From: Pierre Ossman <ossman@cendio.se>
Date: Sat, 23 May 2020 10:17:55 +0000 (+0200)
Subject: Reject too large screen resize requests
X-Git-Tag: v1.10.90~28
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=e97da59a763339d37a74da6326d9045ce73a02d4;p=tigervnc.git

Reject too large screen resize requests

We'll just crash later if we try to use such a large screen, so reject
the request from the client instead and keep the server running.
---

diff --git a/common/rfb/VNCServerST.cxx b/common/rfb/VNCServerST.cxx
index b3cc7a1f..8329bb23 100644
--- a/common/rfb/VNCServerST.cxx
+++ b/common/rfb/VNCServerST.cxx
@@ -527,6 +527,11 @@ unsigned int VNCServerST::setDesktopSize(VNCSConnectionST* requester,
   unsigned int result;
   std::list<VNCSConnectionST*>::iterator ci, ci_next;
 
+  // We can't handle a framebuffer larger than this, so don't let a
+  // client set one (see PixelBuffer.cxx)
+  if ((fb_width > 16384) || (fb_height > 16384))
+    return resultProhibited;
+
   // Don't bother the desktop with an invalid configuration
   if (!layout.validate(fb_width, fb_height))
     return resultInvalid;