import tigervnc-1.10.1-7.el8
This commit is contained in:
parent
11a5358b7a
commit
85151b63c1
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/tigervnc-1.9.0.tar.gz
|
SOURCES/tigervnc-1.10.1.tar.gz
|
||||||
|
@ -1 +1 @@
|
|||||||
c56656c596fb863bb2c4b67fb62b4165011d181f SOURCES/tigervnc-1.9.0.tar.gz
|
34efc6e2e67be672dca38c10ce064bcb08adee9f SOURCES/tigervnc-1.10.1.tar.gz
|
||||||
|
@ -0,0 +1,34 @@
|
|||||||
|
From 920d9c4d6562ecabf79497bc901d50522d4bc661 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Linus Heckemann <git@sphalerite.org>
|
||||||
|
Date: Sat, 1 Feb 2020 11:08:26 +0100
|
||||||
|
Subject: [PATCH] xserver: add no-op input thread init function
|
||||||
|
|
||||||
|
This allows Xvnc to build with xorg-server 1.20.7, which requires OS
|
||||||
|
layers to implement a ddxInputThreadInit function when configured with
|
||||||
|
--enable-input-thread (the default).
|
||||||
|
|
||||||
|
relevant xorg-server commit: e3f26605d85d987da434640f52646d728f1fe919
|
||||||
|
---
|
||||||
|
unix/xserver/hw/vnc/Input.c | 9 +++++++++
|
||||||
|
1 file changed, 9 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/unix/xserver/hw/vnc/Input.c b/unix/xserver/hw/vnc/Input.c
|
||||||
|
index 534e435e..b342d4d6 100644
|
||||||
|
--- a/unix/xserver/hw/vnc/Input.c
|
||||||
|
+++ b/unix/xserver/hw/vnc/Input.c
|
||||||
|
@@ -711,3 +711,12 @@ static void vncKeysymKeyboardEvent(KeySym keysym, int down)
|
||||||
|
*/
|
||||||
|
mieqProcessInputEvents();
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+#if INPUTTHREAD
|
||||||
|
+/** This function is called in Xserver/os/inputthread.c when starting
|
||||||
|
+ the input thread. */
|
||||||
|
+void
|
||||||
|
+ddxInputThreadInit(void)
|
||||||
|
+{
|
||||||
|
+}
|
||||||
|
+#endif
|
||||||
|
--
|
||||||
|
2.24.1
|
||||||
|
|
110
SOURCES/HOWTO.md
Normal file
110
SOURCES/HOWTO.md
Normal file
@ -0,0 +1,110 @@
|
|||||||
|
# What has changed
|
||||||
|
The previous Tigervnc versions had a wrapper script called `vncserver` which
|
||||||
|
could be run as a user manually to start *Xvnc* process. The usage was quite
|
||||||
|
simple as you just run
|
||||||
|
```
|
||||||
|
$ vncserver :x [vncserver options] [Xvnc options]
|
||||||
|
```
|
||||||
|
and that was it. While this was working just fine, there were issues when users
|
||||||
|
wanted to start a Tigervnc server using *systemd*. For these reasons things were
|
||||||
|
completely changed and there is now a new way how this all is supposed to work.
|
||||||
|
|
||||||
|
# How to start Tigervnc server
|
||||||
|
|
||||||
|
## Add a user mapping
|
||||||
|
With this you can map a user to a particular port. The mapping should be done in
|
||||||
|
`/etc/tigervnc/vncserver.users` configuration file. It should be pretty
|
||||||
|
straightforward once you open the file as there are some examples, but basically
|
||||||
|
the mapping is in form
|
||||||
|
```
|
||||||
|
:x=user
|
||||||
|
```
|
||||||
|
For example you can have
|
||||||
|
```
|
||||||
|
:1=test
|
||||||
|
:2=vncuser
|
||||||
|
```
|
||||||
|
|
||||||
|
## Configure Xvnc options
|
||||||
|
To configure Xvnc parameters, you need to go to the same directory where you did
|
||||||
|
the user mapping and open `vncserver-config-defaults` configuration file. This
|
||||||
|
file is for the default Xvnc configuration and will be applied to every user
|
||||||
|
unless any of the following applies:
|
||||||
|
* The user has its own configuration in `$HOME/.vnc/config`
|
||||||
|
* The same option with different value is configured in
|
||||||
|
`vncserver-config-mandatory` configuration file, which replaces the default
|
||||||
|
configuration and has even a higher priority than the per-user configuration.
|
||||||
|
This option is for system administrators when they want to force particular
|
||||||
|
*Xvnc* options.
|
||||||
|
|
||||||
|
Format of the configuration file is also quite simple as the configuration is
|
||||||
|
in form of
|
||||||
|
```
|
||||||
|
option=value
|
||||||
|
option
|
||||||
|
```
|
||||||
|
for example
|
||||||
|
```
|
||||||
|
session=gnome
|
||||||
|
securitytypes=vncauth,tlsvnc
|
||||||
|
desktop=sandbox
|
||||||
|
geometry=2000x1200
|
||||||
|
localhost
|
||||||
|
alwaysshared
|
||||||
|
```
|
||||||
|
### Note:
|
||||||
|
There is one important option you need to set and that option is the session you
|
||||||
|
want to start. E.g when you want to start GNOME desktop, then you have to use
|
||||||
|
```
|
||||||
|
session=gnome
|
||||||
|
```
|
||||||
|
which should match the name of a session desktop file from `/usr/share/xsessions`
|
||||||
|
directory.
|
||||||
|
|
||||||
|
## Set VNC password
|
||||||
|
You need to set a password for each user in order to be able to start the
|
||||||
|
Tigervnc server. In order to create a password, you just run
|
||||||
|
```
|
||||||
|
$ vncpasswd
|
||||||
|
```
|
||||||
|
as the user you will be starting the server for.
|
||||||
|
### Note:
|
||||||
|
If you were using Tigervnc before for your user and you already created a
|
||||||
|
password, then you will have to make sure the `$HOME/.vnc` folder created by
|
||||||
|
`vncpasswd` will have the correct *SELinux* context. You either can delete this
|
||||||
|
folder and recreate it again by creating the password one more time, or
|
||||||
|
alternatively you can run
|
||||||
|
```
|
||||||
|
$ restorecon -RFv /home/<USER>/.vnc
|
||||||
|
```
|
||||||
|
|
||||||
|
## Start the Tigervnc server
|
||||||
|
Finally you can start the server using systemd service. To do so just run
|
||||||
|
```
|
||||||
|
$ systemctl start vncserver@:x
|
||||||
|
```
|
||||||
|
as root or
|
||||||
|
```
|
||||||
|
$ sudo systemctl start vncserver@:x
|
||||||
|
```
|
||||||
|
as a regular user in case it has permissions to run `sudo`. Don't forget to
|
||||||
|
replace the `:x` by the actual number you configured in the user mapping file.
|
||||||
|
Following our example by running
|
||||||
|
```
|
||||||
|
$ systemctl start vncserver@:1
|
||||||
|
```
|
||||||
|
you will start a Tigervnc server for user `test` with a GNOME session.
|
||||||
|
|
||||||
|
### Note:
|
||||||
|
If you were previously using Tigervnc and you were used to start it using
|
||||||
|
*systemd* then you will need to remove previous *systemd* configuration files,
|
||||||
|
those you most likely copied to `/etc/systemd/system/vncserver@.service`,
|
||||||
|
otherwise this service file will be preferred over the new one installed with
|
||||||
|
latest Tigervnc.
|
||||||
|
|
||||||
|
# Limitations
|
||||||
|
You will not be able to start a Tigervnc server for a user who is already
|
||||||
|
logged into a graphical session. Avoid running the server as the `root` user as
|
||||||
|
it's not a safe thing to do. While running the server as the `root` should work
|
||||||
|
in general, it's not recommended to do so and there might be some things which
|
||||||
|
are not working properly.
|
@ -1,14 +0,0 @@
|
|||||||
diff --git a/unix/vncserver b/unix/vncserver
|
|
||||||
index a6c890f..687ef72 100755
|
|
||||||
--- a/unix/vncserver
|
|
||||||
+++ b/unix/vncserver
|
|
||||||
@@ -208,7 +208,8 @@ if ((@ARGV > 0) && ($ARGV[0] =~ /^:(\d+)$/)) {
|
|
||||||
$displayNumber = $1;
|
|
||||||
shift(@ARGV);
|
|
||||||
if (!&CheckDisplayNumber($displayNumber)) {
|
|
||||||
- die "A VNC server is already running as :$displayNumber\n";
|
|
||||||
+ warn "A VNC server is already running as :$displayNumber\n";
|
|
||||||
+ $displayNumber = &GetDisplayNumber();
|
|
||||||
}
|
|
||||||
} elsif ((@ARGV > 0) && ($ARGV[0] !~ /^-/) && ($ARGV[0] !~ /^\+/)) {
|
|
||||||
&Usage();
|
|
@ -1,116 +0,0 @@
|
|||||||
From d61a767d6842b530ffb532ddd5a3d233119aad40 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Pierre Ossman <ossman@cendio.se>
|
|
||||||
Date: Tue, 10 Sep 2019 11:05:48 +0200
|
|
||||||
Subject: [PATCH] Make ZlibInStream more robust against failures
|
|
||||||
|
|
||||||
Move the checks around to avoid missing cases where we might access
|
|
||||||
memory that is no longer valid. Also avoid touching the underlying
|
|
||||||
stream implicitly (e.g. via the destructor) as it might also no
|
|
||||||
longer be valid.
|
|
||||||
|
|
||||||
A malicious server could theoretically use this for remote code
|
|
||||||
execution in the client.
|
|
||||||
|
|
||||||
Issue found by Pavel Cheremushkin from Kaspersky Lab
|
|
||||||
---
|
|
||||||
common/rdr/ZlibInStream.cxx | 13 +++++++------
|
|
||||||
common/rdr/ZlibInStream.h | 2 +-
|
|
||||||
common/rfb/CMsgReader.cxx | 3 ++-
|
|
||||||
common/rfb/SMsgReader.cxx | 3 ++-
|
|
||||||
common/rfb/TightDecoder.cxx | 3 ++-
|
|
||||||
common/rfb/zrleDecode.h | 3 ++-
|
|
||||||
6 files changed, 16 insertions(+), 11 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/common/rdr/ZlibInStream.cxx b/common/rdr/ZlibInStream.cxx
|
|
||||||
index 4053bd1..a361010 100644
|
|
||||||
--- a/common/rdr/ZlibInStream.cxx
|
|
||||||
+++ b/common/rdr/ZlibInStream.cxx
|
|
||||||
@@ -52,16 +52,16 @@ int ZlibInStream::pos()
|
|
||||||
return offset + ptr - start;
|
|
||||||
}
|
|
||||||
|
|
||||||
-void ZlibInStream::removeUnderlying()
|
|
||||||
+void ZlibInStream::flushUnderlying()
|
|
||||||
{
|
|
||||||
ptr = end = start;
|
|
||||||
- if (!underlying) return;
|
|
||||||
|
|
||||||
while (bytesIn > 0) {
|
|
||||||
decompress(true);
|
|
||||||
end = start; // throw away any data
|
|
||||||
}
|
|
||||||
- underlying = 0;
|
|
||||||
+
|
|
||||||
+ setUnderlying(NULL, 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
void ZlibInStream::reset()
|
|
||||||
@@ -90,7 +90,7 @@ void ZlibInStream::init()
|
|
||||||
void ZlibInStream::deinit()
|
|
||||||
{
|
|
||||||
assert(zs != NULL);
|
|
||||||
- removeUnderlying();
|
|
||||||
+ setUnderlying(NULL, 0);
|
|
||||||
inflateEnd(zs);
|
|
||||||
delete zs;
|
|
||||||
zs = NULL;
|
|
||||||
@@ -100,8 +100,6 @@ int ZlibInStream::overrun(int itemSize, int nItems, bool wait)
|
|
||||||
{
|
|
||||||
if (itemSize > bufSize)
|
|
||||||
throw Exception("ZlibInStream overrun: max itemSize exceeded");
|
|
||||||
- if (!underlying)
|
|
||||||
- throw Exception("ZlibInStream overrun: no underlying stream");
|
|
||||||
|
|
||||||
if (end - ptr != 0)
|
|
||||||
memmove(start, ptr, end - ptr);
|
|
||||||
@@ -127,6 +125,9 @@ int ZlibInStream::overrun(int itemSize, int nItems, bool wait)
|
|
||||||
|
|
||||||
bool ZlibInStream::decompress(bool wait)
|
|
||||||
{
|
|
||||||
+ if (!underlying)
|
|
||||||
+ throw Exception("ZlibInStream overrun: no underlying stream");
|
|
||||||
+
|
|
||||||
zs->next_out = (U8*)end;
|
|
||||||
zs->avail_out = start + bufSize - end;
|
|
||||||
|
|
||||||
diff --git a/common/rdr/ZlibInStream.h b/common/rdr/ZlibInStream.h
|
|
||||||
index 6bd4da4..86ba1ff 100644
|
|
||||||
--- a/common/rdr/ZlibInStream.h
|
|
||||||
+++ b/common/rdr/ZlibInStream.h
|
|
||||||
@@ -38,7 +38,7 @@ namespace rdr {
|
|
||||||
virtual ~ZlibInStream();
|
|
||||||
|
|
||||||
void setUnderlying(InStream* is, int bytesIn);
|
|
||||||
- void removeUnderlying();
|
|
||||||
+ void flushUnderlying();
|
|
||||||
int pos();
|
|
||||||
void reset();
|
|
||||||
|
|
||||||
diff --git a/common/rfb/TightDecoder.cxx b/common/rfb/TightDecoder.cxx
|
|
||||||
index 3a1254a..4273eb7 100644
|
|
||||||
--- a/common/rfb/TightDecoder.cxx
|
|
||||||
+++ b/common/rfb/TightDecoder.cxx
|
|
||||||
@@ -340,7 +340,8 @@ void TightDecoder::decodeRect(const Rect& r, const void* buffer,
|
|
||||||
|
|
||||||
zis[streamId].readBytes(netbuf, dataSize);
|
|
||||||
|
|
||||||
- zis[streamId].removeUnderlying();
|
|
||||||
+ zis[streamId].flushUnderlying();
|
|
||||||
+ zis[streamId].setUnderlying(NULL, 0);
|
|
||||||
delete ms;
|
|
||||||
|
|
||||||
bufptr = netbuf;
|
|
||||||
diff --git a/common/rfb/zrleDecode.h b/common/rfb/zrleDecode.h
|
|
||||||
index 0bfbbe1..a69ca67 100644
|
|
||||||
--- a/common/rfb/zrleDecode.h
|
|
||||||
+++ b/common/rfb/zrleDecode.h
|
|
||||||
@@ -178,7 +178,8 @@ void ZRLE_DECODE (const Rect& r, rdr::InStream* is,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- zis->removeUnderlying();
|
|
||||||
+ zis->flushUnderlying();
|
|
||||||
+ zis->setUnderlying(NULL, 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
#undef ZRLE_DECODE
|
|
@ -1,71 +0,0 @@
|
|||||||
From 996356b6c65ca165ee1ea46a571c32a1dc3c3821 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Pierre Ossman <ossman@cendio.se>
|
|
||||||
Date: Tue, 10 Sep 2019 15:21:03 +0200
|
|
||||||
Subject: [PATCH] Restrict PixelBuffer dimensions to safe values
|
|
||||||
|
|
||||||
We do a lot of calculations based on pixel coordinates and we need
|
|
||||||
to make sure they do not overflow. Restrict the maximum dimensions
|
|
||||||
we support rather than try to switch over all calculations to use
|
|
||||||
64 bit integers.
|
|
||||||
|
|
||||||
This prevents attackers from from injecting code by specifying a
|
|
||||||
huge framebuffer size and relying on the values overflowing to
|
|
||||||
access invalid areas of the heap.
|
|
||||||
|
|
||||||
This primarily affects the client which gets both the screen
|
|
||||||
dimensions and the pixel contents from the remote side. But the
|
|
||||||
server might also be affected as a client can adjust the screen
|
|
||||||
dimensions, as can applications inside the session.
|
|
||||||
|
|
||||||
Issue found by Pavel Cheremushkin from Kaspersky Lab.
|
|
||||||
---
|
|
||||||
common/rfb/PixelBuffer.cxx | 22 ++++++++++++++++++++++
|
|
||||||
1 file changed, 22 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/common/rfb/PixelBuffer.cxx b/common/rfb/PixelBuffer.cxx
|
|
||||||
index ad58324..18f41f8 100644
|
|
||||||
--- a/common/rfb/PixelBuffer.cxx
|
|
||||||
+++ b/common/rfb/PixelBuffer.cxx
|
|
||||||
@@ -31,6 +31,14 @@ using namespace rdr;
|
|
||||||
|
|
||||||
static LogWriter vlog("PixelBuffer");
|
|
||||||
|
|
||||||
+// We do a lot of byte offset calculations that assume the result fits
|
|
||||||
+// inside a signed 32 bit integer. Limit the maximum size of pixel
|
|
||||||
+// buffers so that these calculations never overflow.
|
|
||||||
+
|
|
||||||
+const int maxPixelBufferWidth = 16384;
|
|
||||||
+const int maxPixelBufferHeight = 16384;
|
|
||||||
+const int maxPixelBufferStride = 16384;
|
|
||||||
+
|
|
||||||
|
|
||||||
// -=- Generic pixel buffer class
|
|
||||||
|
|
||||||
@@ -108,6 +116,11 @@ void PixelBuffer::getImage(const PixelFormat& pf, void* imageBuf,
|
|
||||||
|
|
||||||
void PixelBuffer::setSize(int width, int height)
|
|
||||||
{
|
|
||||||
+ if ((width < 0) || (width > maxPixelBufferWidth))
|
|
||||||
+ throw rfb::Exception("Invalid PixelBuffer width of %d pixels requested", width);
|
|
||||||
+ if ((height < 0) || (height > maxPixelBufferHeight))
|
|
||||||
+ throw rfb::Exception("Invalid PixelBuffer height of %d pixels requested", height);
|
|
||||||
+
|
|
||||||
width_ = width;
|
|
||||||
height_ = height;
|
|
||||||
}
|
|
||||||
@@ -337,6 +350,15 @@ const rdr::U8* FullFramePixelBuffer::getBuffer(const Rect& r, int* stride_) cons
|
|
||||||
void FullFramePixelBuffer::setBuffer(int width, int height,
|
|
||||||
rdr::U8* data_, int stride_)
|
|
||||||
{
|
|
||||||
+ if ((width < 0) || (width > maxPixelBufferWidth))
|
|
||||||
+ throw rfb::Exception("Invalid PixelBuffer width of %d pixels requested", width);
|
|
||||||
+ if ((height < 0) || (height > maxPixelBufferHeight))
|
|
||||||
+ throw rfb::Exception("Invalid PixelBuffer height of %d pixels requested", height);
|
|
||||||
+ if ((stride_ < 0) || (stride_ > maxPixelBufferStride) || (stride_ < width))
|
|
||||||
+ throw rfb::Exception("Invalid PixelBuffer stride of %d pixels requested", stride_);
|
|
||||||
+ if ((width != 0) && (height != 0) && (data_ == NULL))
|
|
||||||
+ throw rfb::Exception("PixelBuffer requested without a valid memory area");
|
|
||||||
+
|
|
||||||
ModifiablePixelBuffer::setSize(width, height);
|
|
||||||
stride = stride_;
|
|
||||||
data = data_;
|
|
@ -1,75 +0,0 @@
|
|||||||
From b4ada8d0c6dac98c8b91fc64d112569a8ae5fb95 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Pierre Ossman <ossman@cendio.se>
|
|
||||||
Date: Tue, 10 Sep 2019 15:36:42 +0200
|
|
||||||
Subject: [PATCH] Handle empty Tight gradient rects
|
|
||||||
|
|
||||||
We always assumed there would be one pixel per row so a rect with
|
|
||||||
a zero width would result in us writing to unknown memory.
|
|
||||||
|
|
||||||
This could theoretically be used by a malicious server to inject
|
|
||||||
code in to the viewer process.
|
|
||||||
|
|
||||||
Issue found by Pavel Cheremushkin from Kaspersky Lab.
|
|
||||||
---
|
|
||||||
common/rfb/tightDecode.h | 37 +++++++++++++++++++++----------------
|
|
||||||
1 file changed, 21 insertions(+), 16 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/common/rfb/tightDecode.h b/common/rfb/tightDecode.h
|
|
||||||
index b6e86ed5e..8f77aebd0 100644
|
|
||||||
--- a/common/rfb/tightDecode.h
|
|
||||||
+++ b/common/rfb/tightDecode.h
|
|
||||||
@@ -56,15 +56,17 @@ TightDecoder::FilterGradient24(const rdr::U8 *inbuf,
|
|
||||||
int rectWidth = r.width();
|
|
||||||
|
|
||||||
for (y = 0; y < rectHeight; y++) {
|
|
||||||
- /* First pixel in a row */
|
|
||||||
- for (c = 0; c < 3; c++) {
|
|
||||||
- pix[c] = inbuf[y*rectWidth*3+c] + prevRow[c];
|
|
||||||
- thisRow[c] = pix[c];
|
|
||||||
- }
|
|
||||||
- pf.bufferFromRGB((rdr::U8*)&outbuf[y*stride], pix, 1);
|
|
||||||
+ for (x = 0; x < rectWidth; x++) {
|
|
||||||
+ /* First pixel in a row */
|
|
||||||
+ if (x == 0) {
|
|
||||||
+ for (c = 0; c < 3; c++) {
|
|
||||||
+ pix[c] = inbuf[y*rectWidth*3+c] + prevRow[c];
|
|
||||||
+ thisRow[c] = pix[c];
|
|
||||||
+ }
|
|
||||||
+ pf.bufferFromRGB((rdr::U8*)&outbuf[y*stride], pix, 1);
|
|
||||||
+ continue;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
- /* Remaining pixels of a row */
|
|
||||||
- for (x = 1; x < rectWidth; x++) {
|
|
||||||
for (c = 0; c < 3; c++) {
|
|
||||||
est[c] = prevRow[x*3+c] + pix[c] - prevRow[(x-1)*3+c];
|
|
||||||
if (est[c] > 0xff) {
|
|
||||||
@@ -103,17 +105,20 @@ void TightDecoder::FilterGradient(const rdr::U8* inbuf,
|
|
||||||
int rectWidth = r.width();
|
|
||||||
|
|
||||||
for (y = 0; y < rectHeight; y++) {
|
|
||||||
- /* First pixel in a row */
|
|
||||||
- pf.rgbFromBuffer(pix, &inbuf[y*rectWidth], 1);
|
|
||||||
- for (c = 0; c < 3; c++)
|
|
||||||
- pix[c] += prevRow[c];
|
|
||||||
+ for (x = 0; x < rectWidth; x++) {
|
|
||||||
+ /* First pixel in a row */
|
|
||||||
+ if (x == 0) {
|
|
||||||
+ pf.rgbFromBuffer(pix, &inbuf[y*rectWidth], 1);
|
|
||||||
+ for (c = 0; c < 3; c++)
|
|
||||||
+ pix[c] += prevRow[c];
|
|
||||||
|
|
||||||
- memcpy(thisRow, pix, sizeof(pix));
|
|
||||||
+ memcpy(thisRow, pix, sizeof(pix));
|
|
||||||
|
|
||||||
- pf.bufferFromRGB((rdr::U8*)&outbuf[y*stride], pix, 1);
|
|
||||||
+ pf.bufferFromRGB((rdr::U8*)&outbuf[y*stride], pix, 1);
|
|
||||||
+
|
|
||||||
+ continue;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
- /* Remaining pixels of a row */
|
|
||||||
- for (x = 1; x < rectWidth; x++) {
|
|
||||||
for (c = 0; c < 3; c++) {
|
|
||||||
est[c] = prevRow[x*3+c] + pix[c] - prevRow[(x-1)*3+c];
|
|
||||||
if (est[c] > 255) {
|
|
File diff suppressed because it is too large
Load Diff
@ -1,17 +0,0 @@
|
|||||||
diff --git a/common/rfb/PixelFormat.cxx b/common/rfb/PixelFormat.cxx
|
|
||||||
index a9d015d..896f4e5 100644
|
|
||||||
--- a/common/rfb/PixelFormat.cxx
|
|
||||||
+++ b/common/rfb/PixelFormat.cxx
|
|
||||||
@@ -200,6 +200,12 @@ bool PixelFormat::is888(void) const
|
|
||||||
return false;
|
|
||||||
if (blueMax != 255)
|
|
||||||
return false;
|
|
||||||
+ if ((redShift & 0x7) != 0)
|
|
||||||
+ return false;
|
|
||||||
+ if ((greenShift & 0x7) != 0)
|
|
||||||
+ return false;
|
|
||||||
+ if ((blueShift & 0x7) != 0)
|
|
||||||
+ return false;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
@ -1,51 +0,0 @@
|
|||||||
From 9f615301aba1cc54a749950bf9462c5a85217bc4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Pierre Ossman <ossman@cendio.se>
|
|
||||||
Date: Tue, 10 Sep 2019 15:25:30 +0200
|
|
||||||
Subject: [PATCH] Add write protection to OffsetPixelBuffer
|
|
||||||
|
|
||||||
No one should every try to write to this buffer. Enforce that by
|
|
||||||
throwing an exception if any one tries to get a writeable pointer
|
|
||||||
to the data.
|
|
||||||
---
|
|
||||||
common/rfb/EncodeManager.cxx | 6 ++++++
|
|
||||||
common/rfb/EncodeManager.h | 3 +++
|
|
||||||
2 files changed, 9 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/common/rfb/EncodeManager.cxx b/common/rfb/EncodeManager.cxx
|
|
||||||
index 1653cea..66ba432 100644
|
|
||||||
--- a/common/rfb/EncodeManager.cxx
|
|
||||||
+++ b/common/rfb/EncodeManager.cxx
|
|
||||||
@@ -24,6 +24,7 @@
|
|
||||||
#include <rfb/SMsgWriter.h>
|
|
||||||
#include <rfb/UpdateTracker.h>
|
|
||||||
#include <rfb/LogWriter.h>
|
|
||||||
+#include <rfb/Exception.h>
|
|
||||||
|
|
||||||
#include <rfb/RawEncoder.h>
|
|
||||||
#include <rfb/RREEncoder.h>
|
|
||||||
@@ -895,6 +896,11 @@ void EncodeManager::OffsetPixelBuffer::update(const PixelFormat& pf,
|
|
||||||
setBuffer(width, height, (rdr::U8*)data_, stride_);
|
|
||||||
}
|
|
||||||
|
|
||||||
+rdr::U8* EncodeManager::OffsetPixelBuffer::getBufferRW(const Rect& r, int* stride)
|
|
||||||
+{
|
|
||||||
+ throw rfb::Exception("Invalid write attempt to OffsetPixelBuffer");
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
// Preprocessor generated, optimised methods
|
|
||||||
|
|
||||||
#define BPP 8
|
|
||||||
diff --git a/common/rfb/EncodeManager.h b/common/rfb/EncodeManager.h
|
|
||||||
index 79db950..7d47420 100644
|
|
||||||
--- a/common/rfb/EncodeManager.h
|
|
||||||
+++ b/common/rfb/EncodeManager.h
|
|
||||||
@@ -124,6 +124,9 @@ namespace rfb {
|
|
||||||
|
|
||||||
void update(const PixelFormat& pf, int width, int height,
|
|
||||||
const rdr::U8* data_, int stride);
|
|
||||||
+
|
|
||||||
+ private:
|
|
||||||
+ virtual rdr::U8* getBufferRW(const Rect& r, int* stride);
|
|
||||||
};
|
|
||||||
|
|
||||||
OffsetPixelBuffer offsetPixelBuffer;
|
|
@ -1,355 +0,0 @@
|
|||||||
From 75e6e0653a48baf474fd45d78b1da53e2f324642 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Pierre Ossman <ossman@cendio.se>
|
|
||||||
Date: Tue, 24 Sep 2019 09:41:07 +0200
|
|
||||||
Subject: [PATCH] Be defensive about overflows in stream objects
|
|
||||||
|
|
||||||
We use a lot of lengths given to us over the network, so be more
|
|
||||||
paranoid about them causing an overflow as otherwise an attacker
|
|
||||||
might trick us in to overwriting other memory.
|
|
||||||
|
|
||||||
This primarily affects the client which often gets lengths from the
|
|
||||||
server, but there are also some scenarios where the server might
|
|
||||||
theoretically be vulnerable.
|
|
||||||
|
|
||||||
Issue found by Pavel Cheremushkin from Kaspersky Lab.
|
|
||||||
---
|
|
||||||
common/rdr/FdInStream.cxx | 8 +++++---
|
|
||||||
common/rdr/FdOutStream.cxx | 7 ++++---
|
|
||||||
common/rdr/FileInStream.cxx | 8 +++++---
|
|
||||||
common/rdr/HexInStream.cxx | 8 +++++---
|
|
||||||
common/rdr/HexOutStream.cxx | 6 ++++--
|
|
||||||
common/rdr/InStream.h | 24 +++++++++++++-----------
|
|
||||||
common/rdr/MemOutStream.h | 4 ++++
|
|
||||||
common/rdr/OutStream.h | 24 +++++++++++++-----------
|
|
||||||
common/rdr/RandomStream.cxx | 6 ++++--
|
|
||||||
common/rdr/TLSInStream.cxx | 10 ++++++----
|
|
||||||
common/rdr/TLSOutStream.cxx | 6 ++++--
|
|
||||||
common/rdr/ZlibInStream.cxx | 6 ++++--
|
|
||||||
common/rdr/ZlibOutStream.cxx | 6 ++++--
|
|
||||||
13 files changed, 75 insertions(+), 48 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/common/rdr/FdInStream.cxx b/common/rdr/FdInStream.cxx
|
|
||||||
index 789cbec..406ece5 100644
|
|
||||||
--- a/common/rdr/FdInStream.cxx
|
|
||||||
+++ b/common/rdr/FdInStream.cxx
|
|
||||||
@@ -136,7 +136,7 @@ size_t FdInStream::overrun(size_t itemSize, size_t nItems, bool wait)
|
|
||||||
ptr = start;
|
|
||||||
|
|
||||||
size_t bytes_to_read;
|
|
||||||
- while (end < start + itemSize) {
|
|
||||||
+ while ((size_t)(end - start) < itemSize) {
|
|
||||||
bytes_to_read = start + bufSize - end;
|
|
||||||
if (!timing) {
|
|
||||||
// When not timing, we must be careful not to read too much
|
|
||||||
@@ -152,8 +152,10 @@ size_t FdInStream::overrun(size_t itemSize, size_t nItems, bool wait)
|
|
||||||
end += n;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
diff --git a/common/rdr/FdOutStream.cxx b/common/rdr/FdOutStream.cxx
|
|
||||||
index 1757dc3..f5d07e4 100644
|
|
||||||
--- a/common/rdr/FdOutStream.cxx
|
|
||||||
+++ b/common/rdr/FdOutStream.cxx
|
|
||||||
@@ -149,9 +149,10 @@ size_t FdOutStream::overrun(size_t itemSize, size_t nItems)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- // Can we fit all the items asked for?
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
diff --git a/common/rdr/FileInStream.cxx b/common/rdr/FileInStream.cxx
|
|
||||||
index 94f5db8..bdb05a3 100644
|
|
||||||
--- a/common/rdr/FileInStream.cxx
|
|
||||||
+++ b/common/rdr/FileInStream.cxx
|
|
||||||
@@ -68,7 +68,7 @@ size_t FileInStream::overrun(size_t itemSize, size_t nItems, bool wait)
|
|
||||||
ptr = b;
|
|
||||||
|
|
||||||
|
|
||||||
- while (end < b + itemSize) {
|
|
||||||
+ while ((size_t)(end - b) < itemSize) {
|
|
||||||
size_t n = fread((U8 *)end, b + sizeof(b) - end, 1, file);
|
|
||||||
if (n == 0) {
|
|
||||||
if (ferror(file))
|
|
||||||
@@ -80,8 +80,10 @@ size_t FileInStream::overrun(size_t itemSize, size_t nItems, bool wait)
|
|
||||||
end += b + sizeof(b) - end;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
diff --git a/common/rdr/HexInStream.cxx b/common/rdr/HexInStream.cxx
|
|
||||||
index 8f93988..a6bc92c 100644
|
|
||||||
--- a/common/rdr/HexInStream.cxx
|
|
||||||
+++ b/common/rdr/HexInStream.cxx
|
|
||||||
@@ -91,7 +91,7 @@ size_t HexInStream::overrun(size_t itemSize, size_t nItems, bool wait) {
|
|
||||||
offset += ptr - start;
|
|
||||||
ptr = start;
|
|
||||||
|
|
||||||
- while (end < ptr + itemSize) {
|
|
||||||
+ while ((size_t)(end - ptr) < itemSize) {
|
|
||||||
size_t n = in_stream.check(2, 1, wait);
|
|
||||||
if (n == 0) return 0;
|
|
||||||
const U8* iptr = in_stream.getptr();
|
|
||||||
@@ -110,8 +110,10 @@ size_t HexInStream::overrun(size_t itemSize, size_t nItems, bool wait) {
|
|
||||||
end += length;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
diff --git a/common/rdr/HexOutStream.cxx b/common/rdr/HexOutStream.cxx
|
|
||||||
index 7232514..eac2eff 100644
|
|
||||||
--- a/common/rdr/HexOutStream.cxx
|
|
||||||
+++ b/common/rdr/HexOutStream.cxx
|
|
||||||
@@ -102,8 +102,10 @@ HexOutStream::overrun(size_t itemSize, size_t nItems) {
|
|
||||||
|
|
||||||
writeBuffer();
|
|
||||||
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
diff --git a/common/rdr/InStream.h b/common/rdr/InStream.h
|
|
||||||
index 14ecf09..f71a4d9 100644
|
|
||||||
--- a/common/rdr/InStream.h
|
|
||||||
+++ b/common/rdr/InStream.h
|
|
||||||
@@ -43,12 +43,15 @@ namespace rdr {
|
|
||||||
|
|
||||||
inline size_t check(size_t itemSize, size_t nItems=1, bool wait=true)
|
|
||||||
{
|
|
||||||
- if (ptr + itemSize * nItems > end) {
|
|
||||||
- if (ptr + itemSize > end)
|
|
||||||
- return overrun(itemSize, nItems, wait);
|
|
||||||
+ size_t nAvail;
|
|
||||||
+
|
|
||||||
+ if (itemSize > (size_t)(end - ptr))
|
|
||||||
+ return overrun(itemSize, nItems, wait);
|
|
||||||
+
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
- }
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -93,13 +96,12 @@ namespace rdr {
|
|
||||||
// readBytes() reads an exact number of bytes.
|
|
||||||
|
|
||||||
void readBytes(void* data, size_t length) {
|
|
||||||
- U8* dataPtr = (U8*)data;
|
|
||||||
- U8* dataEnd = dataPtr + length;
|
|
||||||
- while (dataPtr < dataEnd) {
|
|
||||||
- size_t n = check(1, dataEnd - dataPtr);
|
|
||||||
- memcpy(dataPtr, ptr, n);
|
|
||||||
+ while (length > 0) {
|
|
||||||
+ size_t n = check(1, length);
|
|
||||||
+ memcpy(data, ptr, n);
|
|
||||||
ptr += n;
|
|
||||||
- dataPtr += n;
|
|
||||||
+ data = (U8*)data + n;
|
|
||||||
+ length -= n;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/common/rdr/MemOutStream.h b/common/rdr/MemOutStream.h
|
|
||||||
index 4a815b3..b56bac3 100644
|
|
||||||
--- a/common/rdr/MemOutStream.h
|
|
||||||
+++ b/common/rdr/MemOutStream.h
|
|
||||||
@@ -23,6 +23,7 @@
|
|
||||||
#ifndef __RDR_MEMOUTSTREAM_H__
|
|
||||||
#define __RDR_MEMOUTSTREAM_H__
|
|
||||||
|
|
||||||
+#include <rdr/Exception.h>
|
|
||||||
#include <rdr/OutStream.h>
|
|
||||||
|
|
||||||
namespace rdr {
|
|
||||||
@@ -65,6 +66,9 @@ namespace rdr {
|
|
||||||
if (len < (size_t)(end - start) * 2)
|
|
||||||
len = (end - start) * 2;
|
|
||||||
|
|
||||||
+ if (len < (size_t)(end - start))
|
|
||||||
+ throw Exception("Overflow in MemOutStream::overrun()");
|
|
||||||
+
|
|
||||||
U8* newStart = new U8[len];
|
|
||||||
memcpy(newStart, start, ptr - start);
|
|
||||||
ptr = newStart + (ptr - start);
|
|
||||||
diff --git a/common/rdr/OutStream.h b/common/rdr/OutStream.h
|
|
||||||
index 11aafd2..0f60ccc 100644
|
|
||||||
--- a/common/rdr/OutStream.h
|
|
||||||
+++ b/common/rdr/OutStream.h
|
|
||||||
@@ -46,12 +46,15 @@ namespace rdr {
|
|
||||||
|
|
||||||
inline size_t check(size_t itemSize, size_t nItems=1)
|
|
||||||
{
|
|
||||||
- if (ptr + itemSize * nItems > end) {
|
|
||||||
- if (ptr + itemSize > end)
|
|
||||||
- return overrun(itemSize, nItems);
|
|
||||||
+ size_t nAvail;
|
|
||||||
+
|
|
||||||
+ if (itemSize > (size_t)(end - ptr))
|
|
||||||
+ return overrun(itemSize, nItems);
|
|
||||||
+
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
- }
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -91,13 +94,12 @@ namespace rdr {
|
|
||||||
// writeBytes() writes an exact number of bytes.
|
|
||||||
|
|
||||||
void writeBytes(const void* data, size_t length) {
|
|
||||||
- const U8* dataPtr = (const U8*)data;
|
|
||||||
- const U8* dataEnd = dataPtr + length;
|
|
||||||
- while (dataPtr < dataEnd) {
|
|
||||||
- size_t n = check(1, dataEnd - dataPtr);
|
|
||||||
- memcpy(ptr, dataPtr, n);
|
|
||||||
+ while (length > 0) {
|
|
||||||
+ size_t n = check(1, length);
|
|
||||||
+ memcpy(ptr, data, n);
|
|
||||||
ptr += n;
|
|
||||||
- dataPtr += n;
|
|
||||||
+ data = (U8*)data + n;
|
|
||||||
+ length -= n;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/common/rdr/RandomStream.cxx b/common/rdr/RandomStream.cxx
|
|
||||||
index 7681095..6c64ac5 100644
|
|
||||||
--- a/common/rdr/RandomStream.cxx
|
|
||||||
+++ b/common/rdr/RandomStream.cxx
|
|
||||||
@@ -123,8 +123,10 @@ size_t RandomStream::overrun(size_t itemSize, size_t nItems, bool wait) {
|
|
||||||
*(U8*)end++ = (int) (256.0*rand()/(RAND_MAX+1.0));
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
diff --git a/common/rdr/TLSInStream.cxx b/common/rdr/TLSInStream.cxx
|
|
||||||
index d0f9426..3e1172f 100644
|
|
||||||
--- a/common/rdr/TLSInStream.cxx
|
|
||||||
+++ b/common/rdr/TLSInStream.cxx
|
|
||||||
@@ -43,7 +43,7 @@ ssize_t TLSInStream::pull(gnutls_transport_ptr_t str, void* data, size_t size)
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (in->getend() - in->getptr() < (ptrdiff_t)size)
|
|
||||||
+ if ((size_t)(in->getend() - in->getptr()) < size)
|
|
||||||
size = in->getend() - in->getptr();
|
|
||||||
|
|
||||||
in->readBytes(data, size);
|
|
||||||
@@ -92,15 +92,17 @@ size_t TLSInStream::overrun(size_t itemSize, size_t nItems, bool wait)
|
|
||||||
end -= ptr - start;
|
|
||||||
ptr = start;
|
|
||||||
|
|
||||||
- while (end < start + itemSize) {
|
|
||||||
+ while ((size_t)(end - start) < itemSize) {
|
|
||||||
size_t n = readTLS((U8*) end, start + bufSize - end, wait);
|
|
||||||
if (!wait && n == 0)
|
|
||||||
return 0;
|
|
||||||
end += n;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
diff --git a/common/rdr/TLSOutStream.cxx b/common/rdr/TLSOutStream.cxx
|
|
||||||
index 30c456f..7d7c3b5 100644
|
|
||||||
--- a/common/rdr/TLSOutStream.cxx
|
|
||||||
+++ b/common/rdr/TLSOutStream.cxx
|
|
||||||
@@ -100,8 +100,10 @@ size_t TLSOutStream::overrun(size_t itemSize, size_t nItems)
|
|
||||||
|
|
||||||
flush();
|
|
||||||
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
diff --git a/common/rdr/ZlibInStream.cxx b/common/rdr/ZlibInStream.cxx
|
|
||||||
index e2f971c..9fcfaf6 100644
|
|
||||||
--- a/common/rdr/ZlibInStream.cxx
|
|
||||||
+++ b/common/rdr/ZlibInStream.cxx
|
|
||||||
@@ -113,8 +113,10 @@ size_t ZlibInStream::overrun(size_t itemSize, size_t nItems, bool wait)
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
||||||
diff --git a/common/rdr/ZlibOutStream.cxx b/common/rdr/ZlibOutStream.cxx
|
|
||||||
index 4e7ffd6..5e158bf 100644
|
|
||||||
--- a/common/rdr/ZlibOutStream.cxx
|
|
||||||
+++ b/common/rdr/ZlibOutStream.cxx
|
|
||||||
@@ -127,8 +127,10 @@ size_t ZlibOutStream::overrun(size_t itemSize, size_t nItems)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (itemSize * nItems > (size_t)(end - ptr))
|
|
||||||
- nItems = (end - ptr) / itemSize;
|
|
||||||
+ size_t nAvail;
|
|
||||||
+ nAvail = (end - ptr) / itemSize;
|
|
||||||
+ if (nAvail < nItems)
|
|
||||||
+ return nAvail;
|
|
||||||
|
|
||||||
return nItems;
|
|
||||||
}
|
|
@ -1,312 +0,0 @@
|
|||||||
diff --git a/common/network/TcpSocket.cxx b/common/network/TcpSocket.cxx
|
|
||||||
index 51d77c76..9e277cbb 100644
|
|
||||||
--- a/common/network/TcpSocket.cxx
|
|
||||||
+++ b/common/network/TcpSocket.cxx
|
|
||||||
@@ -736,7 +736,7 @@ char* TcpFilter::patternToStr(const TcpFilter::Pattern& p) {
|
|
||||||
buffer + 1, sizeof (buffer) - 2, NULL, 0, NI_NUMERICHOST);
|
|
||||||
strcat(buffer, "]");
|
|
||||||
addr.buf = rfb::strDup(buffer);
|
|
||||||
- } else if (p.address.u.sa.sa_family == AF_UNSPEC)
|
|
||||||
+ } else
|
|
||||||
addr.buf = rfb::strDup("");
|
|
||||||
|
|
||||||
char action;
|
|
||||||
diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx
|
|
||||||
index e1a31f78..d268202b 100644
|
|
||||||
--- a/common/rfb/CSecurityTLS.cxx
|
|
||||||
+++ b/common/rfb/CSecurityTLS.cxx
|
|
||||||
@@ -95,9 +95,9 @@ void CSecurityTLS::setDefaults()
|
|
||||||
delete [] homeDir;
|
|
||||||
|
|
||||||
if (!fileexists(caDefault.buf))
|
|
||||||
- X509CA.setDefaultStr(strdup(caDefault.buf));
|
|
||||||
+ X509CA.setDefaultStr(caDefault.buf);
|
|
||||||
if (!fileexists(crlDefault.buf))
|
|
||||||
- X509CRL.setDefaultStr(strdup(crlDefault.buf));
|
|
||||||
+ X509CRL.setDefaultStr(crlDefault.buf);
|
|
||||||
}
|
|
||||||
|
|
||||||
void CSecurityTLS::shutdown(bool needbye)
|
|
||||||
diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx
|
|
||||||
index 6d48b65c..6f72432a 100644
|
|
||||||
--- a/common/rfb/SSecurityPlain.cxx
|
|
||||||
+++ b/common/rfb/SSecurityPlain.cxx
|
|
||||||
@@ -41,7 +41,7 @@ StringParameter PasswordValidator::plainUsers
|
|
||||||
|
|
||||||
bool PasswordValidator::validUser(const char* username)
|
|
||||||
{
|
|
||||||
- CharArray users(strDup(plainUsers.getValueStr())), user;
|
|
||||||
+ CharArray users(plainUsers.getValueStr()), user;
|
|
||||||
|
|
||||||
while (users.buf) {
|
|
||||||
strSplit(users.buf, ',', &user.buf, &users.buf);
|
|
||||||
diff --git a/unix/tx/TXWindow.cxx b/unix/tx/TXWindow.cxx
|
|
||||||
index a6819179..6129840e 100644
|
|
||||||
--- a/unix/tx/TXWindow.cxx
|
|
||||||
+++ b/unix/tx/TXWindow.cxx
|
|
||||||
@@ -24,6 +24,7 @@
|
|
||||||
#include <list>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdlib.h>
|
|
||||||
+#include <vector>
|
|
||||||
#include <rfb/util.h>
|
|
||||||
|
|
||||||
std::list<TXWindow*> windows;
|
|
||||||
@@ -132,20 +133,20 @@ TXGlobalEventHandler* TXWindow::setGlobalEventHandler(TXGlobalEventHandler* h)
|
|
||||||
|
|
||||||
void TXWindow::getColours(Display* dpy, XColor* cols, int nCols)
|
|
||||||
{
|
|
||||||
- bool* got = new bool[nCols];
|
|
||||||
+ std::vector<bool> got;
|
|
||||||
+
|
|
||||||
bool failed = false;
|
|
||||||
int i;
|
|
||||||
for (i = 0; i < nCols; i++) {
|
|
||||||
if (XAllocColor(dpy, cmap, &cols[i])) {
|
|
||||||
- got[i] = true;
|
|
||||||
+ got.push_back(true);
|
|
||||||
} else {
|
|
||||||
- got[i] = false;
|
|
||||||
+ got.push_back(false);
|
|
||||||
failed = true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!failed) {
|
|
||||||
- delete [] got;
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -168,12 +169,13 @@ void TXWindow::getColours(Display* dpy, XColor* cols, int nCols)
|
|
||||||
int cmapSize = DisplayCells(dpy,DefaultScreen(dpy));
|
|
||||||
|
|
||||||
XColor* cm = new XColor[cmapSize];
|
|
||||||
- bool* shared = new bool[cmapSize];
|
|
||||||
- bool* usedAsNearest = new bool[cmapSize];
|
|
||||||
+ std::vector<bool> shared;
|
|
||||||
+ std::vector<bool> usedAsNearest;
|
|
||||||
|
|
||||||
for (i = 0; i < cmapSize; i++) {
|
|
||||||
cm[i].pixel = i;
|
|
||||||
- shared[i] = usedAsNearest[i] = false;
|
|
||||||
+ shared.push_back(false);
|
|
||||||
+ usedAsNearest.push_back(false);
|
|
||||||
}
|
|
||||||
|
|
||||||
XQueryColors(dpy, cmap, cm, cmapSize);
|
|
||||||
diff --git a/unix/vncpasswd/vncpasswd.cxx b/unix/vncpasswd/vncpasswd.cxx
|
|
||||||
index 8bd4e48e..3055223e 100644
|
|
||||||
--- a/unix/vncpasswd/vncpasswd.cxx
|
|
||||||
+++ b/unix/vncpasswd/vncpasswd.cxx
|
|
||||||
@@ -134,7 +134,7 @@ int main(int argc, char** argv)
|
|
||||||
} else if (argv[i][0] == '-') {
|
|
||||||
usage();
|
|
||||||
} else if (!fname) {
|
|
||||||
- fname = argv[i];
|
|
||||||
+ fname = strDup(argv[i]);
|
|
||||||
} else {
|
|
||||||
usage();
|
|
||||||
}
|
|
||||||
@@ -165,24 +165,37 @@ int main(int argc, char** argv)
|
|
||||||
FILE* fp = fopen(fname,"w");
|
|
||||||
if (!fp) {
|
|
||||||
fprintf(stderr,"Couldn't open %s for writing\n",fname);
|
|
||||||
+ delete [] fname;
|
|
||||||
+ delete obfuscated;
|
|
||||||
+ delete obfuscatedReadOnly;
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
chmod(fname, S_IRUSR|S_IWUSR);
|
|
||||||
|
|
||||||
if (fwrite(obfuscated->buf, obfuscated->length, 1, fp) != 1) {
|
|
||||||
fprintf(stderr,"Writing to %s failed\n",fname);
|
|
||||||
+ delete [] fname;
|
|
||||||
+ delete obfuscated;
|
|
||||||
+ delete obfuscatedReadOnly;
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
+ delete obfuscated;
|
|
||||||
+
|
|
||||||
if (obfuscatedReadOnly) {
|
|
||||||
if (fwrite(obfuscatedReadOnly->buf, obfuscatedReadOnly->length, 1, fp) != 1) {
|
|
||||||
fprintf(stderr,"Writing to %s failed\n",fname);
|
|
||||||
+ delete [] fname;
|
|
||||||
+ delete obfuscatedReadOnly;
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
fclose(fp);
|
|
||||||
|
|
||||||
+ delete [] fname;
|
|
||||||
+ delete obfuscatedReadOnly;
|
|
||||||
+
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
diff --git a/unix/xserver/hw/vnc/vncExtInit.cc b/unix/xserver/hw/vnc/vncExtInit.cc
|
|
||||||
index d6f6b742..7ca71d94 100644
|
|
||||||
--- a/unix/xserver/hw/vnc/vncExtInit.cc
|
|
||||||
+++ b/unix/xserver/hw/vnc/vncExtInit.cc
|
|
||||||
@@ -184,7 +184,7 @@ void vncExtensionInit(void)
|
|
||||||
listeners.push_back(new network::TcpListener(vncInetdSock));
|
|
||||||
vlog.info("inetd wait");
|
|
||||||
}
|
|
||||||
- } else if (rfbunixpath.getValueStr()[0] != '\0') {
|
|
||||||
+ } else if (((const char*)rfbunixpath)[0] != '\0') {
|
|
||||||
char path[PATH_MAX];
|
|
||||||
int mode = (int)rfbunixmode;
|
|
||||||
|
|
||||||
@@ -192,7 +192,7 @@ void vncExtensionInit(void)
|
|
||||||
strncpy(path, rfbunixpath, sizeof(path));
|
|
||||||
else
|
|
||||||
snprintf(path, sizeof(path), "%s.%d",
|
|
||||||
- rfbunixpath.getValueStr(), scr);
|
|
||||||
+ (const char*)rfbunixpath, scr);
|
|
||||||
path[sizeof(path)-1] = '\0';
|
|
||||||
|
|
||||||
listeners.push_back(new network::UnixListener(path, mode));
|
|
||||||
diff --git a/unix/xserver/hw/vnc/vncSelection.c b/unix/xserver/hw/vnc/vncSelection.c
|
|
||||||
index 51dfd9c6..4f3538d4 100644
|
|
||||||
--- a/unix/xserver/hw/vnc/vncSelection.c
|
|
||||||
+++ b/unix/xserver/hw/vnc/vncSelection.c
|
|
||||||
@@ -105,7 +105,7 @@ void vncClientCutText(const char* str, int len)
|
|
||||||
LOG_ERROR("Could not set PRIMARY selection");
|
|
||||||
}
|
|
||||||
|
|
||||||
- vncOwnSelection(xaCLIPBOARD);
|
|
||||||
+ rc = vncOwnSelection(xaCLIPBOARD);
|
|
||||||
if (rc != Success)
|
|
||||||
LOG_ERROR("Could not set CLIPBOARD selection");
|
|
||||||
}
|
|
||||||
diff --git a/unix/xserver/hw/vnc/xvnc.c b/unix/xserver/hw/vnc/xvnc.c
|
|
||||||
index 3b4d2f31..c845ebc4 100644
|
|
||||||
--- a/unix/xserver/hw/vnc/xvnc.c
|
|
||||||
+++ b/unix/xserver/hw/vnc/xvnc.c
|
|
||||||
@@ -766,10 +766,13 @@ vfbUninstallColormap(ColormapPtr pmap)
|
|
||||||
curpmap = (ColormapPtr) LookupIDByType(pmap->pScreen->defColormap,
|
|
||||||
RT_COLORMAP);
|
|
||||||
#else
|
|
||||||
- dixLookupResourceByType((void * *) &curpmap, pmap->pScreen->defColormap,
|
|
||||||
- RT_COLORMAP, serverClient, DixUnknownAccess);
|
|
||||||
+ int rc = dixLookupResourceByType((void * *) &curpmap, pmap->pScreen->defColormap,
|
|
||||||
+ RT_COLORMAP, serverClient, DixUnknownAccess);
|
|
||||||
+ if (rc != Success)
|
|
||||||
+ ErrorF("Failed to uninstall color map\n");
|
|
||||||
+ else
|
|
||||||
#endif
|
|
||||||
- (*pmap->pScreen->InstallColormap)(curpmap);
|
|
||||||
+ (*pmap->pScreen->InstallColormap)(curpmap);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
diff --git a/vncviewer/DesktopWindow.cxx b/vncviewer/DesktopWindow.cxx
|
|
||||||
index d070b648..1843485a 100644
|
|
||||||
--- a/vncviewer/DesktopWindow.cxx
|
|
||||||
+++ b/vncviewer/DesktopWindow.cxx
|
|
||||||
@@ -103,12 +103,12 @@ DesktopWindow::DesktopWindow(int w, int h, const char *name,
|
|
||||||
int geom_x = 0, geom_y = 0;
|
|
||||||
if (strcmp(geometry, "") != 0) {
|
|
||||||
int matched;
|
|
||||||
- matched = sscanf(geometry.getValueStr(), "+%d+%d", &geom_x, &geom_y);
|
|
||||||
+ matched = sscanf((const char*)geometry, "+%d+%d", &geom_x, &geom_y);
|
|
||||||
if (matched == 2) {
|
|
||||||
force_position(1);
|
|
||||||
} else {
|
|
||||||
int geom_w, geom_h;
|
|
||||||
- matched = sscanf(geometry.getValueStr(), "%dx%d+%d+%d", &geom_w, &geom_h, &geom_x, &geom_y);
|
|
||||||
+ matched = sscanf((const char*)geometry, "%dx%d+%d+%d", &geom_w, &geom_h, &geom_x, &geom_y);
|
|
||||||
switch (matched) {
|
|
||||||
case 4:
|
|
||||||
force_position(1);
|
|
||||||
diff --git a/vncviewer/OptionsDialog.cxx b/vncviewer/OptionsDialog.cxx
|
|
||||||
index b018c95b..62b5d9c5 100644
|
|
||||||
--- a/vncviewer/OptionsDialog.cxx
|
|
||||||
+++ b/vncviewer/OptionsDialog.cxx
|
|
||||||
@@ -282,7 +282,7 @@ void OptionsDialog::loadOptions(void)
|
|
||||||
/* Screen */
|
|
||||||
int width, height;
|
|
||||||
|
|
||||||
- if (sscanf(desktopSize.getValueStr(), "%dx%d", &width, &height) != 2) {
|
|
||||||
+ if (sscanf((const char*)desktopSize, "%dx%d", &width, &height) != 2) {
|
|
||||||
desktopSizeCheckbox->value(false);
|
|
||||||
desktopWidthInput->value("1024");
|
|
||||||
desktopHeightInput->value("768");
|
|
||||||
diff --git a/vncviewer/ServerDialog.cxx b/vncviewer/ServerDialog.cxx
|
|
||||||
index de67f87b..fec17896 100644
|
|
||||||
--- a/vncviewer/ServerDialog.cxx
|
|
||||||
+++ b/vncviewer/ServerDialog.cxx
|
|
||||||
@@ -150,7 +150,7 @@ void ServerDialog::handleLoad(Fl_Widget *widget, void *data)
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
- const char* filename = strdup(file_chooser->value());
|
|
||||||
+ const char* filename = file_chooser->value();
|
|
||||||
|
|
||||||
try {
|
|
||||||
dialog->serverName->value(loadViewerParameters(filename));
|
|
||||||
@@ -165,8 +165,8 @@ void ServerDialog::handleLoad(Fl_Widget *widget, void *data)
|
|
||||||
void ServerDialog::handleSaveAs(Fl_Widget *widget, void *data)
|
|
||||||
{
|
|
||||||
ServerDialog *dialog = (ServerDialog*)data;
|
|
||||||
- const char* servername = strdup(dialog->serverName->value());
|
|
||||||
- char* filename;
|
|
||||||
+ const char* servername = dialog->serverName->value();
|
|
||||||
+ const char* filename;
|
|
||||||
|
|
||||||
Fl_File_Chooser* file_chooser = new Fl_File_Chooser("", _("TigerVNC configuration (*.tigervnc)"),
|
|
||||||
2, _("Save the TigerVNC configuration to file"));
|
|
||||||
@@ -187,7 +187,7 @@ void ServerDialog::handleSaveAs(Fl_Widget *widget, void *data)
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
- filename = strdup(file_chooser->value());
|
|
||||||
+ filename = file_chooser->value();
|
|
||||||
|
|
||||||
FILE* f = fopen(filename, "r");
|
|
||||||
if (f) {
|
|
||||||
@@ -235,7 +235,7 @@ void ServerDialog::handleCancel(Fl_Widget *widget, void *data)
|
|
||||||
void ServerDialog::handleConnect(Fl_Widget *widget, void *data)
|
|
||||||
{
|
|
||||||
ServerDialog *dialog = (ServerDialog*)data;
|
|
||||||
- const char* servername = strdup(dialog->serverName->value());
|
|
||||||
+ const char* servername = dialog->serverName->value();
|
|
||||||
|
|
||||||
dialog->hide();
|
|
||||||
|
|
||||||
diff --git a/vncviewer/parameters.cxx b/vncviewer/parameters.cxx
|
|
||||||
index 51cce3d7..94cc1b05 100644
|
|
||||||
--- a/vncviewer/parameters.cxx
|
|
||||||
+++ b/vncviewer/parameters.cxx
|
|
||||||
@@ -499,6 +499,7 @@ void saveViewerParameters(const char *filename, const char *servername) {
|
|
||||||
}
|
|
||||||
|
|
||||||
snprintf(filepath, sizeof(filepath), "%sdefault.tigervnc", homeDir);
|
|
||||||
+ free(homeDir);
|
|
||||||
} else {
|
|
||||||
snprintf(filepath, sizeof(filepath), "%s", filename);
|
|
||||||
}
|
|
||||||
@@ -555,6 +556,7 @@ char* loadViewerParameters(const char *filename) {
|
|
||||||
"can't obtain home directory path."));
|
|
||||||
|
|
||||||
snprintf(filepath, sizeof(filepath), "%sdefault.tigervnc", homeDir);
|
|
||||||
+ free(homeDir);
|
|
||||||
} else {
|
|
||||||
snprintf(filepath, sizeof(filepath), "%s", filename);
|
|
||||||
}
|
|
||||||
diff --git a/vncviewer/vncviewer.cxx b/vncviewer/vncviewer.cxx
|
|
||||||
index f076565f..a9d4dfea 100644
|
|
||||||
--- a/vncviewer/vncviewer.cxx
|
|
||||||
+++ b/vncviewer/vncviewer.cxx
|
|
||||||
@@ -470,9 +470,9 @@ static int mktunnel()
|
|
||||||
int localPort = findFreeTcpPort();
|
|
||||||
int remotePort;
|
|
||||||
|
|
||||||
- gatewayHost = strDup(via.getValueStr());
|
|
||||||
if (interpretViaParam(remoteHost, &remotePort, localPort) != 0)
|
|
||||||
return 1;
|
|
||||||
+ gatewayHost = (const char*)via;
|
|
||||||
createTunnel(gatewayHost, remoteHost, remotePort, localPort);
|
|
||||||
|
|
||||||
return 0;
|
|
@ -1,526 +0,0 @@
|
|||||||
From 53f913a76196c7357d4858bfbf2c33caa9181bae Mon Sep 17 00:00:00 2001
|
|
||||||
From: Pierre Ossman <ossman@cendio.se>
|
|
||||||
Date: Tue, 10 Sep 2019 15:18:30 +0200
|
|
||||||
Subject: [PATCH] Encapsulate PixelBuffer internal details
|
|
||||||
|
|
||||||
Don't allow subclasses to just override dimensions or buffer details
|
|
||||||
directly and instead force them to go via methods. This allows us
|
|
||||||
to do sanity checks on the new values and catch bugs and attacks.
