blob: 0b8d0b154b26cb507c35bc14ae35996012068d49 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
$NetBSD: patch-CVE-2010-4352-4,v 1.1.2.2 2010/12/30 03:37:22 sbd Exp $
Fix for CVE-2010-4352 taken from here:
http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.2&id=5042c1e5e6df31700215c9dc0618634911b0c9f5
--- doc/dbus-specification.xml.orig 2009-04-17 20:45:29.000000000 +0100
+++ doc/dbus-specification.xml 2010-12-29 10:35:49.000000000 +0000
@@ -561,12 +561,14 @@
</row><row>
<entry><literal>VARIANT</literal></entry>
<entry>
- A variant type has a marshaled <literal>SIGNATURE</literal>
- followed by a marshaled value with the type
- given in the signature.
- Unlike a message signature, the variant signature
- can contain only a single complete type.
- So "i", "ai" or "(ii)" is OK, but "ii" is not.
+ A variant type has a marshaled
+ <literal>SIGNATURE</literal> followed by a marshaled
+ value with the type given in the signature. Unlike
+ a message signature, the variant signature can
+ contain only a single complete type. So "i", "ai"
+ or "(ii)" is OK, but "ii" is not. Use of variants may not
+ cause a total message depth to be larger than 64, including
+ other container types such as structures.
</entry>
<entry>
1 (alignment of the signature)
|
