We now filter incoming data, which means we can start assuming the
clipboard data is always null terminated. This allows us to clean
up a lot of the internal handling.
This is required by the protocol so we should make sure it is
enforced. We are tolerant of clients that violate this though and
convert incoming clipboard data.
Let CMsgHandler::serverInit() handle initial set up
Avoid using the callbacks used for runtime changes for the initial
setup. They weren't really useful anyway as you could not allocate
a framebuffer without also knowing the pixel format. So make things
more clear by letting serverInit() get the initial settings.
Avoid direct access to the screen dimensions and layout so that we
can make sure it stays sane. This also makes sure the layout is
properly updated when we only get the screen dimensions from the
server.
This adds the basic infrastructure and handshake for the QEMU
Extended Key Events extension. No viewer or server makes use of
the extra functionality yet though.
Width and height of a cursor are received as U16 from network. Accepting full range of U16 values can cause integer overflows in multiple places.
The worst is probably VLA in CMsgReader::readSetXCursor:
rdr::U8 buf[width*height*4];
The width*height*4 can be too big to fit on stack or it can overflow into negative numbers. Both cases are undefined behaviour. Following writes to buf can overwrite other data on stack.
Encoders/decoders should track the connection object
The connection object is a much more appropriate object for the
decoders and encoders to keep track of. Besides the streams, it also
contains state like connection parameters.
Eliminate GCC signed/unsigned warnings related to encodings: The
encoding in the RFB protocol has always been signed, and signed values
are also used in the specification (ie DesktopName = -307 etc). In the
code, however, unsigned types were used in a number of places, but not
all, which causes warnings. This patch fixes the problem by switching
to signed values everywhere.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@3968 3789f03b-4d11-0410-bbf8-ca57d06f2519
[Bugfix] Use rdr::U32 type for length of strings handled by *CutText functions.
This avoids big buffer overflow when memcpy is called with "-1" argument.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@3607 3789f03b-4d11-0410-bbf8-ca57d06f2519
Implemented support for DesktopName pseudo encoding, which allows
updating the desktop name on the fly.
Tested in ThinLinc since 2008-01-07.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@3549 3789f03b-4d11-0410-bbf8-ca57d06f2519