|
|
||||||
---
|
|
||||||
common/rfb/Cursor.cxx | 3 +-
|
|
||||||
common/rfb/EncodeManager.cxx | 5 +-
|
|
||||||
common/rfb/PixelBuffer.cxx | 103 ++++++++++++++++----------
|
|
||||||
common/rfb/PixelBuffer.h | 17 +++--
|
|
||||||
unix/x0vncserver/XPixelBuffer.cxx | 9 +--
|
|
||||||
unix/xserver/hw/vnc/XserverDesktop.cc | 24 +++---
|
|
||||||
unix/xserver/hw/vnc/XserverDesktop.h | 2 +-
|
|
||||||
vncviewer/PlatformPixelBuffer.cxx | 9 +--
|
|
||||||
win/rfb_win32/DIBSectionBuffer.cxx | 41 ++++------
|
|
||||||
9 files changed, 111 insertions(+), 102 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/common/rfb/Cursor.cxx b/common/rfb/Cursor.cxx
|
|
||||||
index 99df82d..7f3fc9a 100644
|
|
||||||
--- a/common/rfb/Cursor.cxx
|
|
||||||
+++ b/common/rfb/Cursor.cxx
|
|
||||||
@@ -271,8 +271,7 @@ void RenderedCursor::update(PixelBuffer* framebuffer,
|
|
||||||
assert(cursor);
|
|
||||||
|
|
||||||
format = framebuffer->getPF();
|
|
||||||
- width_ = framebuffer->width();
|
|
||||||
- height_ = framebuffer->height();
|
|
||||||
+ setSize(framebuffer->width(), framebuffer->height());
|
|
||||||
|
|
||||||
rawOffset = pos.subtract(cursor->hotspot());
|
|
||||||
clippedRect = Rect(0, 0, cursor->width(), cursor->height())
|
|
||||||
diff --git a/common/rfb/EncodeManager.cxx b/common/rfb/EncodeManager.cxx
|
|
||||||
index 0ce611e..11f31d3 100644
|
|
||||||
--- a/common/rfb/EncodeManager.cxx
|
|
||||||
+++ b/common/rfb/EncodeManager.cxx
|
|
||||||
@@ -979,11 +979,8 @@ void EncodeManager::OffsetPixelBuffer::update(const PixelFormat& pf,
|
|
||||||
int stride_)
|
|
||||||
{
|
|
||||||
format = pf;
|
|
||||||
- width_ = width;
|
|
||||||
- height_ = height;
|
|
||||||
// Forced cast. We never write anything though, so it should be safe.
|
|
||||||
- data = (rdr::U8*)data_;
|
|
||||||
- stride = stride_;
|
|
||||||
+ setBuffer(width, height, (rdr::U8*)data_, stride_);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Preprocessor generated, optimised methods
|
|
||||||
diff --git a/common/rfb/PixelBuffer.cxx b/common/rfb/PixelBuffer.cxx
|
|
||||||
index 007b6c8..ad58324 100644
|
|
||||||
--- a/common/rfb/PixelBuffer.cxx
|
|
||||||
+++ b/common/rfb/PixelBuffer.cxx
|
|
||||||
@@ -35,8 +35,14 @@ static LogWriter vlog("PixelBuffer");
|
|
||||||
// -=- Generic pixel buffer class
|
|
||||||
|
|
||||||
PixelBuffer::PixelBuffer(const PixelFormat& pf, int w, int h)
|
|
||||||
- : format(pf), width_(w), height_(h) {}
|
|
||||||
-PixelBuffer::PixelBuffer() : width_(0), height_(0) {}
|
|
||||||
+ : format(pf), width_(0), height_(0)
|
|
||||||
+{
|
|
||||||
+ setSize(w, h);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+PixelBuffer::PixelBuffer() : width_(0), height_(0)
|
|
||||||
+{
|
|
||||||
+}
|
|
||||||
|
|
||||||
PixelBuffer::~PixelBuffer() {}
|
|
||||||
|
|
||||||
@@ -53,7 +59,7 @@ PixelBuffer::getImage(void* imageBuf, const Rect& r, int outStride) const
|
|
||||||
if (!r.enclosed_by(getRect()))
|
|
||||||
throw rfb::Exception("Source rect %dx%d at %d,%d exceeds framebuffer %dx%d",
|
|
||||||
r.width(), r.height(),
|
|
||||||
- r.tl.x, r.tl.y, width_, height_);
|
|
||||||
+ r.tl.x, r.tl.y, width(), height());
|
|
||||||
|
|
||||||
data = getBuffer(r, &inStride);
|
|
||||||
|
|
||||||
@@ -89,7 +95,7 @@ void PixelBuffer::getImage(const PixelFormat& pf, void* imageBuf,
|
|
||||||
if (!r.enclosed_by(getRect()))
|
|
||||||
throw rfb::Exception("Source rect %dx%d at %d,%d exceeds framebuffer %dx%d",
|
|
||||||
r.width(), r.height(),
|
|
||||||
- r.tl.x, r.tl.y, width_, height_);
|
|
||||||
+ r.tl.x, r.tl.y, width(), height());
|
|
||||||
|
|
||||||
if (stride == 0)
|
|
||||||
stride = r.width();
|
|
||||||
@@ -100,6 +106,12 @@ void PixelBuffer::getImage(const PixelFormat& pf, void* imageBuf,
|
|
||||||
stride, srcStride);
|
|
||||||
}
|
|
||||||
|
|
||||||
+void PixelBuffer::setSize(int width, int height)
|
|
||||||
+{
|
|
||||||
+ width_ = width;
|
|
||||||
+ height_ = height;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
// -=- Modifiable generic pixel buffer class
|
|
||||||
|
|
||||||
ModifiablePixelBuffer::ModifiablePixelBuffer(const PixelFormat& pf,
|
|
||||||
@@ -124,7 +136,7 @@ void ModifiablePixelBuffer::fillRect(const Rect& r, const void* pix)
|
|
||||||
|
|
||||||
if (!r.enclosed_by(getRect()))
|
|
||||||
throw rfb::Exception("Destination rect %dx%d at %d,%d exceeds framebuffer %dx%d",
|
|
||||||
- r.width(), r.height(), r.tl.x, r.tl.y, width_, height_);
|
|
||||||
+ r.width(), r.height(), r.tl.x, r.tl.y, width(), height());
|
|
||||||
|
|
||||||
w = r.width();
|
|
||||||
h = r.height();
|
|
||||||
@@ -175,7 +187,7 @@ void ModifiablePixelBuffer::imageRect(const Rect& r,
|
|
||||||
if (!r.enclosed_by(getRect()))
|
|
||||||
throw rfb::Exception("Destination rect %dx%d at %d,%d exceeds framebuffer %dx%d",
|
|
||||||
r.width(), r.height(),
|
|
||||||
- r.tl.x, r.tl.y, width_, height_);
|
|
||||||
+ r.tl.x, r.tl.y, width(), height());
|
|
||||||
|
|
||||||
bytesPerPixel = getPF().bpp/8;
|
|
||||||
|
|
||||||
@@ -213,13 +225,13 @@ void ModifiablePixelBuffer::copyRect(const Rect &rect,
|
|
||||||
if (!drect.enclosed_by(getRect()))
|
|
||||||
throw rfb::Exception("Destination rect %dx%d at %d,%d exceeds framebuffer %dx%d",
|
|
||||||
drect.width(), drect.height(),
|
|
||||||
- drect.tl.x, drect.tl.y, width_, height_);
|
|
||||||
+ drect.tl.x, drect.tl.y, width(), height());
|
|
||||||
|
|
||||||
srect = drect.translate(move_by_delta.negate());
|
|
||||||
if (!srect.enclosed_by(getRect()))
|
|
||||||
throw rfb::Exception("Source rect %dx%d at %d,%d exceeds framebuffer %dx%d",
|
|
||||||
srect.width(), srect.height(),
|
|
||||||
- srect.tl.x, srect.tl.y, width_, height_);
|
|
||||||
+ srect.tl.x, srect.tl.y, width(), height());
|
|
||||||
|
|
||||||
srcData = getBuffer(srect, &srcStride);
|
|
||||||
dstData = getBufferRW(drect, &dstStride);
|
|
||||||
@@ -272,7 +284,7 @@ void ModifiablePixelBuffer::imageRect(const PixelFormat& pf, const Rect &dest,
|
|
||||||
if (!dest.enclosed_by(getRect()))
|
|
||||||
throw rfb::Exception("Destination rect %dx%d at %d,%d exceeds framebuffer %dx%d",
|
|
||||||
dest.width(), dest.height(),
|
|
||||||
- dest.tl.x, dest.tl.y, width_, height_);
|
|
||||||
+ dest.tl.x, dest.tl.y, width(), height());
|
|
||||||
|
|
||||||
if (stride == 0)
|
|
||||||
stride = dest.width();
|
|
||||||
@@ -301,7 +313,7 @@ rdr::U8* FullFramePixelBuffer::getBufferRW(const Rect& r, int* stride_)
|
|
||||||
if (!r.enclosed_by(getRect()))
|
|
||||||
throw rfb::Exception("Pixel buffer request %dx%d at %d,%d exceeds framebuffer %dx%d",
|
|
||||||
r.width(), r.height(),
|
|
||||||
- r.tl.x, r.tl.y, width_, height_);
|
|
||||||
+ r.tl.x, r.tl.y, width(), height());
|
|
||||||
|
|
||||||
*stride_ = stride;
|
|
||||||
return &data[(r.tl.x + (r.tl.y * stride)) * format.bpp/8];
|
|
||||||
@@ -316,55 +328,69 @@ const rdr::U8* FullFramePixelBuffer::getBuffer(const Rect& r, int* stride_) cons
|
|
||||||
if (!r.enclosed_by(getRect()))
|
|
||||||
throw rfb::Exception("Pixel buffer request %dx%d at %d,%d exceeds framebuffer %dx%d",
|
|
||||||
r.width(), r.height(),
|
|
||||||
- r.tl.x, r.tl.y, width_, height_);
|
|
||||||
+ r.tl.x, r.tl.y, width(), height());
|
|
||||||
|
|
||||||
*stride_ = stride;
|
|
||||||
return &data[(r.tl.x + (r.tl.y * stride)) * format.bpp/8];
|
|
||||||
}
|
|
||||||
|
|
||||||
+void FullFramePixelBuffer::setBuffer(int width, int height,
|
|
||||||
+ rdr::U8* data_, int stride_)
|
|
||||||
+{
|
|
||||||
+ ModifiablePixelBuffer::setSize(width, height);
|
|
||||||
+ stride = stride_;
|
|
||||||
+ data = data_;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+void FullFramePixelBuffer::setSize(int w, int h)
|
|
||||||
+{
|
|
||||||
+ // setBuffer() should be used
|
|
||||||
+ throw rfb::Exception("Invalid call to FullFramePixelBuffer::setSize()");
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
// -=- Managed pixel buffer class
|
|
||||||
// Automatically allocates enough space for the specified format & area
|
|
||||||
|
|
||||||
ManagedPixelBuffer::ManagedPixelBuffer()
|
|
||||||
- : datasize(0)
|
|
||||||
+ : data_(NULL), datasize(0)
|
|
||||||
{
|
|
||||||
- checkDataSize();
|
|
||||||
};
|
|
||||||
|
|
||||||
ManagedPixelBuffer::ManagedPixelBuffer(const PixelFormat& pf, int w, int h)
|
|
||||||
- : FullFramePixelBuffer(pf, w, h, NULL, w), datasize(0)
|
|
||||||
+ : FullFramePixelBuffer(pf, 0, 0, NULL, 0), data_(NULL), datasize(0)
|
|
||||||
{
|
|
||||||
- checkDataSize();
|
|
||||||
-};
|
|
||||||
+ setSize(w, h);
|
|
||||||
+}
|
|
||||||
|
|
||||||
-ManagedPixelBuffer::~ManagedPixelBuffer() {
|
|
||||||
- if (data) delete [] data;
|
|
||||||
-};
|
|
||||||
+ManagedPixelBuffer::~ManagedPixelBuffer()
|
|
||||||
+{
|
|
||||||
+ if (data_)
|
|
||||||
+ delete [] data_;
|
|
||||||
+}
|
|
||||||
|
|
||||||
+void ManagedPixelBuffer::setPF(const PixelFormat &pf)
|
|
||||||
+{
|
|
||||||
+ format = pf;
|
|
||||||
+ setSize(width(), height());
|
|
||||||
+}
|
|
||||||
|
|
||||||
-void
|
|
||||||
-ManagedPixelBuffer::setPF(const PixelFormat &pf) {
|
|
||||||
- format = pf; checkDataSize();
|
|
||||||
-};
|
|
||||||
-void
|
|
||||||
-ManagedPixelBuffer::setSize(int w, int h) {
|
|
||||||
- width_ = w; height_ = h; stride = w; checkDataSize();
|
|
||||||
-};
|
|
||||||
+void ManagedPixelBuffer::setSize(int w, int h)
|
|
||||||
+{
|
|
||||||
+ unsigned long new_datasize = w * h * (format.bpp/8);
|
|
||||||
|
|
||||||
+ new_datasize = w * h * (format.bpp/8);
|
|
||||||
|
|
||||||
-inline void
|
|
||||||
-ManagedPixelBuffer::checkDataSize() {
|
|
||||||
- unsigned long new_datasize = width_ * height_ * (format.bpp/8);
|
|
||||||
if (datasize < new_datasize) {
|
|
||||||
- if (data) {
|
|
||||||
- delete [] data;
|
|
||||||
- datasize = 0; data = 0;
|
|
||||||
+ if (data_) {
|
|
||||||
+ delete [] data_;
|
|
||||||
+ data_ = NULL;
|
|
||||||
+ datasize = 0;
|
|
||||||
}
|
|
||||||
if (new_datasize) {
|
|
||||||
- data = new U8[new_datasize];
|
|
||||||
- if (!data)
|
|
||||||
- throw Exception("rfb::ManagedPixelBuffer unable to allocate buffer");
|
|
||||||
+ data_ = new U8[new_datasize];
|
|
||||||
datasize = new_datasize;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
-};
|
|
||||||
+
|
|
||||||
+ setBuffer(w, h, data_, w);
|
|
||||||
+}
|
|
||||||
diff --git a/common/rfb/PixelBuffer.h b/common/rfb/PixelBuffer.h
|
|
||||||
index d89793f..3e4018f 100644
|
|
||||||
--- a/common/rfb/PixelBuffer.h
|
|
||||||
+++ b/common/rfb/PixelBuffer.h
|
|
||||||
@@ -90,7 +90,12 @@ namespace rfb {
|
|
||||||
|
|
||||||
protected:
|
|
||||||
PixelBuffer();
|
|
||||||
+ virtual void setSize(int width, int height);
|
|
||||||
+
|
|
||||||
+ protected:
|
|
||||||
PixelFormat format;
|
|
||||||
+
|
|
||||||
+ private:
|
|
||||||
int width_, height_;
|
|
||||||
};
|
|
||||||
|
|
||||||
@@ -154,7 +159,12 @@ namespace rfb {
|
|
||||||
|
|
||||||
protected:
|
|
||||||
FullFramePixelBuffer();
|
|
||||||
+ virtual void setBuffer(int width, int height, rdr::U8* data, int stride);
|
|
||||||
|
|
||||||
+ private:
|
|
||||||
+ virtual void setSize(int w, int h);
|
|
||||||
+
|
|
||||||
+ private:
|
|
||||||
rdr::U8* data;
|
|
||||||
int stride;
|
|
||||||
};
|
|
||||||
@@ -172,12 +182,9 @@ namespace rfb {
|
|
||||||
virtual void setPF(const PixelFormat &pf);
|
|
||||||
virtual void setSize(int w, int h);
|
|
||||||
|
|
||||||
- // Return the total number of bytes of pixel data in the buffer
|
|
||||||
- int dataLen() const { return width_ * height_ * (format.bpp/8); }
|
|
||||||
-
|
|
||||||
- protected:
|
|
||||||
+ private:
|
|
||||||
+ rdr::U8* data_; // Mirrors FullFramePixelBuffer::data
|
|
||||||
unsigned long datasize;
|
|
||||||
- void checkDataSize();
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
diff --git a/unix/x0vncserver/XPixelBuffer.cxx b/unix/x0vncserver/XPixelBuffer.cxx
|
|
||||||
index 4769b65..f0b0696 100644
|
|
||||||
--- a/unix/x0vncserver/XPixelBuffer.cxx
|
|
||||||
+++ b/unix/x0vncserver/XPixelBuffer.cxx
|
|
||||||
@@ -50,13 +50,8 @@ XPixelBuffer::XPixelBuffer(Display *dpy, ImageFactory &factory,
|
|
||||||
ffs(m_image->xim->blue_mask) - 1);
|
|
||||||
|
|
||||||
// Set up the remaining data of the parent class.
|
|
||||||
- width_ = rect.width();
|
|
||||||
- height_ = rect.height();
|
|
||||||
- data = (rdr::U8 *)m_image->xim->data;
|
|
||||||
-
|
|
||||||
- // Calculate the distance in pixels between two subsequent scan
|
|
||||||
- // lines of the framebuffer. This may differ from image width.
|
|
||||||
- stride = m_image->xim->bytes_per_line * 8 / m_image->xim->bits_per_pixel;
|
|
||||||
+ setBuffer(rect.width(), rect.height(), (rdr::U8 *)m_image->xim->data,
|
|
||||||
+ m_image->xim->bytes_per_line * 8 / m_image->xim->bits_per_pixel);
|
|
||||||
|
|
||||||
// Get initial screen image from the X display.
|
|
||||||
m_image->get(DefaultRootWindow(m_dpy), m_offsetLeft, m_offsetTop);
|
|
||||||
diff --git a/unix/xserver/hw/vnc/XserverDesktop.cc b/unix/xserver/hw/vnc/XserverDesktop.cc
|
|
||||||
index 4aac765..78df899 100644
|
|
||||||
--- a/unix/xserver/hw/vnc/XserverDesktop.cc
|
|
||||||
+++ b/unix/xserver/hw/vnc/XserverDesktop.cc
|
|
||||||
@@ -115,7 +115,7 @@ XserverDesktop::XserverDesktop(int screenIndex_,
|
|
||||||
: screenIndex(screenIndex_),
|
|
||||||
server(0), httpServer(0),
|
|
||||||
listeners(listeners_), httpListeners(httpListeners_),
|
|
||||||
- directFbptr(true),
|
|
||||||
+ shadowFramebuffer(NULL),
|
|
||||||
queryConnectId(0), queryConnectTimer(this)
|
|
||||||
{
|
|
||||||
format = pf;
|
|
||||||
@@ -152,8 +152,8 @@ XserverDesktop::~XserverDesktop()
|
|
||||||
delete httpListeners.back();
|
|
||||||
httpListeners.pop_back();
|
|
||||||
}
|
|
||||||
- if (!directFbptr)
|
|
||||||
- delete [] data;
|
|
||||||
+ if (shadowFramebuffer)
|
|
||||||
+ delete [] shadowFramebuffer;
|
|
||||||
delete httpServer;
|
|
||||||
delete server;
|
|
||||||
}
|
|
||||||
@@ -172,22 +172,18 @@ void XserverDesktop::setFramebuffer(int w, int h, void* fbptr, int stride_)
|
|
||||||
{
|
|
||||||
ScreenSet layout;
|
|
||||||
|
|
||||||
- width_ = w;
|
|
||||||
- height_ = h;
|
|
||||||
-
|
|
||||||
- if (!directFbptr) {
|
|
||||||
- delete [] data;
|
|
||||||
- directFbptr = true;
|
|
||||||
+ if (shadowFramebuffer) {
|
|
||||||
+ delete [] shadowFramebuffer;
|
|
||||||
+ shadowFramebuffer = NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!fbptr) {
|
|
||||||
- fbptr = new rdr::U8[w * h * (format.bpp/8)];
|
|
||||||
+ shadowFramebuffer = new rdr::U8[w * h * (format.bpp/8)];
|
|
||||||
+ fbptr = shadowFramebuffer;
|
|
||||||
stride_ = w;
|
|
||||||
- directFbptr = false;
|
|
||||||
}
|
|
||||||
|
|
||||||
- data = (rdr::U8*)fbptr;
|
|
||||||
- stride = stride_;
|
|
||||||
+ setBuffer(w, h, (rdr::U8*)fbptr, stride_);
|
|
||||||
|
|
||||||
vncSetGlueContext(screenIndex);
|
|
||||||
layout = ::computeScreenLayout(&outputIdMap);
|
|
||||||
@@ -569,7 +565,7 @@ unsigned int XserverDesktop::setScreenLayout(int fb_width, int fb_height,
|
|
||||||
|
|
||||||
void XserverDesktop::grabRegion(const rfb::Region& region)
|
|
||||||
{
|
|
||||||
- if (directFbptr)
|
|
||||||
+ if (shadowFramebuffer == NULL)
|
|
||||||
return;
|
|
||||||
|
|
||||||
std::vector<rfb::Rect> rects;
|
|
||||||
diff --git a/unix/xserver/hw/vnc/XserverDesktop.h b/unix/xserver/hw/vnc/XserverDesktop.h
|
|
||||||
index f866a4c..dc4fe60 100644
|
|
||||||
--- a/unix/xserver/hw/vnc/XserverDesktop.h
|
|
||||||
+++ b/unix/xserver/hw/vnc/XserverDesktop.h
|
|
||||||
@@ -124,7 +124,7 @@ private:
|
|
||||||
rfb::HTTPServer* httpServer;
|
|
||||||
std::list<network::SocketListener*> listeners;
|
|
||||||
std::list<network::SocketListener*> httpListeners;
|
|
||||||
- bool directFbptr;
|
|
||||||
+ rdr::U8* shadowFramebuffer;
|
|
||||||
|
|
||||||
uint32_t queryConnectId;
|
|
||||||
network::Socket* queryConnectSocket;
|
|
||||||
diff --git a/vncviewer/PlatformPixelBuffer.cxx b/vncviewer/PlatformPixelBuffer.cxx
|
|
||||||
index a2b506d..a218901 100644
|
|
||||||
--- a/vncviewer/PlatformPixelBuffer.cxx
|
|
||||||
+++ b/vncviewer/PlatformPixelBuffer.cxx
|
|
||||||
@@ -36,7 +36,7 @@ static rfb::LogWriter vlog("PlatformPixelBuffer");
|
|
||||||
PlatformPixelBuffer::PlatformPixelBuffer(int width, int height) :
|
|
||||||
FullFramePixelBuffer(rfb::PixelFormat(32, 24, false, true,
|
|
||||||
255, 255, 255, 16, 8, 0),
|
|
||||||
- width, height, 0, stride),
|
|
||||||
+ 0, 0, NULL, 0),
|
|
||||||
Surface(width, height)
|
|
||||||
#if !defined(WIN32) && !defined(__APPLE__)
|
|
||||||
, shminfo(NULL), xim(NULL)
|
|
||||||
@@ -56,11 +56,10 @@ PlatformPixelBuffer::PlatformPixelBuffer(int width, int height) :
|
|
||||||
vlog.debug("Using standard XImage");
|
|
||||||
}
|
|
||||||
|
|
||||||
- data = (rdr::U8*)xim->data;
|
|
||||||
- stride = xim->bytes_per_line / (getPF().bpp/8);
|
|
||||||
+ setBuffer(width, height, (rdr::U8*)xim->data,
|
|
||||||
+ xim->bytes_per_line / (getPF().bpp/8));
|
|
||||||
#else
|
|
||||||
- FullFramePixelBuffer::data = (rdr::U8*)Surface::data;
|
|
||||||
- stride = width;
|
|
||||||
+ setBuffer(width, height, (rdr::U8*)Surface::data, width);
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/win/rfb_win32/DIBSectionBuffer.cxx b/win/rfb_win32/DIBSectionBuffer.cxx
|
|
||||||
index e2b0d64..e00cf23 100644
|
|
||||||
--- a/win/rfb_win32/DIBSectionBuffer.cxx
|
|
||||||
+++ b/win/rfb_win32/DIBSectionBuffer.cxx
|
|
||||||
@@ -52,39 +52,28 @@ void DIBSectionBuffer::setPF(const PixelFormat& pf) {
|
|
||||||
if (!pf.trueColour)
|
|
||||||
throw rfb::Exception("palette format not supported");
|
|
||||||
format = pf;
|
|
||||||
- recreateBuffer();
|
|
||||||
+ setSize(width(), height());
|
|
||||||
}
|
|
||||||
|
|
||||||
-void DIBSectionBuffer::setSize(int w, int h) {
|
|
||||||
- if (width_ == w && height_ == h) {
|
|
||||||
- vlog.debug("size unchanged by setSize()");
|
|
||||||
- return;
|
|
||||||
- }
|
|
||||||
- width_ = w;
|
|
||||||
- height_ = h;
|
|
||||||
- recreateBuffer();
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
-
|
|
||||||
inline void initMaxAndShift(DWORD mask, int* max, int* shift) {
|
|
||||||
for ((*shift) = 0; (mask & 1) == 0; (*shift)++) mask >>= 1;
|
|
||||||
(*max) = (rdr::U16)mask;
|
|
||||||
}
|
|
||||||
|
|
||||||
-void DIBSectionBuffer::recreateBuffer() {
|
|
||||||
+void DIBSectionBuffer::setSize(int w, int h) {
|
|
||||||
HBITMAP new_bitmap = 0;
|
|
||||||
rdr::U8* new_data = 0;
|
|
||||||
|
|
||||||
- if (width_ && height_ && (format.depth != 0)) {
|
|
||||||
+ if (w && h && (format.depth != 0)) {
|
|
||||||
BitmapInfo bi;
|
|
||||||
memset(&bi, 0, sizeof(bi));
|
|
||||||
UINT iUsage = DIB_RGB_COLORS;
|
|
||||||
bi.bmiHeader.biSize = sizeof(BITMAPINFOHEADER);
|
|
||||||
bi.bmiHeader.biBitCount = format.bpp;
|
|
||||||
- bi.bmiHeader.biSizeImage = (format.bpp / 8) * width_ * height_;
|
|
||||||
+ bi.bmiHeader.biSizeImage = (format.bpp / 8) * w * h;
|
|
||||||
bi.bmiHeader.biPlanes = 1;
|
|
||||||
- bi.bmiHeader.biWidth = width_;
|
|
||||||
- bi.bmiHeader.biHeight = -height_;
|
|
||||||
+ bi.bmiHeader.biWidth = w;
|
|
||||||
+ bi.bmiHeader.biHeight = -h;
|
|
||||||
bi.bmiHeader.biCompression = (format.bpp > 8) ? BI_BITFIELDS : BI_RGB;
|
|
||||||
bi.mask.red = format.pixelFromRGB((rdr::U16)~0, 0, 0);
|
|
||||||
bi.mask.green = format.pixelFromRGB(0, (rdr::U16)~0, 0);
|
|
||||||
@@ -115,12 +104,12 @@ void DIBSectionBuffer::recreateBuffer() {
|
|
||||||
if (device) {
|
|
||||||
BitmapDC src_dev(device, bitmap);
|
|
||||||
BitmapDC dest_dev(device, new_bitmap);
|
|
||||||
- BitBlt(dest_dev, 0, 0, width_, height_, src_dev, 0, 0, SRCCOPY);
|
|
||||||
+ BitBlt(dest_dev, 0, 0, w, h, src_dev, 0, 0, SRCCOPY);
|
|
||||||
} else {
|
|
||||||
WindowDC wndDC(window);
|
|
||||||
BitmapDC src_dev(wndDC, bitmap);
|
|
||||||
BitmapDC dest_dev(wndDC, new_bitmap);
|
|
||||||
- BitBlt(dest_dev, 0, 0, width_, height_, src_dev, 0, 0, SRCCOPY);
|
|
||||||
+ BitBlt(dest_dev, 0, 0, w, h, src_dev, 0, 0, SRCCOPY);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -128,17 +117,17 @@ void DIBSectionBuffer::recreateBuffer() {
|
|
||||||
// Delete the old bitmap
|
|
||||||
DeleteObject(bitmap);
|
|
||||||
bitmap = 0;
|
|
||||||
- data = 0;
|
|
||||||
+ setBuffer(0, 0, NULL, 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (new_bitmap) {
|
|
||||||
int bpp, depth;
|
|
||||||
int redMax, greenMax, blueMax;
|
|
||||||
int redShift, greenShift, blueShift;
|
|
||||||
+ int new_stride;
|
|
||||||
|
|
||||||
// Set up the new bitmap
|
|
||||||
bitmap = new_bitmap;
|
|
||||||
- data = new_data;
|
|
||||||
|
|
||||||
// Determine the *actual* DIBSection format
|
|
||||||
DIBSECTION ds;
|
|
||||||
@@ -147,14 +136,16 @@ void DIBSectionBuffer::recreateBuffer() {
|
|
||||||
|
|
||||||
// Correct the "stride" of the DIB
|
|
||||||
// *** This code DWORD aligns each row - is that right???
|
|
||||||
- stride = width_;
|
|
||||||
- int bytesPerRow = stride * format.bpp/8;
|
|
||||||
+ new_stride = w;
|
|
||||||
+ int bytesPerRow = new_stride * format.bpp/8;
|
|
||||||
if (bytesPerRow % 4) {
|
|
||||||
bytesPerRow += 4 - (bytesPerRow % 4);
|
|
||||||
- stride = (bytesPerRow * 8) / format.bpp;
|
|
||||||
- vlog.info("adjusting DIB stride: %d to %d", width_, stride);
|
|
||||||
+ new_stride = (bytesPerRow * 8) / format.bpp;
|
|
||||||
+ vlog.info("adjusting DIB stride: %d to %d", w, new_stride);
|
|
||||||
}
|
|
||||||
|
|
||||||
+ setBuffer(w, h, new_data, new_stride);
|
|
||||||
+
|
|
||||||
// Calculate the PixelFormat for the DIB
|
|
||||||
bpp = depth = ds.dsBm.bmBitsPixel;
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
|||||||
diff --git a/unix/xserver/hw/vnc/InputXKB.c b/unix/xserver/hw/vnc/InputXKB.c
|
diff --git a/unix/xserver/hw/vnc/InputXKB.c b/unix/xserver/hw/vnc/InputXKB.c
|
||||||
index a9bd11d..7b54b43 100644
|
index f84a6e4..4eac939 100644
|
||||||
--- a/unix/xserver/hw/vnc/InputXKB.c
|
--- a/unix/xserver/hw/vnc/InputXKB.c
|
||||||
+++ b/unix/xserver/hw/vnc/InputXKB.c
|
+++ b/unix/xserver/hw/vnc/InputXKB.c
|
||||||
@@ -214,10 +214,7 @@ void vncPrepareInputDevices(void)
|
@@ -226,10 +226,7 @@ void vncPrepareInputDevices(void)
|
||||||
|
|
||||||
unsigned vncGetKeyboardState(void)
|
unsigned vncGetKeyboardState(void)
|
||||||
{
|
{
|
||||||
- DeviceIntPtr master;
|
- DeviceIntPtr master;
|
||||||
@ -12,75 +12,75 @@ index a9bd11d..7b54b43 100644
|
|||||||
- return XkbStateFieldFromRec(&master->key->xkbInfo->state);
|
- return XkbStateFieldFromRec(&master->key->xkbInfo->state);
|
||||||
+ return XkbStateFieldFromRec(&vncKeyboardDev->master->key->xkbInfo->state);
|
+ return XkbStateFieldFromRec(&vncKeyboardDev->master->key->xkbInfo->state);
|
||||||
}
|
}
|
||||||
|
|
||||||
unsigned vncGetLevelThreeMask(void)
|
unsigned vncGetLevelThreeMask(void)
|
||||||
@@ -238,7 +235,7 @@ unsigned vncGetLevelThreeMask(void)
|
@@ -250,7 +247,7 @@ unsigned vncGetLevelThreeMask(void)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
||||||
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
||||||
|
|
||||||
act = XkbKeyActionPtr(xkb, keycode, state);
|
act = XkbKeyActionPtr(xkb, keycode, state);
|
||||||
if (act == NULL)
|
if (act == NULL)
|
||||||
@@ -263,7 +260,7 @@ KeyCode vncPressShift(void)
|
@@ -275,7 +272,7 @@ KeyCode vncPressShift(void)
|
||||||
if (state & ShiftMask)
|
if (state & ShiftMask)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
||||||
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
||||||
for (key = xkb->min_key_code; key <= xkb->max_key_code; key++) {
|
for (key = xkb->min_key_code; key <= xkb->max_key_code; key++) {
|
||||||
XkbAction *act;
|
XkbAction *act;
|
||||||
unsigned char mask;
|
unsigned char mask;
|
||||||
@@ -303,7 +300,7 @@ size_t vncReleaseShift(KeyCode *keys, size_t maxKeys)
|
@@ -315,7 +312,7 @@ size_t vncReleaseShift(KeyCode *keys, size_t maxKeys)
|
||||||
|
|
||||||
count = 0;
|
count = 0;
|
||||||
|
|
||||||
- master = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT);
|
- master = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT);
|
||||||
+ master = vncKeyboardDev->master;
|
+ master = vncKeyboardDev->master;
|
||||||
xkb = master->key->xkbInfo->desc;
|
xkb = master->key->xkbInfo->desc;
|
||||||
for (key = xkb->min_key_code; key <= xkb->max_key_code; key++) {
|
for (key = xkb->min_key_code; key <= xkb->max_key_code; key++) {
|
||||||
XkbAction *act;
|
XkbAction *act;
|
||||||
@@ -359,7 +356,7 @@ KeyCode vncPressLevelThree(void)
|
@@ -371,7 +368,7 @@ KeyCode vncPressLevelThree(void)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
||||||
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
||||||
|
|
||||||
act = XkbKeyActionPtr(xkb, keycode, state);
|
act = XkbKeyActionPtr(xkb, keycode, state);
|
||||||
if (act == NULL)
|
if (act == NULL)
|
||||||
@@ -390,7 +387,7 @@ size_t vncReleaseLevelThree(KeyCode *keys, size_t maxKeys)
|
@@ -402,7 +399,7 @@ size_t vncReleaseLevelThree(KeyCode *keys, size_t maxKeys)
|
||||||
|
|
||||||
count = 0;
|
count = 0;
|
||||||
|
|
||||||
- master = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT);
|
- master = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT);
|
||||||
+ master = vncKeyboardDev->master;
|
+ master = vncKeyboardDev->master;
|
||||||
xkb = master->key->xkbInfo->desc;
|
xkb = master->key->xkbInfo->desc;
|
||||||
for (key = xkb->min_key_code; key <= xkb->max_key_code; key++) {
|
for (key = xkb->min_key_code; key <= xkb->max_key_code; key++) {
|
||||||
XkbAction *act;
|
XkbAction *act;
|
||||||
@@ -433,7 +430,7 @@ KeyCode vncKeysymToKeycode(KeySym keysym, unsigned state, unsigned *new_state)
|
@@ -447,7 +444,7 @@ KeyCode vncKeysymToKeycode(KeySym keysym, unsigned state, unsigned *new_state)
|
||||||
if (new_state != NULL)
|
|
||||||
*new_state = state;
|
*new_state = state;
|
||||||
|
|
||||||
|
fallback = 0;
|
||||||
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
||||||
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
||||||
for (key = xkb->min_key_code; key <= xkb->max_key_code; key++) {
|
for (key = xkb->min_key_code; key <= xkb->max_key_code; key++) {
|
||||||
unsigned int state_out;
|
unsigned int state_out;
|
||||||
KeySym dummy;
|
KeySym dummy;
|
||||||
@@ -511,7 +508,7 @@ int vncIsAffectedByNumLock(KeyCode keycode)
|
@@ -551,7 +548,7 @@ int vncIsAffectedByNumLock(KeyCode keycode)
|
||||||
if (numlock_keycode == 0)
|
if (numlock_keycode == 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
- xkb = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT)->key->xkbInfo->desc;
|
||||||
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
+ xkb = vncKeyboardDev->master->key->xkbInfo->desc;
|
||||||
|
|
||||||
act = XkbKeyActionPtr(xkb, numlock_keycode, state);
|
act = XkbKeyActionPtr(xkb, numlock_keycode, state);
|
||||||
if (act == NULL)
|
if (act == NULL)
|
||||||
@@ -545,7 +542,7 @@ KeyCode vncAddKeysym(KeySym keysym, unsigned state)
|
@@ -585,7 +582,7 @@ KeyCode vncAddKeysym(KeySym keysym, unsigned state)
|
||||||
KeySym *syms;
|
KeySym *syms;
|
||||||
KeySym upper, lower;
|
KeySym upper, lower;
|
||||||
|
|
||||||
- master = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT);
|
- master = GetMaster(vncKeyboardDev, KEYBOARD_OR_FLOAT);
|
||||||
+ master = vncKeyboardDev->master;
|
+ master = vncKeyboardDev->master;
|
||||||
xkb = master->key->xkbInfo->desc;
|
xkb = master->key->xkbInfo->desc;
|
||||||
|
@ -1,28 +0,0 @@
|
|||||||
diff --git a/unix/vncserver b/unix/vncserver
|
|
||||||
index 9e7a6ac..139f960 100755
|
|
||||||
--- a/unix/vncserver
|
|
||||||
+++ b/unix/vncserver
|
|
||||||
@@ -684,6 +684,7 @@ sub Usage
|
|
||||||
" [-geometry <width>x<height>]\n".
|
|
||||||
" [-pixelformat rgbNNN|bgrNNN]\n".
|
|
||||||
" [-fp <font-path>]\n".
|
|
||||||
+ " [-cc <visual>]\n".
|
|
||||||
" [-fg]\n".
|
|
||||||
" [-autokill]\n".
|
|
||||||
" [-noxstartup]\n".
|
|
||||||
diff --git a/vncviewer/vncviewer.cxx b/vncviewer/vncviewer.cxx
|
|
||||||
index f076565..05669a4 100644
|
|
||||||
--- a/vncviewer/vncviewer.cxx
|
|
||||||
+++ b/vncviewer/vncviewer.cxx
|
|
||||||
@@ -352,6 +352,11 @@ static void usage(const char *programName)
|
|
||||||
" %s [parameters] -listen [port] [parameters]\n"
|
|
||||||
" %s [parameters] [.tigervnc file]\n",
|
|
||||||
programName, programName, programName);
|
|
||||||
+ fprintf(stderr,"\n"
|
|
||||||
+ "Options:\n\n"
|
|
||||||
+ " -display Xdisplay - Specifies the X display for the viewer window\n"
|
|
||||||
+ " -geometry geometry - Standard X position and sizing specification.\n");
|
|
||||||
+
|
|
||||||
fprintf(stderr,"\n"
|
|
||||||
"Parameters can be turned on with -<param> or off with -<param>=0\n"
|
|
||||||
"Parameters which take a value can be specified as "
|
|
@ -1,13 +1,41 @@
|
|||||||
|
diff --git a/common/rfb/Password.cxx b/common/rfb/Password.cxx
|
||||||
|
index e4a508c..f555c57 100644
|
||||||
|
--- a/common/rfb/Password.cxx
|
||||||
|
+++ b/common/rfb/Password.cxx
|
||||||
|
@@ -55,7 +55,7 @@ PlainPasswd::~PlainPasswd() {
|
||||||
|
|
||||||
|
void PlainPasswd::replaceBuf(char* b) {
|
||||||
|
if (buf)
|
||||||
|
- memset(buf, 0, strlen(buf));
|
||||||
|
+ memset(buf, 0, length ? length : strlen(buf));
|
||||||
|
CharArray::replaceBuf(b);
|
||||||
|
}
|
||||||
|
|
||||||
diff --git a/common/rfb/util.h b/common/rfb/util.h
|
diff --git a/common/rfb/util.h b/common/rfb/util.h
|
||||||
index b678b89..9e59bd3 100644
|
index 3100f90..764692a 100644
|
||||||
--- a/common/rfb/util.h
|
--- a/common/rfb/util.h
|
||||||
+++ b/common/rfb/util.h
|
+++ b/common/rfb/util.h
|
||||||
@@ -50,7 +50,7 @@ namespace rfb {
|
@@ -51,16 +51,21 @@ namespace rfb {
|
||||||
CharArray() : buf(0) {}
|
CharArray() : buf(0) {}
|
||||||
CharArray(char* str) : buf(str) {} // note: assumes ownership
|
CharArray(char* str) : buf(str) {} // note: assumes ownership
|
||||||
CharArray(int len) {
|
CharArray(size_t len) {
|
||||||
- buf = new char[len];
|
+ length = len;
|
||||||
+ buf = new char[len]();
|
buf = new char[len]();
|
||||||
}
|
}
|
||||||
~CharArray() {
|
~CharArray() {
|
||||||
delete [] buf;
|
- delete [] buf;
|
||||||
|
+ if (buf) {
|
||||||
|
+ delete [] buf;
|
||||||
|
+ buf = nullptr;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
void format(const char *fmt, ...) __printf_attr(2, 3);
|
||||||
|
// Get the buffer pointer & clear it (i.e. caller takes ownership)
|
||||||
|
char* takeBuf() {char* tmp = buf; buf = 0; return tmp;}
|
||||||
|
- void replaceBuf(char* b) {delete [] buf; buf = b;}
|
||||||
|
+ void replaceBuf(char* b) {if (buf) delete [] buf; buf = b;}
|
||||||
|
char* buf;
|
||||||
|
+ size_t length = 0;
|
||||||
|
private:
|
||||||
|
CharArray(const CharArray&);
|
||||||
|
CharArray& operator=(const CharArray&);
|
||||||
|
@ -1,32 +0,0 @@
|
|||||||
diff --git a/common/rfb/PixelFormat.cxx b/common/rfb/PixelFormat.cxx
|
|
||||||
index 76051dc..a9d015d 100644
|
|
||||||
--- a/common/rfb/PixelFormat.cxx
|
|
||||||
+++ b/common/rfb/PixelFormat.cxx
|
|
||||||
@@ -75,7 +75,8 @@ PixelFormat::PixelFormat(int b, int d, bool e, bool t,
|
|
||||||
redMax(rm), greenMax(gm), blueMax(bm),
|
|
||||||
redShift(rs), greenShift(gs), blueShift(bs)
|
|
||||||
{
|
|
||||||
- assert(isSane());
|
|
||||||
+ if (!isSane())
|
|
||||||
+ throw Exception("invalid pixel format");
|
|
||||||
|
|
||||||
updateState();
|
|
||||||
}
|
|
||||||
@@ -672,8 +673,16 @@ bool PixelFormat::isSane(void)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
totalBits = bits(redMax) + bits(greenMax) + bits(blueMax);
|
|
||||||
- if (totalBits > bpp)
|
|
||||||
+ if (totalBits > depth)
|
|
||||||
+ return false;
|
|
||||||
+
|
|
||||||
+ if ((bits(redMax) + redShift) > bpp)
|
|
||||||
+ return false;
|
|
||||||
+ if ((bits(greenMax) + greenShift) > bpp)
|
|
||||||
return false;
|
|
||||||
+ if ((bits(blueMax) + blueShift) > bpp)
|
|
||||||
+ return false;
|
|
||||||
+
|
|
||||||
|
|
||||||
if (((redMax << redShift) & (greenMax << greenShift)) != 0)
|
|
||||||
return false;
|
|
@ -1,5 +1,18 @@
|
|||||||
|
From 0f1ded057dbf875e69a0d72418d95610db8fa6a3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Pierre Ossman <ossman@cendio.se>
|
||||||
|
Date: Mon, 30 Dec 2019 10:50:52 +0100
|
||||||
|
Subject: [PATCH] Provide correct dimensions for XShm setup
|
||||||
|
|
||||||
|
Since 53f913a we initialize the underlying PixelBuffer with 0x0
|
||||||
|
dimensions, which means we need to keep more explicit track of what
|
||||||
|
we are trying to allocate in the setup methods.
