search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
python3Packages.orjson: Disable failing tests on 32 bit
[NixPkgs.git] / pkgs / tools / admin / tightvnc / 1.3.10-CVE-2019-15679.patch
blob6d7b3e89e0c475a069488113eb7fbd599c1133e0
1 Adapted from https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7
2 diff --git a/vncviewer/rfbproto.c b/vncviewer/rfbproto.c
3 index 04b0230..bd11b54 100644
4 --- a/vncviewer/rfbproto.c
5 +++ b/vncviewer/rfbproto.c
6 @@ -303,7 +303,12 @@ InitialiseRFBConnection(void)
7 si.format.blueMax = Swap16IfLE(si.format.blueMax);
8 si.nameLength = Swap32IfLE(si.nameLength);
9
10 - /* FIXME: Check arguments to malloc() calls. */
11 + if (si.nameLength > 1<<20) {
12 + fprintf(stderr, "Too big desktop name length sent by server: %lu B > 1 MB\n",
13 + (unsigned long)si.nameLength);
14 + return False;
15 + }
16 +
17 desktopName = malloc(si.nameLength + 1);
18 if (!desktopName) {
19 fprintf(stderr, "Error allocating memory for desktop name, %lu bytes\n",
Nix packages repository - mirror of https://github.com/NixOS/nixpkgs