summaryrefslogtreecommitdiffstats
path: root/libvncserver
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #259 from veyon/cursor-shiftChristian Beier2018-11-191-4/+4
|\ | | | | LibVNCClient: fix integer shifts for cursor colors
| * LibVNCClient: fix integer shifts for cursor colorsTobias Junghans2018-11-051-4/+4
| | | | | | | | | | | | Shifting values > 32768 by 16 places can cause undefined results for signed integers. Therefore cast color components to unsigned integer before shifting.
* | LibVNCServer: properly use thread-local storageTobias Junghans2018-11-192-6/+8
| | | | | | | | | | | | The TLS macro never has been defined due to the missing LIBVNCSERVER_HAVE_TLS macro. This revises the macro logic to also cover Win32 builds with MSVC.
* | Add SSL options to rfbUsage outputChristian Beier2018-11-111-0/+4
| |
* | Merge branch 'fix-#242'Christian Beier2018-11-105-18/+25
|\ \
| * | tightvnc-filetransfer: do not close stuff from within a threadChristian Beier2018-11-101-6/+0
| | | | | | | | | | | | | | | | | | ... as this crashes badly and the client is closed by the main thread machinery afterwards. re #242
| * | tightvnc-filetransfer: when creating a new download thread, make sure the ↵Christian Beier2018-10-221-2/+1
| | | | | | | | | | | | | | | | | | previous one ends re #242
| * | tightvnc-filetransfer: wait for download thread end in CloseUndoneFileDownload()Christian Beier2018-10-212-2/+7
| | | | | | | | | | | | | | | | | | ...and use it when deregistering the file transfer extension. Closes #242
| * | tightvnc-filetransfer: refactor CloseUndoneFileTransfer() into two functionsChristian Beier2018-10-213-7/+16
| | | | | | | | | | | | | | | | | | ...for closing upload and download separately. re #242
| * | tightvnc-filetransfer: tie the download thread to the control structureChristian Beier2018-10-212-2/+2
| |/ | | | | | | re #242
* / Undef error codes before redefining them for WSATobias Junghans2018-11-061-0/+6
|/ | | | Fixes compiler warnings about redefined macros from errno.h.
* tightvnc-filetransfer: fix heap use-after-freeChristian Beier2018-10-211-0/+2
| | | | | | | | | | One can only guess what the intended semantics were here, but as every other rfbCloseClient() call in this file is followed by an immediate return, let's assume this was forgotton in this case. Anyway, don't forget to clean up to not leak memory. Closes #241
* LibVNCServer: fix heap out-of-bound write accessChristian Beier2018-10-211-1/+1
| | | | Closes #243
* websockets: remove Flash fallbackChristian Beier2018-10-012-13/+1
| | | | Closes #162
* httpd: send proper MIME type for Javascript filesChristian Beier2018-10-011-0/+2
| | | | re #148
* Fix compilaton with gcc 4.4.xDRC2018-09-301-2/+2
| | | | | | Closes #204 Signed-off-by: Christian Beier <dontmind@freeshell.org>
* crypto: move to commonChristian Beier2018-06-295-190/+0
| | | | | | As of now, only LibVNCServer makes uses of these digest functions _and_ they depend on sys/uio.h, but in the future LibVNCClient will need those as well.
* Tight: export SendCompressedData and SendTightHeader functionsEddie James2018-06-201-14/+11
| | | | | | | | | These functions can be used to send already compressed jpegs to a client, circumventing the usual rect/region update methods which operate on a raw rgb framebuffer. Rename the functions with the usual rfb prefix and add the prototypes in rfb.h. Signed-off-by: Eddie James <eajames@us.ibm.com>
* rfbserver: fix a typoChristian Beier2018-03-241-1/+1
|
* rfbserver: get rid of inttypes.h againChristian Beier2018-03-241-4/+1
|
* Limit client cut text length to 1 MBPetr Písař2018-03-081-1/+19
| | | | | | | | | | | | | | | | This patch constrains a client cut text length to 1 MB. Otherwise a client could make server allocate 2 GB of memory and that seems to be to much to classify it as a denial of service. The limit also prevents from an integer overflow followed by copying an uninitilized memory when processing msg.cct.length value larger than SIZE_MAX or INT_MAX - sz_rfbClientCutTextMsg. This patch also corrects accepting length value of zero (malloc(0) is interpreted on differnet systems differently). CVE-2018-7225 <https://github.com/LibVNC/libvncserver/issues/218>
* fix: the function should not return a valueWu Zongyong2017-06-251-1/+1
|
* Fixed compilation of websockets on system where there is no implementation ↵Jocelyn Le Sage2017-06-133-8/+6
| | | | of base64 functions.
