Missing parens in REQUEST_FIXED_SIZE macro [CVE-2014-8092 pt. 5]

The 'n' parameter must be surrounded by parens in both places to prevent precedence from mis-computing things. Signed-off-by: Keith Packard <keithp@keithp.com> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> (cherry picked from commit 9802a0162f738de03585ca3f3b8a8266494f7d45) Signed-off-by: Julien Cristau <jcristau@debian.org>
author: Keith Packard <keithp@keithp.com> 2014-12-09 09:30:59 -0800
committer: Julien Cristau <jcristau@debian.org> 2014-12-09 20:54:12 +0100
commit: 8e7c4380a56ab05412f630e9b6e02580cb04a804 (patch)
tree: 343d509ff891e4389400a8d9b2c8796418a1dcc0
parent: 1069ca99298bf1e85e001bfde90b00a42afdb5d8 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/include/dix.h b/include/dix.h
index 41892863e..c5c86b6b8 100644
--- a/include/dix.h
+++ b/include/dix.h
@@ -80,7 +80,7 @@ SOFTWARE.
 
 #define REQUEST_FIXED_SIZE(req, n)\
     if (((sizeof(req) >> 2) > client->req_len) || \
-        ((n >> 2) >= client->req_len) || \
+        (((n) >> 2) >= client->req_len) ||                              \
         ((((uint64_t) sizeof(req) + (n) + 3) >> 2) != (uint64_t) client->req_len))  \
          return(BadLength)
author	Keith Packard <keithp@keithp.com>	2014-12-09 09:30:59 -0800
committer	Julien Cristau <jcristau@debian.org>	2014-12-09 20:54:12 +0100
commit	8e7c4380a56ab05412f630e9b6e02580cb04a804 (patch)
tree	343d509ff891e4389400a8d9b2c8796418a1dcc0
parent	1069ca99298bf1e85e001bfde90b00a42afdb5d8 (diff)