libtdevnc - Shared TDE VNC library sources

diff options

author	Petr Písař <ppisar@redhat.com>	2019-01-07 10:40:01 +0100
committer	Slávek Banko <slavek.banko@axis.cz>	2019-03-03 16:01:12 +0100
commit	6142d389db44b781e36399fe7c477c4879c0924b (patch)
tree	041da4dafe45f182e7d477130471c5b55eba937d /client_examples/backchannel.c
parent	177b748ba10ee43351643091ca42239205743dd8 (diff)
download	libtdevnc-6142d389db44b781e36399fe7c477c4879c0924b.tar.gz libtdevnc-6142d389db44b781e36399fe7c477c4879c0924b.zip

Limit lenght to INT_MAX bytes in rfbProcessFileTransferReadBuffer()

This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap out-of-bound write access in rfbProcessFileTransferReadBuffer() when reading a transfered file content in a server. The former fix did not work on platforms with a 32-bit int type (expected by rfbReadExact()). CVE-2018-15127 <https://github.com/LibVNC/libvncserver/issues/243> <https://github.com/LibVNC/libvncserver/issues/273> (cherry picked from commit 09e8fc02f59f16e2583b34fe1a270c238bd9ffec)

Diffstat (limited to 'client_examples/backchannel.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: