This patch constrains a client cut text length to 1 MB. Otherwise
a client could make server allocate 2 GB of memory and that seems to
be to much to classify it as a denial of service.
The limit also prevents from an integer overflow followed by copying
an uninitilized memory when processing msg.cct.length value larger
than SIZE_MAX or INT_MAX - sz_rfbClientCutTextMsg.
This patch also corrects accepting length value of zero (malloc(0) is
interpreted on differnet systems differently).
CVE-2018-7225
<https://github.com/LibVNC/libvncserver/issues/218>
(cherry picked from commit 28afb6c537dc82ba04d5f245b15ca7205c6dbb9c)
When connecting to an AMD64 krfb server, it will not accept the correct password due to a word size issue. This was a regression somewhere around 2008, the Debian bug mail refers to it.
Thanks to Nick Leverton for the patch!
git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdenetwork@1260217 283d02a7-25f6-0310-bc7c-ecb5cbfe19da
This enables compilation under both Qt3 and Qt4
git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdenetwork@1237912 283d02a7-25f6-0310-bc7c-ecb5cbfe19da
Will need to watch for commit warnings and rebuild test
git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdenetwork@1061808 283d02a7-25f6-0310-bc7c-ecb5cbfe19da