Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
spice-vdagent
0002-CVE-2020-25651-vdagentd-do-not-allow-to-us...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0002-CVE-2020-25651-vdagentd-do-not-allow-to-use-an-already-used-file-xfer-id.patch of Package spice-vdagent
Subject: vdagentd: do not allow to use an already used file-xfer id From: Uri Lublin uril@redhat.com Sun Oct 11 20:59:17 2020 +0300 Date: Tue Nov 3 09:44:05 2020 +0000: Git: b7db1c20c9f80154fb54392eb44add3486d3e427 Signed-off-by: Uri Lublin <uril@redhat.com> Acked-by: Frediano Ziglio <fziglio@redhat.com> Index: spice-vdagent-0.16.0/src/vdagentd.c =================================================================== --- spice-vdagent-0.16.0.orig/src/vdagentd.c +++ spice-vdagent-0.16.0/src/vdagentd.c @@ -346,6 +346,13 @@ static void do_client_file_xfer(struct v "Cancelling client file-xfer request %u", s->id); return; + } else if (g_hash_table_lookup(active_xfers, GUINT_TO_POINTER(s->id)) != NULL) { + // id is already used -- client is confused + cancel_file_xfer(vport, + "File transfer ID is already used. " + "Cancelling client file-xfer request %u", + s->id); + return; } msg_type = VDAGENTD_FILE_XFER_START; id = s->id;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor