aboutsummaryrefslogtreecommitdiffstats
path: root/common/rfb/SSecurityPlain.cxx
diff options
context:
space:
mode:
authorMichal Srb <michalsrb@gmail.com>2017-03-29 17:00:30 +0300
committerMichal Srb <michalsrb@gmail.com>2017-03-30 03:25:02 +0300
commit9801c5efcf8c1774d9c807ebd5d27ac7049ad993 (patch)
treecd98032c253310d920f6ccf2074d17e7534bb649 /common/rfb/SSecurityPlain.cxx
parentd71508b94bd1c6f0d8be89aa559a8a7de48f7f3f (diff)
downloadtigervnc-9801c5efcf8c1774d9c807ebd5d27ac7049ad993.tar.gz
tigervnc-9801c5efcf8c1774d9c807ebd5d27ac7049ad993.zip
Fix checkNoWait logic in SSecurityPlain.
Currently it proceeds only if there aren't enough data in queue and then it blocks waiting. Also the required amount to receive from network is (ulen + plen), not (ulen + plen + 2). This allowed not authenticated clients to deny service to everyone.
Diffstat (limited to 'common/rfb/SSecurityPlain.cxx')
-rw-r--r--common/rfb/SSecurityPlain.cxx2
1 files changed, 1 insertions, 1 deletions
diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx
index f5a5cc73..05315490 100644
--- a/common/rfb/SSecurityPlain.cxx
+++ b/common/rfb/SSecurityPlain.cxx
@@ -92,7 +92,7 @@ bool SSecurityPlain::processMsg(SConnection* sc)
}
if (state == 1) {
- if (is->checkNoWait(ulen + plen + 2))
+ if (!is->checkNoWait(ulen + plen))
return false;
state = 2;
pw = new char[plen + 1];