rpms / libvncserver

Clone
Source Code
GIT

Blame SOURCES/libvncserver-0.9.11-CVE-2018-21247.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s
  1.   c8-beta
  2.   SOURCES
  3.   libvncserver-0.9.11-CVE-2018-21247.patch
Blob History Raw
80465d 
From d87d25516b3992e52cf79e3cd6bd331b0baceecf Mon Sep 17 00:00:00 2001
80465d 
From: Christian Beier <dontmind@freeshell.org>
80465d 
Date: Sun, 17 Nov 2019 16:21:18 +0100
80465d 
Subject: [PATCH] When connecting to a repeater, make sure to not leak memory
80465d
80465d 
Really closes #253
80465d 
---
80465d 
 examples/repeater.c     | 1 +
80465d 
 libvncclient/rfbproto.c | 1 +
80465d 
 2 files changed, 2 insertions(+)
80465d
80465d 
diff --git a/examples/repeater.c b/examples/repeater.c
80465d 
index cf0350ff..7047578d 100644
80465d 
--- a/examples/repeater.c
80465d 
+++ b/examples/repeater.c
80465d 
@@ -23,6 +23,7 @@ int main(int argc,char** argv)
80465d 
       "Usage: %s <id> <repeater-host> [<repeater-port>]\n", argv[0]);
80465d 
     exit(1);
80465d 
   }
80465d 
+  memset(id, 0, sizeof(id));
80465d 
   snprintf(id, sizeof(id) - 1, "ID:%s", argv[1]);
80465d 
   repeaterHost = argv[2];
80465d 
   repeaterPort = argc < 4 ? 5500 : atoi(argv[3]);
80465d 
diff --git a/libvncclient/rfbproto.c b/libvncclient/rfbproto.c
80465d 
index 6c07d97e..675248fa 100644
80465d 
--- a/libvncclient/rfbproto.c
80465d 
+++ b/libvncclient/rfbproto.c
80465d 
@@ -402,6 +402,7 @@ rfbBool ConnectToRFBRepeater(rfbClient* client,const char *repeaterHost, int rep
80465d
80465d 
   rfbClientLog("Connected to VNC repeater, using protocol version %d.%d\n", major, minor);
80465d
80465d 
+  memset(tmphost, 0, sizeof(tmphost));
80465d 
   snprintf(tmphost, sizeof(tmphost), "%s:%d", destHost, destPort);
80465d 
   if (!WriteToRFBServer(client, tmphost, sizeof(tmphost)))
80465d 
     return FALSE;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation