From daeff52b1e0047ec7f0cd137bc7218f35e81ea20 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 2 Mar 2021 13:16:34 +0100 Subject: [PATCH] Fix some incorrect data waits Some of these were incorrectly calculated so the server or client would wait too long before proceeding with decoding. Change all of these to be a more explicit calculation to avoid such issues in the future. --- common/rfb/CMsgReader.cxx | 14 +++++++------- common/rfb/SMsgReader.cxx | 20 ++++++++++---------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/common/rfb/CMsgReader.cxx b/common/rfb/CMsgReader.cxx index 40fb5912..f69e21de 100644 --- a/common/rfb/CMsgReader.cxx +++ b/common/rfb/CMsgReader.cxx @@ -131,7 +131,7 @@ bool CMsgReader::readMsg() } if (state == MSGSTATE_RECT_HEADER) { - if (!is->hasData(12)) + if (!is->hasData(2 + 2 + 2 + 2 + 4)) return false; int x = is->readU16(); @@ -207,7 +207,7 @@ bool CMsgReader::readMsg() bool CMsgReader::readSetColourMapEntries() { - if (!is->hasData(5)) + if (!is->hasData(1 + 2 + 2)) return false; is->setRestorePoint(); @@ -236,7 +236,7 @@ bool CMsgReader::readBell() bool CMsgReader::readServerCutText() { - if (!is->hasData(7)) + if (!is->hasData(3 + 4)) return false; is->setRestorePoint(); @@ -385,7 +385,7 @@ bool CMsgReader::readFence() rdr::U8 len; char data[64]; - if (!is->hasData(8)) + if (!is->hasData(3 + 4 + 1)) return false; is->setRestorePoint(); @@ -421,7 +421,7 @@ bool CMsgReader::readEndOfContinuousUpdates() bool CMsgReader::readFramebufferUpdate() { - if (!is->hasData(3)) + if (!is->hasData(1 + 2)) return false; is->skip(1); @@ -625,7 +625,7 @@ bool CMsgReader::readSetVMwareCursor(int width, int height, const Point& hotspot rdr::U8 type; - if (!is->hasData(2)) + if (!is->hasData(1 + 1)) return false; type = is->readU8(); @@ -756,7 +756,7 @@ bool CMsgReader::readExtendedDesktopSize(int x, int y, int w, int h) int sx, sy, sw, sh; ScreenSet layout; - if (!is->hasData(4)) + if (!is->hasData(1 + 3)) return false; is->setRestorePoint(); diff --git a/common/rfb/SMsgReader.cxx b/common/rfb/SMsgReader.cxx index 944f9315..63188f21 100644 --- a/common/rfb/SMsgReader.cxx +++ b/common/rfb/SMsgReader.cxx @@ -122,7 +122,7 @@ bool SMsgReader::readSetPixelFormat() bool SMsgReader::readSetEncodings() { - if (!is->hasData(3)) + if (!is->hasData(1 + 2)) return false; is->setRestorePoint(); @@ -152,7 +152,7 @@ bool SMsgReader::readSetDesktopSize() int sx, sy, sw, sh; ScreenSet layout; - if (!is->hasData(7)) + if (!is->hasData(1 + 2 + 2 + 1 + 1)) return true; is->setRestorePoint(); @@ -165,7 +165,7 @@ bool SMsgReader::readSetDesktopSize() screens = is->readU8(); is->skip(1); - if (!is->hasDataOrRestore(screens * 24)) + if (!is->hasDataOrRestore(screens * (4 + 2 + 2 + 2 + 2 + 4))) return false; is->clearRestorePoint(); @@ -187,7 +187,7 @@ bool SMsgReader::readSetDesktopSize() bool SMsgReader::readFramebufferUpdateRequest() { - if (!is->hasData(17)) + if (!is->hasData(1 + 2 + 2 + 2 + 2)) return false; bool inc = is->readU8(); int x = is->readU16(); @@ -203,7 +203,7 @@ bool SMsgReader::readEnableContinuousUpdates() bool enable; int x, y, w, h; - if (!is->hasData(17)) + if (!is->hasData(1 + 2 + 2 + 2 + 2)) return false; enable = is->readU8(); @@ -224,7 +224,7 @@ bool SMsgReader::readFence() rdr::U8 len; char data[64]; - if (!is->hasData(8)) + if (!is->hasData(3 + 4 + 1)) return false; is->setRestorePoint(); @@ -254,7 +254,7 @@ bool SMsgReader::readFence() bool SMsgReader::readKeyEvent() { - if (!is->hasData(7)) + if (!is->hasData(1 + 2 + 4)) return false; bool down = is->readU8(); is->skip(2); @@ -265,7 +265,7 @@ bool SMsgReader::readKeyEvent() bool SMsgReader::readPointerEvent() { - if (!is->hasData(5)) + if (!is->hasData(1 + 2 + 2)) return false; int mask = is->readU8(); int x = is->readU16(); @@ -277,7 +277,7 @@ bool SMsgReader::readPointerEvent() bool SMsgReader::readClientCutText() { - if (!is->hasData(7)) + if (!is->hasData(3 + 4)) return false; is->setRestorePoint(); @@ -452,7 +452,7 @@ bool SMsgReader::readQEMUMessage() bool SMsgReader::readQEMUKeyEvent() { - if (!is->hasData(10)) + if (!is->hasData(2 + 4 + 4)) return false; bool down = is->readU16(); rdr::U32 keysym = is->readU32(); -- 2.39.5