* Merge pull request #158 from kempniu/gtk-vnc-0.7.0-compatChristian Beier2017-05-151-1/+4
|\ | | | | websockets: Ensure compatibility with gtk-vnc 0.7.0+
| * Ensure compatibility with gtk-vnc 0.7.0+Michał Kępień2017-02-141-1/+4
| |
* | websockets: hide decode debug output per defaultChristian Beier2017-05-151-32/+41
| |
* | websockets: restore webSocketCheckDisconnect() to keep API compatibilityChristian Beier2017-05-141-0/+11
| |
* | remove potential 64 bit len overflow calculationAndreas Weigel2017-05-142-38/+31
| |
* | add decode support for continuation framesAndreas Weigel2017-05-143-46/+126
| | | | | | | | | | | | use FIN bit and implement opcode 0x00 make consistent use of uint64_t for big frame sizes
* | remove Hixie-specific MD5 and check functionsAndreas Weigel2017-05-142-68/+0
| |
* | add generation wstest to cmakeAndreas Weigel2017-05-142-25/+26
| | | | | | | | | | | | | | | | | | add wstestdata.c, because the python data generation script has too many dependencies remove some redundance from jpeg test creation add support for decoding close messages
* | add ws_decode testsAndreas Weigel2017-05-143-41/+41
| | | | | | | | | | | | | | | | | | modify automake to include ws_decode test add python frame generator for decode tests modify configure to only include ws_decode test if preconditions are fulfilled
* | remove obsolete hixie protocol supportAndreas Weigel2017-05-141-246/+51
| |
* | factor out hybi decode part to make it testableAndreas Weigel2017-05-143-580/+631
| | | | | | | | | | remove direct dependency on rfbClientPtr structure in hybi decode function(s)
* | fix overflow and refactor websockets decode (Hybi)Andreas Weigel2017-05-141-132/+463
| | | | | | | | | | | | | | | | | | | | | | fix critical heap-based buffer overflow which allowed easy modification of a return address via an overwritten function pointer fix bug causing connections to fail due a "one websocket frame = one ws_read" assumption, which failed with LibVNCServer-0.9.11 refactor websocket Hybi decode to use a simple state machine for decoding of websocket frames
* | font: Fix a small resource leak in a failure case in rfbLoadConsoleFont()Lioncash2017-05-101-0/+1
| | | | | | | | The file handle wouldn't be closed in this instance.
* | rfbInitServer: only init Winsock onceChristian Beier2017-02-211-1/+9
| |
* | Add an rfbLogPError that shows something on WIN32Christian Beier2017-02-211-0/+9
| |
* | Merge pull request #156 from The-42/drop-autotoolsChristian Beier2017-02-211-80/+0
|\ \ | | | | | | drop autotools
| * | drop autotoolsBert van Hall2017-02-131-80/+0
| |/ | | | | | | | | | | | | | | Since autotools officially is no longer supported (see various github issues), drop the related infrastructure to stop tempting people to use it for building. Signed-off-by: Bert van Hall <bert.vanhall@gmx.de>
* / Fix building in C89 modeChristian Beier2017-02-201-1/+12
|/ | | | FIXME: this should probably be refactored into a common header.
* Fix building websockets with GnuTLS.Christian Beier2017-01-281-3/+3
|
* Fix typoChristian Beier2017-01-281-1/+1
|
* Fix websockets buildingChristian Beier2017-01-281-0/+2
|
* Various #ifdef fixes to allow building with MSVC2014Christian Beier2017-01-286-3/+27
|
* Make websockets code build on OSX without SSL.Christian Beier2016-12-301-0/+13
|
* Use unprefixed b64_* functions in websockets code.Christian Beier2016-12-301-5/+5
|
* LibVNCServer: fix starting of an onHold-client in threaded mode.Christian Beier2016-12-281-9/+6
| | | | | | | | Discovered by madscientist159 on 11 Jan 2015: "noted in testing with the threaded server build, whereby if newClientHook() returned RFB_CLIENT_ON_HOLD there was no way to release the hold when the server became ready"
* websockets: Don't supply Sec-WebSocket-Protocol if not in requestKyle Russell2016-12-081-2/+11
|
* Write the correct length for end of headerSamuel Mannehed2016-12-021-1/+1
| | | | Fix for commit 65106d39627499ace4f1ed8701d3ab6c7f97f56f
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-25 01:17:04 +0000