| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use a lot of lengths given to us over the network, so be more
paranoid about them causing an overflow as otherwise an attacker
might trick us in to overwriting other memory.
This primarily affects the client which often gets lengths from the
server, but there are also some scenarios where the server might
theoretically be vulnerable.
Issue found by Pavel Cheremushkin from Kaspersky Lab.
(cherry picked from commit 75e6e0653a48baf474fd45d78b1da53e2f324642)
|
| |
|
|
|
|
|
|
|
|
| |
Provides safety against them accidentally becoming negative because
of bugs in the calculations.
Also does the same to CharArray and friends as they were strongly
connection to the stream objects.
(cherry picked from commit 0943c006c7d900dfc0281639e992791d6c567438)
|
| |
|
|
| |
(cherry picked from commit 4ff58f0acaeb566b79ae12cf013b376eaaaab834)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the checks around to avoid missing cases where we might access
memory that is no longer valid. Also avoid touching the underlying
stream implicitly (e.g. via the destructor) as it might also no
longer be valid.
A malicious server could theoretically use this for remote code
execution in the client.
Issue found by Pavel Cheremushkin from Kaspersky Lab
(cherry picked from commit d61a767d6842b530ffb532ddd5a3d233119aad40)
|
| | |
|
| | |
|
| |
|
|
|
| |
Applets don't work anymore so remove everything that has to do
with serving them.
|
| | |
|
| |
|
|
| |
We already assume sockets here since we use select().
|
| | |
|
| | |
|
| |
|
|
|
| |
Include the type of exception in the string generated by each
subclass. Also simplify the constructs to what is needed.
|
| |
|
|
|
|
|
|
|
| |
fread() returns size_t, which is unsigned. Don't check
for negative values to avoid warnings from Clang.
/home/shade/dev/tigervnc/common/rdr/FileInStream.cxx:74:13: error: comparison of unsigned expression < 0 is always false [-Werror,-Wtautological-compare]
if (n < 0 || ferror(file))
~ ^ ~
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix warnings emitted by Clang:
/home/shade/dev/tigervnc/common/rdr/FdInStream.h:30:9: error: 'rdr::FdInStreamBlockCallback' has virtual functions but non-virtual destructor [-Werror,-Wnon-virtual-dtor]
class FdInStreamBlockCallback {
^
In file included from /home/shade/dev/tigervnc/common/network/TcpSocket.cxx:44:
In file included from /home/shade/dev/tigervnc/common/network/TcpSocket.h:31:
/home/shade/dev/tigervnc/common/network/Socket.h:82:9: error: 'network::ConnectionFilter' has virtual functions but non-virtual destructor [-Werror,-Wnon-virtual-dtor]
class ConnectionFilter {
^
..etc
|
| |
|
|
|
|
|
| |
This bug was introduced in c6df31db. A non-blocking socket that did
not have any more space would busy loop until the write succeeded.
Instead now it returns without any action, just as it did before
the bug was introduced.
|
| |
|
|
| |
The logic was a bit confusing and superfluous.
|
| |
|
|
| |
We haven't supported such an old version of Windows for some time.
|
| |
|
|
|
|
|
|
|
| |
It previously only did a reset of the ZlibInStream object, not the
underlying zlib stream. It also had the side effect of flushing
the underlying stream and disassociating from it.
Clear things up by changing the naming, and introducing a proper
reset function (which is needed by the Tight decoder).
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
mingw has a perfectly functional gettimeofday() so use that instead
of having multiple copies of our own version.
|
| | |
|
| |
|
|
|
| |
Some Winsock errno:s conflict with the standard ones. Try to
restrict the redefines to things relevant for sockets.
|
| |\
| |
| |
| |
| |
| | |
Conflicts:
contrib/packages/rpm/el5/SPECS/tigervnc.spec
vncviewer/Viewport.cxx
|
| | |
| |
| |
| |
| |
| | |
This allows us to simplify things by getting rid of some old
compatibility code. People should really be using current versions
of GnuTLS anyway to stay secure.
|
| | |
| |
| |
| |
| | |
Either by casting, or switching to a more appropriate type
for the variable.
|
| | | |
|
| | |
| |
| |
| |
| | |
This allows the compiler to analyse the format strings and
arguments for correctness.
|
| |\ \ |
|
| | |/ |
|
| |/
|
|
|
|
|
|
| |
In earlier Visual Studio and MinGW editions, BSD socket errno:s were
left undefined. This is no longer the case. This may cause build or
runtime errors. To avoid this, we are using a common header file which
corrects all definitions. This header will also be used with other
projects such as sercd, unfs3, PulseAudio etc.
|
| |
|
|
| |
It is rdr and network that needs it, not vncviewer.
|
| |
|
|
|
| |
The input string might contain formatting marks, so make sure those
are ignored.
|
| |
|
|
| |
Keep the generic stream classes clean and general.
|
| |
|
|
| |
It's either not used, or no longer relevant.
|
| |
|
|
|
|
|
|
| |
gnutls_transport_set_errno(). Make sure we call the right errno function
depending on which GnuTLS we're using.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4922 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
|
|
|
| |
containing stream object. This is in preparation for supporting GnuTLS 3.x.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4921 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
| |
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4802 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
|
|
|
|
| |
return back to the Xorg main loop, meaning that things will be more responsive
in the presence of slow VNC clients.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4735 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
|
|
|
| |
not detecting the correct approach properly, and hence still getting crashes.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4731 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
| |
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4648 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
|
|
|
| |
need to be explicit with -fPIC here as we use these in libvnc.so.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4645 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
|
|
| |
overflow in less than a minute if using a full-screen video or 3D application.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4639 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
|
|
| |
parameters were determined through extensive low-level profiling (see http://www.virtualgl.org/pmwiki/uploads/About/turbototiger.pdf). The other enhancements involved: (1) porting the solid subrectangle pre-computation code from TightVNC/TurboVNC (it makes a pretty big difference-- see report), (2) encapsulating the JPEG encoder in its own class (this eliminates a buffer copy, and the JPEG buffer is now set to a decent size where it shouldn't ever need to be paged or re-allocated, except in rare corner cases), (3) adding support for last rect. encoding (necessary to support the solid rectangle pre-computation enhancements.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4626 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
| |
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4623 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
|
|
| |
compress buffer allocated by the Tight encoder was not large enough, and (2) Zlib 1.2.5 can sometimes call deflate(..., Z_BLOCK) within the body of deflateParams(), so we need to check avail_in after calling checkCompressionLevel() to ensure that there is still data left to compress before we call deflate() again.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4617 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
| |
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4540 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
| |
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4530 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
| |
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4508 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
