Christian Beier
4a21bbd097
LibVNCClient: make sure Ultra decoding cannot dereference a null pointer
...
Closes #254
6 years ago
Christian Beier
6566ba5f02
CMake: require some form of hton64() for websockets
...
Closes #127
6 years ago
DRC
7063f607e4
Fix compilaton with gcc 4.4.x
...
Closes #204
Signed-off-by: Christian Beier <dontmind@freeshell.org>
6 years ago
Christian Beier
a83439b9fb
LibVNCClient: fix three possible heap buffer overflows
...
An attacker could feed `0xffffffff`, causing a `malloc(0)` for the
buffers which are subsequently written to.
Closes #247
6 years ago
Christian Beier
09f2f3fb6a
LibVNCClient: make sure ReadFromRFBServer() does not write after buffer end in CoRRE decoding
...
Closes #250
6 years ago
Christian Beier
c3115350eb
LibVNCClient: fix possible infinite loop
...
Closes #251
6 years ago
Christian Beier
2f5b2ad1c6
LibVNCClient: don't leak uninitialised memory to remote
...
The pad fields of the rfbClientCutTextMsg and rfbKeyEventMsg could contain arbitray memory belonging to the process,
don't leak this to the remote.
Closes #252
6 years ago
Christian Beier
8b06f835e2
When connecting to a repeater, only send initialised string
...
Closes #253
6 years ago
Christian Beier
5f3ea4e53d
CMake: build the repeater example as well
6 years ago
Christian Beier
e611616723
Remove the turbojpeg.h dependency from public headers
...
Closes #230
6 years ago
Christian Beier
5c968dd8a4
CMake: fix build error that occured on Windows with CMake 3.12
6 years ago
Christian Beier
587555c12a
AppVeyorCI: print CMake version
6 years ago
Christian Beier
77dce5b6af
CMake: only do jpeg-turbo tests if a libjpeg was found
6 years ago
Christian Beier
d6c907ffbc
Remove .gitignore obsoleted by CMake
...
re #248
6 years ago
Christian Beier
79516a6aa3
CMake: make get_link_libraries() not crash when there are no linked libraries at all
6 years ago
Christian Beier
474f64e5db
SDLvncviewer: work around SDL_TEXTINPUT not generating chars with CTRL down
6 years ago
Christian Beier
97c9b6c5d7
SDLvncviewer: handle mouse wheel events
6 years ago
Christian Beier
b0957702a8
SDLvncviewer: adhere to C89
6 years ago
Christian Beier
a2b5284e07
SDLvncviewer: implement Unicode input handling
6 years ago
Christian Beier
19660ff64d
TravisCI: install SDL2 dev packages for OSX as well
6 years ago
Christian Beier
b917d8f236
TravisCI: install SDL2 dev packages
6 years ago
Christian Beier
c562ed4b99
SDLvncviewer: remove obsolete video scaling code
6 years ago
Christian Beier
bfdb850bfb
SDLvncviewer: use SDL2 for clipboard handling
...
By using this, we can get rid of our own homebrewn solution scrap.[c|h] and drop X11 from the build system.
6 years ago
Christian Beier
8f1b565dbe
SDLvncviewer: make input work with SDL2
...
... at least somewhat. This is far from perfect but no regression compared to SDL1.2 functionality.
6 years ago
Christian Beier
65126b5826
SDLvncviewer: make display work with SDL2
6 years ago
Christian Beier
4d3c7dfc04
CMake: look for SDL2 instead of SDL
...
FindSDL2.cmake was downloaded from
https://github.com/tcbrindle/sdl2-cmake-scripts/blob/master/FindSDL2.cmake
6 years ago
Christian Beier
436a047f56
SDLvncviewer: add a very simple GetCredentials callback
6 years ago
Christian Beier
1781ecda34
CMake: add a LIBVNCSERVER_HAVE_GNUTLS #define
6 years ago
Christian Beier
e775aec64e
build: decouple GnuTLS|OpenSSL detection from WebSockets support
6 years ago
Christian Beier
3c05dd565e
crypto: remove polarssl wrapper
...
This is not even in the build system anymore.
7 years ago
Christian Beier
a2ebdf46cc
CMake: declare that websockets depend on crypto
7 years ago
Christian Beier
49f1d8de47
build: remove LIBVNCSERVER_WITH_CLIENT_TLS #define
...
It is not used anywhere anymore.
7 years ago
Christian Beier
85fb69515c
crypto: move to common
...
As of now, only LibVNCServer makes uses of these digest functions _and_
they depend on sys/uio.h, but in the future LibVNCClient will need those
as well.
7 years ago
Christian Beier
161e7cab02
Merge pull request #235 from eddiejames/master
...
Tight: export SendCompressedData and SendTightHeader functions
7 years ago
Eddie James
dd873fce45
Tight: export SendCompressedData and SendTightHeader functions
...
These functions can be used to send already compressed jpegs to a
client, circumventing the usual rect/region update methods which
operate on a raw rgb framebuffer. Rename the functions with the usual
rfb prefix and add the prototypes in rfb.h.
Signed-off-by: Eddie James <eajames@us.ibm.com>
7 years ago
Christian Beier
a67e22dd1f
AppVeyorCI: remove unused statements
7 years ago
Christian Beier
84dee73eee
AppVeyorCI: remove Visual Studio 2013 as it somehow got broken at AppVeyor's side
7 years ago
Christian Beier
127b44ca0e
README: remove reference to functions not existing anymore
...
Closes #202 .
7 years ago
Christian Beier
b997331e52
Merge pull request #215 from BastiaanOlij/fix_nozlib_compile_error
...
libvncclient: zrle.c: Move undef of REALBPP down
rfbproto.c which includes this file expects an undefined REALBPP after the inclusion. Do this whether or not there is zlib available.
7 years ago
Christian Beier
5c0ff7e072
CMake: require FFMPEG version >= 3.1.0
...
re #231
7 years ago
Christian Beier
7e7103071b
AppVeyorCI: build with Visual Studio 2017 as well
7 years ago
Christian Beier
f23248a415
rfbserver: fix a typo
7 years ago
Christian Beier
449cbe9028
rfbserver: get rid of inttypes.h again
7 years ago
Christian Beier
b0c77391e6
Merge branch 'clientcuttext' of https://github.com/ppisar/libvncserver into ppisar-clientcuttext
7 years ago
Christian Beier
078590786c
libvncclient/sasl: prefix the header guard (again) to fix a warning
7 years ago
Christian Beier
71c3215d8f
SDLvncviewer: enable the X11 clipboard if X11 was found
7 years ago
Christian Beier
c49204c815
androidvncserver: fix print_usage and a compiler warning
7 years ago
Christian Beier
8d4d021966
androidvncserver: add some boilerplate comment that should have been in the 1st code drop
7 years ago
Christian Beier
c7c18332c8
androidvncserver: fix a quite serious typo
...
Closes #225 .
7 years ago
Petr Písař
28afb6c537
Limit client cut text length to 1 MB
...
This patch constrains a client cut text length to 1 MB. Otherwise
a client could make server allocate 2 GB of memory and that seems to
be to much to classify it as a denial of service.
The limit also prevents from an integer overflow followed by copying
an uninitilized memory when processing msg.cct.length value larger
than SIZE_MAX or INT_MAX - sz_rfbClientCutTextMsg.
This patch also corrects accepting length value of zero (malloc(0) is
interpreted on differnet systems differently).
CVE-2018-7225
<https://github.com/LibVNC/libvncserver/issues/218 >
7 years ago