OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
f9a70e7939
qemu-e2k/ui
History
Peter Lieven f9a70e7939 ui/vnc: limit client_cut_text msg payload size 
currently a malicious client could define a payload
size of 2^32 - 1 bytes and send up to that size of
data to the vnc server. The server would allocated
that amount of memory which could easily create an
out of memory condition.

This patch limits the payload size to 1MB max.

Please note that client_cut_text messages are currently
silently ignored.

Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-07-01 13:26:40 +02:00
..
cocoa.m ui/cocoa: Honour -show-cursor command line option 2014-06-29 22:00:33 +01:00
console.c qemu-char: introduce qemu_chr_alloc 2014-06-23 11:12:28 -04:00
curses_keys.h
curses.c input/curses: add kbd delay between keydown and keyup events 2014-06-04 08:40:42 +02:00
cursor_hidden.xpm
cursor_left_ptr.xpm
cursor.c
d3des.c
d3des.h
gtk.c gtk: update window size after showing/hiding tabs 2014-06-11 14:26:49 +02:00
input-keymap.c input: keymap: add meta keys 2014-05-26 08:42:43 +02:00
input-legacy.c input: use kbd delays for send_key monitor command 2014-06-04 08:40:41 +02:00
input.c input: add support for kbd delays 2014-06-04 08:40:41 +02:00
keymaps.c
keymaps.h
Makefile.objs
qemu-pixman.c
qemu-x509.h
sdl2-keymap.h
sdl2.c sdl2: textinput + terminal 2014-06-02 16:28:58 +02:00
sdl_keysym.h
sdl_zoom_template.h
sdl_zoom.c
sdl_zoom.h
sdl.c
spice-core.c qapi event: convert SPICE events 2014-06-23 11:12:28 -04:00
spice-display.c spice: fix 32bit build 2014-06-20 16:22:07 +01:00
spice-input.c
vgafont.h
vnc_keysym.h
vnc-auth-sasl.c
vnc-auth-sasl.h
vnc-auth-vencrypt.c
vnc-auth-vencrypt.h
vnc-enc-hextile-template.h
vnc-enc-hextile.c
vnc-enc-tight.c vnc-enc-tight: Fix divide-by-zero in tight_detect_smooth_image{16,24,32} 2014-06-02 16:30:52 +02:00
vnc-enc-tight.h
vnc-enc-zlib.c
vnc-enc-zrle-template.c
vnc-enc-zrle.c
vnc-enc-zrle.h
vnc-enc-zywrle-template.c
vnc-enc-zywrle.h
vnc-jobs.c
vnc-jobs.h
vnc-palette.c
vnc-palette.h
vnc-tls.c vnc: Drop superfluous conditionals around g_free() 2014-06-19 12:48:07 +02:00
vnc-tls.h
vnc-ws.c
vnc-ws.h
vnc.c ui/vnc: limit client_cut_text msg payload size 2014-07-01 13:26:40 +02:00
vnc.h qapi event: convert VNC events 2014-06-23 11:12:28 -04:00
x_keymap.c
x_keymap.h