Rebase patches so all apply, backport crasher fix (#1882718)

2020-10-09 16:28:47 -07:00 · 2020-10-09 16:28:47 -07:00 · 5cf3fbdaab
commit 5cf3fbdaab
parent ef4793207b
6 changed files with 99 additions and 60 deletions
--- a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
+++ b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
@ -1,7 +1,7 @@
-From 450f4a50771fd36cdd170356f83ebab5ff0dea51 Mon Sep 17 00:00:00 2001
+From e4849b01fec4494057728d1aa3a165ed21705682 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
 Date: Mon, 11 Jun 2018 23:47:02 +0200
-Subject: [PATCH 1/2] libvncserver: Add API to add custom I/O entry points
+Subject: [PATCH 1/4] libvncserver: Add API to add custom I/O entry points

 Add API to make it possible to channel RFB input and output through
 another layer, for example TLS. This is done by making it possible to
@ -13,7 +13,7 @@ override the default read/write/peek functions.
 3 files changed, 93 insertions(+), 7 deletions(-)

 diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index 44ca2153..cee87dbb 100644
+index e9eaa5fc..72e9ba79 100644
 --- a/libvncserver/rfbserver.c
 +++ b/libvncserver/rfbserver.c
@@ -319,6 +319,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen,
@ -237,5 +237,5 @@ index 5e9ba86f..3c0b25a3 100644
 extern rfbSocket rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port);
 extern rfbSocket rfbConnectToTcpAddr(char* host, int port);
 -- 
-2.25.4
+2.28.0

--- a/0002-libvncserver-Add-channel-security-handlers.patch
+++ b/0002-libvncserver-Add-channel-security-handlers.patch
@ -1,7 +1,7 @@
-From 30b947df1b25cf741f6863b4c3f77e0016aa4898 Mon Sep 17 00:00:00 2001
+From c9131a78878a785c3de21e9d49521d7b68400ad7 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
 Date: Mon, 11 Jun 2018 23:50:05 +0200
-Subject: [PATCH 2/2] libvncserver: Add channel security handlers
+Subject: [PATCH 2/4] libvncserver: Add channel security handlers

 Add another type of security handler that is meant to be used initially
 to set up a secure channel. Regular security handlers would be
@ -298,10 +298,10 @@ index 814a8142..55e0b3c9 100644
 	      rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType);
 	      handler->handler(cl);
 diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index cee87dbb..6efede61 100644
+index 72e9ba79..48eada64 100644
 --- a/libvncserver/rfbserver.c
 +++ b/libvncserver/rfbserver.c
-@@ -654,6 +654,7 @@ rfbProcessClientMessage(rfbClientPtr cl)
+@@ -652,6 +652,7 @@ rfbProcessClientMessage(rfbClientPtr cl)
     case RFB_PROTOCOL_VERSION:
         rfbProcessClientProtocolVersion(cl);
         return;
@ -364,5 +364,5 @@ index 3c0b25a3..d136f884 100644
 /* rre.c */
 
 -- 
-2.25.4
+2.28.0

--- a/0003-auth-Add-API-to-unregister-built-in-security-handler.patch
+++ b/0003-auth-Add-API-to-unregister-built-in-security-handler.patch
@ -1,47 +0,0 @@
-From 42815c7a5672edb16ab810378b7c34b3e8e74832 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
-Date: Wed, 27 Nov 2019 16:58:29 +0100
-Subject: [PATCH 3/3] auth: Add API to unregister built in security handlers
-
-If I have a VNC server that first accepts password based authentication,
-then switches to something not using password (e.g. a prompt on screen),
-the security handler from the first would still be sent as, meaning
-clients would still ask for a password without there being one.
---
- libvncserver/auth.c | 7 +++++++
- rfb/rfb.h           | 1 +
- 2 files changed, 8 insertions(+)
-
-diff --git a/libvncserver/auth.c b/libvncserver/auth.c
-index fc74c800..94b46fd6 100644
--- a/libvncserver/auth.c
-+++ b/libvncserver/auth.c
-@@ -248,6 +248,13 @@ determinePrimarySecurityType(rfbClientPtr cl)
-     }
- }
- 
-+void
-+rfbUnregisterPrimarySecurityHandlers (void)
-+{
-+    rfbUnregisterSecurityHandler(&VncSecurityHandlerNone);
-+    rfbUnregisterSecurityHandler(&VncSecurityHandlerVncAuth);
-+}
-+
- void
- rfbSendSecurityTypeList(rfbClientPtr cl,
-                         enum rfbSecurityTag exclude)
-diff --git a/rfb/rfb.h b/rfb/rfb.h
-index f56bd47d..d1763c6c 100644
--- a/rfb/rfb.h
-+++ b/rfb/rfb.h
-@@ -856,6 +856,7 @@ extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler);
- extern void rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler);
- extern void rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler);
- extern void rfbSendSecurityTypeList(rfbClientPtr cl, enum rfbSecurityTag exclude);
-+extern void rfbUnregisterPrimarySecurityHandlers (void);
- 
- /* rre.c */
- 
-- 
-2.26.2
-
--- a/0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch
+++ b/0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch
@ -0,0 +1,32 @@
+From 2a77dd86a97fa5f4735f678599cea839ba09009c Mon Sep 17 00:00:00 2001
+From: Christian Beier <info@christianbeier.net>
+Date: Sun, 9 Aug 2020 20:11:26 +0200
+Subject: [PATCH 3/4] libvncserver/auth: don't keep security handlers from
+ previous runs
+
+Whyohsoever security handlers are stored in a variable global to the
+application, not in the rfbScreen struct. This meant that security
+handlers registered once would stick around forever before this commit.
+---
+ libvncserver/auth.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncserver/auth.c b/libvncserver/auth.c
+index 55e0b3c9..fc74c800 100644
+--- a/libvncserver/auth.c
+++ b/libvncserver/auth.c
+@@ -264,9 +264,11 @@ rfbSendSecurityTypeList(rfbClientPtr cl,
+     primaryType = determinePrimarySecurityType(cl);
+     switch (primaryType) {
+     case rfbSecTypeNone:
+	rfbUnregisterSecurityHandler(&VncSecurityHandlerVncAuth);
+         rfbRegisterSecurityHandler(&VncSecurityHandlerNone);
+         break;
+     case rfbSecTypeVncAuth:
+	rfbUnregisterSecurityHandler(&VncSecurityHandlerNone);
+         rfbRegisterSecurityHandler(&VncSecurityHandlerVncAuth);
+         break;
+     }
+-- 
+2.28.0
+
--- a/0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch
+++ b/0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch
@ -0,0 +1,45 @@
+From 641610b961a732bb68f111536ebf8c42be20f05b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
+Date: Wed, 16 Sep 2020 17:35:49 +0200
+Subject: [PATCH 4/4] zlib: Clear buffer pointers on cleanup (#444)
+
+The pointers to the buffers were freed, and the size fields were set to
+0, but the buffer pointers themsef was not set to NULL, when shutting
+down, meaning the next time used, NULL checks would not tell whether the
+pointer is valid. This caused crashes ending with
+
+  #0  0x00007ffff73729e5 in raise () from /lib64/libc.so.6
+  #1  0x00007ffff735b895 in abort () from /lib64/libc.so.6
+  #2  0x00007ffff73b6857 in __libc_message () from /lib64/libc.so.6
+  #3  0x00007ffff73bdd7c in malloc_printerr () from /lib64/libc.so.6
+  #4  0x00007ffff73c2f1a in realloc () from /lib64/libc.so.6
+  #5  0x00007ffff78b558e in rfbSendOneRectEncodingZlib (cl=0x4a4b80, x=0, y=0, w=800, h=40) at /home/jonas/Dev/gnome/libvncserver/libvncserver/zlib.c:106
+  #6  0x00007ffff78b5dec in rfbSendRectEncodingZlib (cl=0x4a4b80, x=0, y=0, w=800, h=600) at /home/jonas/Dev/gnome/libvncserver/libvncserver/zlib.c:308
+  #7  0x00007ffff7899453 in rfbSendFramebufferUpdate (cl=0x4a4b80, givenUpdateRegion=0x49ef70) at /home/jonas/Dev/gnome/libvncserver/libvncserver/rfbserver.c:3264
+  #8  0x00007ffff789079d in rfbUpdateClient (cl=0x4a4b80) at /home/jonas/Dev/gnome/libvncserver/libvncserver/main.c:1275
+  #9  0x00007ffff78905f5 in rfbProcessEvents (screen=0x4d5790, usec=0) at /home/jonas/Dev/gnome/libvncserver/libvncserver/main.c:1251
+---
+ libvncserver/zlib.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncserver/zlib.c b/libvncserver/zlib.c
+index d24d7d15..5c3a8236 100644
+--- a/libvncserver/zlib.c
+++ b/libvncserver/zlib.c
+@@ -64,11 +64,13 @@ void rfbZlibCleanup(rfbScreenInfoPtr screen)
+ {
+   if (zlibBeforeBufSize) {
+     free(zlibBeforeBuf);
+    zlibBeforeBuf = NULL;
+     zlibBeforeBufSize=0;
+   }
+   if (zlibAfterBufSize) {
+     zlibAfterBufSize=0;
+     free(zlibAfterBuf);
+    zlibAfterBuf = NULL;
+   }
+ }
+ 
+-- 
+2.28.0
+
--- a/libvncserver.spec
+++ b/libvncserver.spec
@ -3,7 +3,7 @@
 Summary:    Library to make writing a VNC server easy
 Name:       libvncserver
 Version:    0.9.13
-Release:    7%{?dist}
+Release:    8%{?dist}

 # NOTE: --with-filetransfer => GPLv2
 License:    GPLv2+
@ -14,8 +14,12 @@ Source0:    https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{versio
 # https://github.com/LibVNC/libvncserver/pull/234
 Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
 Patch11: 0002-libvncserver-Add-channel-security-handlers.patch
-# https://github.com/LibVNC/libvncserver/pull/350
-Patch12: 0003-auth-Add-API-to-unregister-built-in-security-handler.patch
+# https://github.com/LibVNC/libvncserver/commit/87c52ee0551b7c4e76855d270d475b9e3039fe08
+Patch12: 0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch
+# Fix crash on all runs after the first
+# https://github.com/LibVNC/libvncserver/pull/444
+# https://bugzilla.redhat.com/show_bug.cgi?id=1882718
+Patch13: 0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch

 ## downstream patches
 Patch102: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch
@ -85,9 +89,10 @@ developing applications that use %{name}.
 %prep
 %setup -q -n %{name}-LibVNCServer-%{version}

-## FIXME: needs rebasing
 %patch10 -p1 -b .tls-1
 %patch11 -p1 -b .tls-2
+%patch12 -p1 -b .handlers
+%patch13 -p1 -b .pointers

 %patch102 -p1 -b .crypto_policy

@ -133,6 +138,10 @@ done


 %changelog
+* Fri Oct 09 2020 Adam Williamson <awilliam@redhat.com> - 0.9.13-8
+- Rebase all patches so Patch12 applies
+- Backport PR #444 to fix crash on all runs after the first (#1882718)
+
 * Mon Sep 14 2020 Jonas Ådahl <jadahl@redhat.com> - 0.9.13-7
 - Add API to unregister security handlers