https://bugs.winehq.org/show_bug.cgi?id=45106
Bug ID: 45106 Summary: OOB write in gdi32 Product: Wine Version: 3.7 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: gdi32 Assignee: wine-bugs@winehq.org Reporter: robert.gawlik@rub.de Distribution: ---
Created attachment 61285 --> https://bugs.winehq.org/attachment.cgi?id=61285 affected source code
Original submitted report can be found here: https://bugs.launchpad.net/ubuntu/+source/wine/+bug/1764719
The attachment also contains more details. If more info is needed, please let me know!
https://bugs.winehq.org/show_bug.cgi?id=45106
Jens Reyer jre.winesim@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jre.winesim@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=45106
tokktokk fdsfgs@krutt.org changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |fdsfgs@krutt.org
https://bugs.winehq.org/show_bug.cgi?id=45106
Marcus Meissner marcus@jet.franken.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |marcus@jet.franken.de
https://bugs.winehq.org/show_bug.cgi?id=45106
Marcus Meissner marcus@jet.franken.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|OOB write in gdi32 |OOB write in gdi32 | |(CVE-2018-12933)
https://bugs.winehq.org/show_bug.cgi?id=45106
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever confirmed|0 |1
--- Comment #1 from Nikolay Sivov bunglehead@gmail.com --- Confirming, we should validate against specified handle count.
https://bugs.winehq.org/show_bug.cgi?id=45106
Esme Povirk madewokherd@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Fixed by SHA1| |6bddfe4560656410e1edfc7dad3 | |69f5d562d90be Status|NEW |RESOLVED
--- Comment #2 from Esme Povirk madewokherd@gmail.com --- Tested all sample files from the launchpad bug and got no crashes (previously, some of them logged access violations in unixlib code), so I think this is fixed.
https://bugs.winehq.org/show_bug.cgi?id=45106
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #3 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 9.16.