mirror of
git://git.savannah.gnu.org/guix.git
synced 2023-12-14 03:33:07 +01:00
a789f654a0
* gnu/packages/vnc.scm (libvnc): New variable. gnu/packages/patches/libvnc-CVE-2018-20750.patch, gnu/packages/patches/libvnc-CVE-2019-15681.patch: New files. * gnu/local.mk: Add them.
23 lines
865 B
Diff
23 lines
865 B
Diff
From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
|
|
From: Christian Beier <dontmind@freeshell.org>
|
|
Date: Mon, 19 Aug 2019 22:32:25 +0200
|
|
Subject: [PATCH] rfbserver: don't leak stack memory to the remote
|
|
|
|
Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
|
|
---
|
|
libvncserver/rfbserver.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
|
|
index 3bacc891..310e5487 100644
|
|
--- a/libvncserver/rfbserver.c
|
|
+++ b/libvncserver/rfbserver.c
|
|
@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len)
|
|
rfbServerCutTextMsg sct;
|
|
rfbClientIteratorPtr iterator;
|
|
|
|
+ memset((char *)&sct, 0, sizeof(sct));
|
|
+
|
|
iterator = rfbGetClientIterator(rfbScreen);
|
|
while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
|
|
sct.type = rfbServerCutText;
|