Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
LibVNCServer
LibVNCServer-CVE-2019-20840.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File LibVNCServer-CVE-2019-20840.patch of Package LibVNCServer
Index: libvncserver-LibVNCServer-0.9.10/libvncserver/websockets.c =================================================================== --- libvncserver-LibVNCServer-0.9.10.orig/libvncserver/websockets.c 2020-07-09 10:00:41.160582292 +0200 +++ libvncserver-LibVNCServer-0.9.10/libvncserver/websockets.c 2020-07-09 10:02:54.881372618 +0200 @@ -880,7 +880,6 @@ hybiReadAndDecode(rfbClientPtr cl, char int bufsize; int nextRead; unsigned char *data; - uint32_t *data32; ws_ctx_t *wsctx = (ws_ctx_t *)cl->wsctx; /* if data was carried over, copy to start of buffer */ @@ -938,10 +937,12 @@ hybiReadAndDecode(rfbClientPtr cl, char /* for a possible base64 decoding, we decode multiples of 4 bytes until * the whole frame is received and carry over any remaining bytes in the carry buf*/ data = (unsigned char *)hybiPayloadStart(wsctx); - data32= (uint32_t *)data; for (i = 0; i < (toDecode >> 2); i++) { - data32[i] ^= wsctx->header.mask.u; + uint32_t tmp; + memcpy(&tmp, data + i * sizeof(tmp), sizeof(tmp)); + tmp ^= wsctx->header.mask.u; + memcpy(data + i * sizeof(tmp), &tmp, sizeof(tmp)); } rfbLog("mask decoding; i=%d toDecode=%d\n", i, toDecode);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor