Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
spice-gtk
0001-quic-Check-we-have-some-data-to-start-deco...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch of Package spice-gtk
From 00b692f65557d5d1339a10fefac6269d5a424c36 Mon Sep 17 00:00:00 2001 From: Frediano Ziglio <freddy77@gmail.com> Date: Wed, 29 Apr 2020 15:09:13 +0100 Subject: [PATCH 1/4] quic: Check we have some data to start decoding quic image All paths already pass some data to quic_decode_begin but for the test check it, it's not that expensive test. Checking for not 0 is enough, all other words will potentially be read calling more_io_words but we need one to avoid a potential initial buffer overflow or deferencing an invalid pointer. Signed-off-by: Frediano Ziglio <freddy77@gmail.com> Acked-by: Uri Lublin <uril@redhat.com> Signed-off-by: Bruce Rogers <brogers@suse.com> --- common/quic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spice-common/common/quic.c b/spice-common/common/quic.c index f91b23f..a7dfc86 100644 --- a/spice-common/common/quic.c +++ b/spice-common/common/quic.c @@ -1147,7 +1147,7 @@ int quic_decode_begin(QuicContext *quic, uint32_t *io_ptr, unsigned int num_io_w int channels; int bpc; - if (!encoder_reste(encoder, io_ptr, io_ptr_end)) { + if (!num_io_words || !encoder_reste(encoder, io_ptr, io_ptr_end)) { return QUIC_ERROR; } -- 2.28.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor