]> source.dussan.org Git - tigervnc.git/commit
projects / tigervnc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f1b9b86) | patch
Add sanity checks for PixelFormat shift values
authorPierre Ossman <ossman@cendio.se>
Tue, 10 Sep 2019 14:07:50 +0000 (16:07 +0200)
committerPierre Ossman <ossman@cendio.se>
Fri, 15 Nov 2019 10:22:16 +0000 (11:22 +0100)
commitcd1d650c532a46e95a1229dffaf281c76a50cdfe
tree42d3958722b12bf7e3f609c3b403898d895db881tree | snapshot
parentf1b9b868ec943d51ef631f53a095d48d3f178f4fcommit | diff
Add sanity checks for PixelFormat shift values

Otherwise we might be tricked in to reading and writing things at
incorrect offsets for pixels which ultimately could result in an
attacker writing things to the stack or heap and executing things
they shouldn't.

This only affects the server as the client never uses the pixel
format suggested by th server.

Issue found by Pavel Cheremushkin from Kaspersky Lab.
common/rfb/PixelFormat.cxx diff | blob | history
tests/unit/pixelformat.cxx diff | blob | history
High performance, multi-platform VNC client and server: https://github.com/TigerVNC/tigervnc