon@znc.in> 2021-01-13 16:36:33 +0100
commit: 81806c01112bc504d96d79f969f229e27625344f (patch)
tree: ef50221d0aceb1312da155fd86e4b6a7c594c5cb /src/cairo-xlib-private.h
parent: 974791b4eede7f2ff774b56dd90234ed2cd70311 (diff)
download: cairo-81806c01112bc504d96d79f969f229e27625344f.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/cairo-xlib-private.h b/src/cairo-xlib-private.h
index 71dccc3a7..8e338aea6 100644
--- a/src/cairo-xlib-private.h
+++ b/src/cairo-xlib-private.h
@@ -65,6 +65,8 @@ typedef struct _cairo_xlib_surface cairo_xlib_surface_t;
 #define RAMP_SIZE 16
 /* maximum number of cached GC's */
 #define GC_CACHE_SIZE 4
+/* maximum width/height of an X11 drawable */
+#define XLIB_COORD_MAX 32767
 
 struct _cairo_xlib_display {
     cairo_device_t base;
author	Uli Schlachter <psychon@znc.in>	2021-01-13 16:36:33 +0100
committer	Uli Schlachter <psychon@znc.in>	2021-01-13 16:36:33 +0100
commit	81806c01112bc504d96d79f969f229e27625344f (patch)
tree	ef50221d0aceb1312da155fd86e4b6a7c594c5cb /src/cairo-xlib-private.h
parent	974791b4eede7f2ff774b56dd90234ed2cd70311 (diff)
download	cairo-81806c01112bc504d96d79f969f229e27625344f.tar.gz