From 729598cb00d791bbdfe23ebe0023d3a1c3962f83 Mon Sep 17 00:00:00 2001 From: Constantin Kaplinsky Date: Thu, 25 May 2006 05:12:25 +0000 Subject: Migrating to new directory structure adopted from the RealVNC's source tree. More changes will follow. git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@591 3789f03b-4d11-0410-bbf8-ca57d06f2519 --- win/rfb_win32/WMShatter.h | 50 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 win/rfb_win32/WMShatter.h (limited to 'win/rfb_win32/WMShatter.h') diff --git a/win/rfb_win32/WMShatter.h b/win/rfb_win32/WMShatter.h new file mode 100644 index 00000000..3ea63b1a --- /dev/null +++ b/win/rfb_win32/WMShatter.h @@ -0,0 +1,50 @@ +/* Copyright (C) 2002-2005 RealVNC Ltd. All Rights Reserved. + * + * This is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this software; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, + * USA. + */ + +// -=- WMShatter.h +// +// WMShatter provides the IsSafeWM routine, which returns true iff the +// supplied window message is safe to pass to DispatchMessage, or to +// process in the window procedure. +// +// This is only required, of course, to avoid so-called "shatter" attacks +// to be made against the VNC server, which take advantage of the noddy +// design of the Win32 window messaging system. +// +// The API here is designed to hopefully be future proof, so that if they +// ever come up with a proper way to determine whether a message is safe +// or not then it can just be reimplemented here... + +#ifndef __RFB_WIN32_SHATTER_H__ +#define __RFB_WIN32_SHATTER_H__ + +#include + +namespace rfb { + namespace win32 { + + bool IsSafeWM(HWND window, UINT msg, WPARAM wParam, LPARAM lParam); + + LRESULT SafeDefWindowProc(HWND wnd, UINT msg, WPARAM wParam, LPARAM lParam); + + LRESULT SafeDispatchMessage(const MSG* msg); + + }; +}; + +#endif // __RFB_WIN32_SHATTER_H__ -- cgit v1.2.3