OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
38ee14f4f3
qemu-e2k/ui
History
Gerd Hoffmann 38ee14f4f3 vnc: fix use-after-free in vnc_update_client_sync 
Spotted by Coverity:

876     static int vnc_update_client_sync(VncState *vs, int has_dirty)
877     {

(1) Event freed_arg:    "vnc_update_client(VncState *, int)" frees "vs".  [details]
Also see events:        [deref_arg]

878         int ret = vnc_update_client(vs, has_dirty);

(2) Event deref_arg:    Calling "vnc_jobs_join(VncState *)" dereferences freed pointer "vs". [details]
Also see events:        [freed_arg]

879         vnc_jobs_join(vs);
880         return ret;
881     }

Remove vnc_update_client_sync wrapper, replace it with an additional
argument to vnc_update_client, so we can so the sync properly in
vnc_update_client (i.e. skip it in case of a client disconnect).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2014-03-10 12:35:04 +01:00
..
cocoa.m input: mouse: switch cocoa ui to new core 2014-03-05 09:52:03 +01:00
console.c console: add QemuUIInfo 2014-03-05 09:52:04 +01:00
curses_keys.h
curses.c input: keyboard: switch curses ui to new core 2014-03-05 09:50:18 +01:00
cursor_hidden.xpm
cursor_left_ptr.xpm
cursor.c
d3des.c
d3des.h
gtk.c input: mouse: switch gtk ui to new core 2014-03-05 09:52:02 +01:00
input-legacy.c input: remove index_from_keycode (no users) 2014-03-05 09:52:04 +01:00
input.c input: move do_mouse_set to new core 2014-03-05 09:52:04 +01:00
keymaps.c qemu-char: add support for U-prefixed symbols 2013-11-13 15:48:38 +04:00
keymaps.h
Makefile.objs ui/sdl2 : initial port to SDL 2.0 (v2.0) 2014-03-05 09:52:05 +01:00
qemu-pixman.c pixman: render vgafont glyphs into pixman images 2013-04-16 09:03:47 +02:00
qemu-x509.h
sdl2-keymap.h ui/sdl2 : initial port to SDL 2.0 (v2.0) 2014-03-05 09:52:05 +01:00
sdl2.c ui/sdl2 : initial port to SDL 2.0 (v2.0) 2014-03-05 09:52:05 +01:00
sdl_keysym.h ui/sdl2 : initial port to SDL 2.0 (v2.0) 2014-03-05 09:52:05 +01:00
sdl_zoom_template.h
sdl_zoom.c
sdl_zoom.h
sdl.c ui/sdl2 : initial port to SDL 2.0 (v2.0) 2014-03-05 09:52:05 +01:00
spice-core.c spice: move spice_server_vm_{start,stop} calls into qemu_spice_display_*() 2013-12-16 10:12:20 +01:00
spice-display.c spice: move qemu_spice_display_*() from spice-graphics to spice-core 2013-12-16 10:12:20 +01:00
spice-input.c input: mouse: switch spice ui to new core 2014-03-05 09:52:03 +01:00
vgafont.h
vnc_keysym.h qemu-char: add missing characters used in keymaps 2013-11-13 15:48:38 +04:00
vnc-auth-sasl.c
vnc-auth-sasl.h aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
vnc-auth-vencrypt.c aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
vnc-auth-vencrypt.h
vnc-enc-hextile-template.h
vnc-enc-hextile.c
vnc-enc-tight.c vnc: Fix tight_detect_smooth_image() for lossless case 2014-03-10 12:35:04 +01:00
vnc-enc-tight.h
vnc-enc-zlib.c
vnc-enc-zrle-template.c
vnc-enc-zrle.c
vnc-enc-zrle.h
vnc-enc-zywrle-template.c
vnc-enc-zywrle.h misc: Spelling and grammar fixes in comments 2013-10-26 13:06:45 +04:00
vnc-jobs.c vnc: Fix qemu crashed when vnc client disconnect suddenly 2014-03-10 12:35:04 +01:00
vnc-jobs.h
vnc-palette.c
vnc-palette.h
vnc-tls.c TLS support for VNC Websockets 2013-05-03 12:04:57 -05:00
vnc-tls.h
vnc-ws.c aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
vnc-ws.h TLS support for VNC Websockets 2013-05-03 12:04:57 -05:00
vnc.c vnc: fix use-after-free in vnc_update_client_sync 2014-03-10 12:35:04 +01:00
vnc.h input: mouse: switch vnc ui to new core 2014-03-05 09:52:02 +01:00
x_keymap.c
x_keymap.h