Be defensive about overflows in stream objects - tigervnc.git - High performance, multi-platform VNC client and server: https://github.com/TigerVNC/tigervnc

diff options

author	Pierre Ossman <ossman@cendio.se>	2019-09-24 09:41:07 +0200
committer	Pierre Ossman <ossman@cendio.se>	2019-11-15 12:15:47 +0100
commit	75e6e0653a48baf474fd45d78b1da53e2f324642 (patch)
tree	8159e0ad7abb2e69604c6ad3cbc00ebceb867c3d /tests/unit
parent	0943c006c7d900dfc0281639e992791d6c567438 (diff)
download	tigervnc-75e6e0653a48baf474fd45d78b1da53e2f324642.tar.gz tigervnc-75e6e0653a48baf474fd45d78b1da53e2f324642.zip

Be defensive about overflows in stream objects

We use a lot of lengths given to us over the network, so be more paranoid about them causing an overflow as otherwise an attacker might trick us in to overwriting other memory. This primarily affects the client which often gets lengths from the server, but there are also some scenarios where the server might theoretically be vulnerable. Issue found by Pavel Cheremushkin from Kaspersky Lab.

Diffstat (limited to 'tests/unit')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: