diff options
author | Michal Srb <michalsrb@gmail.com> | 2017-03-29 17:00:30 +0300 |
---|---|---|
committer | Michal Srb <michalsrb@gmail.com> | 2017-03-30 03:25:02 +0300 |
commit | 9801c5efcf8c1774d9c807ebd5d27ac7049ad993 (patch) | |
tree | cd98032c253310d920f6ccf2074d17e7534bb649 /common/rfb/SSecurityPlain.cxx | |
parent | d71508b94bd1c6f0d8be89aa559a8a7de48f7f3f (diff) | |
download | tigervnc-9801c5efcf8c1774d9c807ebd5d27ac7049ad993.tar.gz tigervnc-9801c5efcf8c1774d9c807ebd5d27ac7049ad993.zip |
Fix checkNoWait logic in SSecurityPlain.
Currently it proceeds only if there aren't enough data in queue and then it blocks waiting.
Also the required amount to receive from network is (ulen + plen), not (ulen + plen + 2).
This allowed not authenticated clients to deny service to everyone.
Diffstat (limited to 'common/rfb/SSecurityPlain.cxx')
-rw-r--r-- | common/rfb/SSecurityPlain.cxx | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx index f5a5cc73..05315490 100644 --- a/common/rfb/SSecurityPlain.cxx +++ b/common/rfb/SSecurityPlain.cxx @@ -92,7 +92,7 @@ bool SSecurityPlain::processMsg(SConnection* sc) } if (state == 1) { - if (is->checkNoWait(ulen + plen + 2)) + if (!is->checkNoWait(ulen + plen)) return false; state = 2; pw = new char[plen + 1]; |