|
||||||
|
---
|
||||||
|
vncviewer/PlatformPixelBuffer.cxx | 6 +++---
|
||||||
|
vncviewer/PlatformPixelBuffer.h | 2 +-
|
||||||
|
2 files changed, 4 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
diff --git a/vncviewer/PlatformPixelBuffer.cxx b/vncviewer/PlatformPixelBuffer.cxx
|
diff --git a/vncviewer/PlatformPixelBuffer.cxx b/vncviewer/PlatformPixelBuffer.cxx
|
||||||
index 2b934c5..3d47163 100644
|
index 61f7b743b..59e51d596 100644
|
||||||
--- a/vncviewer/PlatformPixelBuffer.cxx
|
--- a/vncviewer/PlatformPixelBuffer.cxx
|
||||||
+++ b/vncviewer/PlatformPixelBuffer.cxx
|
+++ b/vncviewer/PlatformPixelBuffer.cxx
|
||||||
@@ -43,7 +43,7 @@ PlatformPixelBuffer::PlatformPixelBuffer(int width, int height) :
|
@@ -43,7 +43,7 @@ PlatformPixelBuffer::PlatformPixelBuffer(int width, int height) :
|
||||||
@ -11,7 +24,7 @@ index 2b934c5..3d47163 100644
|
|||||||
xim = XCreateImage(fl_display, CopyFromParent, 32,
|
xim = XCreateImage(fl_display, CopyFromParent, 32,
|
||||||
ZPixmap, 0, 0, width, height, 32, 0);
|
ZPixmap, 0, 0, width, height, 32, 0);
|
||||||
if (!xim)
|
if (!xim)
|
||||||
@@ -139,7 +139,7 @@ static int XShmAttachErrorHandler(Display *dpy, XErrorEvent *error)
|
@@ -136,7 +136,7 @@ static int XShmAttachErrorHandler(Display *dpy, XErrorEvent *error)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -20,7 +33,7 @@ index 2b934c5..3d47163 100644
|
|||||||
{
|
{
|
||||||
int major, minor;
|
int major, minor;
|
||||||
Bool pixmaps;
|
Bool pixmaps;
|
||||||
@@ -156,7 +156,7 @@ bool PlatformPixelBuffer::setupShm()
|
@@ -153,7 +153,7 @@ bool PlatformPixelBuffer::setupShm()
|
||||||
shminfo = new XShmSegmentInfo;
|
shminfo = new XShmSegmentInfo;
|
||||||
|
|
||||||
xim = XShmCreateImage(fl_display, CopyFromParent, 32,
|
xim = XShmCreateImage(fl_display, CopyFromParent, 32,
|
||||||
@ -30,10 +43,10 @@ index 2b934c5..3d47163 100644
|
|||||||
goto free_shminfo;
|
goto free_shminfo;
|
||||||
|
|
||||||
diff --git a/vncviewer/PlatformPixelBuffer.h b/vncviewer/PlatformPixelBuffer.h
|
diff --git a/vncviewer/PlatformPixelBuffer.h b/vncviewer/PlatformPixelBuffer.h
|
||||||
index f9038cd..ec439f6 100644
|
index f9038cd9c..ec439f64f 100644
|
||||||
--- a/vncviewer/PlatformPixelBuffer.h
|
--- a/vncviewer/PlatformPixelBuffer.h
|
||||||
+++ b/vncviewer/PlatformPixelBuffer.h
|
+++ b/vncviewer/PlatformPixelBuffer.h
|
||||||
@@ -53,7 +53,7 @@ protected:
|
@@ -53,7 +53,7 @@ class PlatformPixelBuffer: public rfb::FullFramePixelBuffer, public Surface {
|
||||||
|
|
||||||
#if !defined(WIN32) && !defined(__APPLE__)
|
#if !defined(WIN32) && !defined(__APPLE__)
|
||||||
protected:
|
protected:
|
||||||
|
26
SOURCES/tigervnc-remove-trailing-spaces-in-user-name.patch
Normal file
26
SOURCES/tigervnc-remove-trailing-spaces-in-user-name.patch
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
From 989491eb4b325f980e94d27e0ad1a7bee63b6ebd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jan Grulich <jgrulich@redhat.com>
|
||||||
|
Date: Fri, 3 Jul 2020 13:56:35 +0200
|
||||||
|
Subject: [PATCH] Remove trailing spaces in user name
|
||||||
|
|
||||||
|
It's quite easy to make a mistake and add an additional space when configuring
|
||||||
|
users in the vncserver.users config file. You will then get an error that the
|
||||||
|
user doesn't exist and it's hard to spot the mistake. Same applies for a space
|
||||||
|
before the display number.
|
||||||
|
---
|
||||||
|
unix/vncserver/vncsession-start.in | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/unix/vncserver/vncsession-start.in b/unix/vncserver/vncsession-start.in
|
||||||
|
index b20fcdd97..65ee0a81c 100644
|
||||||
|
--- a/unix/vncserver/vncsession-start.in
|
||||||
|
+++ b/unix/vncserver/vncsession-start.in
|
||||||
|
@@ -33,7 +33,7 @@ fi
|
||||||
|
|
||||||
|
DISPLAY="$1"
|
||||||
|
|
||||||
|
-USER=`grep "^${DISPLAY}=" "${USERSFILE}" 2>/dev/null | head -1 | cut -d = -f 2-`
|
||||||
|
+USER=`grep "^ *${DISPLAY}=" "${USERSFILE}" 2>/dev/null | head -1 | cut -d = -f 2- | sed 's/ *$//g'`
|
||||||
|
|
||||||
|
if [ -z "${USER}" ]; then
|
||||||
|
echo "No user configured for display ${DISPLAY}" >&2
|
@ -1,9 +0,0 @@
|
|||||||
diff -up tigervnc-1.3.0/unix/vncserver.shebang tigervnc-1.3.0/unix/vncserver
|
|
||||||
--- tigervnc-1.3.0/unix/vncserver.shebang 2013-07-24 12:22:34.962158378 +0100
|
|
||||||
+++ tigervnc-1.3.0/unix/vncserver 2013-07-24 12:22:41.593188190 +0100
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-#!/usr/bin/env perl
|
|
||||||
+#!/usr/bin/perl
|
|
||||||
#
|
|
||||||
# Copyright (C) 2009-2010 D. R. Commander. All Rights Reserved.
|
|
||||||
# Copyright (C) 2005-2006 Sun Microsystems, Inc. All Rights Reserved.
|
|
2176
SOURCES/tigervnc-systemd-support.patch
Normal file
2176
SOURCES/tigervnc-systemd-support.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -1,13 +0,0 @@
|
|||||||
diff --git a/unix/vncserver b/unix/vncserver
|
|
||||||
index bb4f2feb..68be032d 100755
|
|
||||||
--- a/unix/vncserver
|
|
||||||
+++ b/unix/vncserver
|
|
||||||
@@ -709,7 +709,7 @@ sub List
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
- exit 1;
|
|
||||||
+ exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
@ -1,40 +0,0 @@
|
|||||||
diff --git a/unix/vncserver b/unix/vncserver
|
|
||||||
index bb4f2feb..b038dd3b 100755
|
|
||||||
--- a/unix/vncserver
|
|
||||||
+++ b/unix/vncserver
|
|
||||||
@@ -58,27 +58,14 @@ $defaultXStartup
|
|
||||||
= ("#!/bin/sh\n\n".
|
|
||||||
"unset SESSION_MANAGER\n".
|
|
||||||
"unset DBUS_SESSION_BUS_ADDRESS\n".
|
|
||||||
- "OS=`uname -s`\n".
|
|
||||||
- "if [ \$OS = 'Linux' ]; then\n".
|
|
||||||
- " case \"\$WINDOWMANAGER\" in\n".
|
|
||||||
- " \*gnome\*)\n".
|
|
||||||
- " if [ -e /etc/SuSE-release ]; then\n".
|
|
||||||
- " PATH=\$PATH:/opt/gnome/bin\n".
|
|
||||||
- " export PATH\n".
|
|
||||||
- " fi\n".
|
|
||||||
- " ;;\n".
|
|
||||||
- " esac\n".
|
|
||||||
- "fi\n".
|
|
||||||
- "if [ -x /etc/X11/xinit/xinitrc ]; then\n".
|
|
||||||
- " exec /etc/X11/xinit/xinitrc\n".
|
|
||||||
- "fi\n".
|
|
||||||
- "if [ -f /etc/X11/xinit/xinitrc ]; then\n".
|
|
||||||
- " exec sh /etc/X11/xinit/xinitrc\n".
|
|
||||||
- "fi\n".
|
|
||||||
- "[ -r \$HOME/.Xresources ] && xrdb \$HOME/.Xresources\n".
|
|
||||||
- "xsetroot -solid grey\n".
|
|
||||||
- "xterm -geometry 80x24+10+10 -ls -title \"\$VNCDESKTOP Desktop\" &\n".
|
|
||||||
- "twm &\n");
|
|
||||||
+ "/etc/X11/xinit/xinitrc\n".
|
|
||||||
+ "# Assume either Gnome will be started by default when installed\n".
|
|
||||||
+ "# We want to kill the session automatically in this case when user logs out. In case you modify\n".
|
|
||||||
+ "# /etc/X11/xinit/Xclients or ~/.Xclients yourself to achieve a different result, then you should\n".
|
|
||||||
+ "# be responsible to modify below code to avoid that your session will be automatically killed\n".
|
|
||||||
+ "if [ -e /usr/bin/gnome-session ]; then\n".
|
|
||||||
+ " vncserver -kill \$DISPLAY\n".
|
|
||||||
+ "fi\n");
|
|
||||||
|
|
||||||
$defaultConfig
|
|
||||||
= ("## Supported server options to pass to vncserver upon invocation can be listed\n".
|
|
@ -1,45 +0,0 @@
|
|||||||
# The vncserver service unit file
|
|
||||||
#
|
|
||||||
# Quick HowTo:
|
|
||||||
# 1. Copy this file to /etc/systemd/system/vncserver@.service
|
|
||||||
# 2. Replace <USER> with the actual user name and edit vncserver
|
|
||||||
# parameters in the wrapper script located in /usr/bin/vncserver_wrapper
|
|
||||||
# 3. Run `systemctl daemon-reload`
|
|
||||||
# 4. Run `systemctl enable vncserver@:<display>.service`
|
|
||||||
#
|
|
||||||
# DO NOT RUN THIS SERVICE if your local area network is
|
|
||||||
# untrusted! For a secure way of using VNC, you should
|
|
||||||
# limit connections to the local host and then tunnel from
|
|
||||||
# the machine you want to view VNC on (host A) to the machine
|
|
||||||
# whose VNC output you want to view (host B)
|
|
||||||
#
|
|
||||||
# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
|
|
||||||
#
|
|
||||||
# this will open a connection on port 590N of your hostA to hostB's port 590M
|
|
||||||
# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
|
|
||||||
# See the ssh man page for details on port forwarding)
|
|
||||||
#
|
|
||||||
# You can then point a VNC client on hostA at vncdisplay N of localhost and with
|
|
||||||
# the help of ssh, you end up seeing what hostB makes available on port 590M
|
|
||||||
#
|
|
||||||
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
|
|
||||||
#
|
|
||||||
# Use "-localhost" to prevent remote VNC clients connecting except when
|
|
||||||
# doing so through a secure tunnel. See the "-via" option in the
|
|
||||||
# `man vncviewer' manual page.
|
|
||||||
|
|
||||||
|
|
||||||
[Unit]
|
|
||||||
Description=Remote desktop service (VNC)
|
|
||||||
After=syslog.target network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
|
|
||||||
# Clean any existing files in /tmp/.X11-unix environment
|
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
|
|
||||||
ExecStart=/usr/bin/vncserver_wrapper <USER> %i
|
|
||||||
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,59 +0,0 @@
|
|||||||
# The vncserver service unit file
|
|
||||||
#
|
|
||||||
# Quick HowTo: As the User wanting to have this functionality
|
|
||||||
#
|
|
||||||
# 1. Copy this file to ~/.config/systemd/user/ (Optional, in case default settings are not suitable)
|
|
||||||
#
|
|
||||||
# $ mkdir -p ~/.config/systemd/user
|
|
||||||
# $ cp /usr/lib/systemd/user/vncserver@.service ~/.config/systemd/user/
|
|
||||||
#
|
|
||||||
# 2. Reload user's systemd
|
|
||||||
#
|
|
||||||
# $ systemctl --user daemon-reload
|
|
||||||
#
|
|
||||||
# 3. Start the service immediately and enable it at boot
|
|
||||||
#
|
|
||||||
# $ systemctl --user enable vncserver@:<display>.service --now
|
|
||||||
#
|
|
||||||
# 4. Enable lingering
|
|
||||||
#
|
|
||||||
# $ loginctl enable-linger
|
|
||||||
#
|
|
||||||
# DO NOT RUN THIS SERVICE if your local area network is
|
|
||||||
# untrusted! For a secure way of using VNC, you should
|
|
||||||
# limit connections to the local host and then tunnel from
|
|
||||||
# the machine you want to view VNC on (host A) to the machine
|
|
||||||
# whose VNC output you want to view (host B)
|
|
||||||
#
|
|
||||||
# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
|
|
||||||
#
|
|
||||||
# this will open a connection on port 590N of your hostA to hostB's port 590M
|
|
||||||
# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
|
|
||||||
# See the ssh man page for details on port forwarding)
|
|
||||||
#
|
|
||||||
# You can then point a VNC client on hostA at vncdisplay N of localhost and with
|
|
||||||
# the help of ssh, you end up seeing what hostB makes available on port 590M
|
|
||||||
#
|
|
||||||
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
|
|
||||||
#
|
|
||||||
# Use "-localhost" to prevent remote VNC clients connecting except when
|
|
||||||
# doing so through a secure tunnel. See the "-via" option in the
|
|
||||||
# `man vncviewer' manual page.
|
|
||||||
|
|
||||||
|
|
||||||
[Unit]
|
|
||||||
Description=Remote desktop service (VNC)
|
|
||||||
After=syslog.target network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=forking
|
|
||||||
|
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
|
|
||||||
ExecStart=/usr/bin/vncserver %i
|
|
||||||
ExecStop=/usr/bin/vncserver -kill %i
|
|
||||||
|
|
||||||
Restart=on-success
|
|
||||||
RestartSec=15
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=default.target
|
|
@ -1 +0,0 @@
|
|||||||
# THIS FILE HAS BEEN REPLACED BY /lib/systemd/system/vncserver@.service
|
|
@ -1,42 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
|
|
||||||
USER="$1"
|
|
||||||
INSTANCE="$2"
|
|
||||||
|
|
||||||
die() {
|
|
||||||
echo "FATAL: ${@:-}" >&2
|
|
||||||
exit 2
|
|
||||||
}
|
|
||||||
|
|
||||||
cleanup() {
|
|
||||||
[ -n "$VNCPID" ] || return
|
|
||||||
if kill -0 $VNCPID 2>/dev/null; then
|
|
||||||
kill $VNCPID
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
trap cleanup TERM INT HUP
|
|
||||||
|
|
||||||
[ -n "$USER" -a -n "$INSTANCE" ] || die "Invalid usage!"
|
|
||||||
|
|
||||||
/usr/sbin/runuser -l "$USER" -c "/usr/bin/vncserver ${INSTANCE}"
|
|
||||||
[ $? -eq 0 ] || die "'runuser -l $USER' failed!"
|
|
||||||
|
|
||||||
# Wait up to 5 seconds for vncserver to be up
|
|
||||||
for tries in $(seq 1 50); do
|
|
||||||
[ -e "~$USER/.vnc/$(hostname)${INSTANCE}.pid" ] && break
|
|
||||||
sleep 0.1
|
|
||||||
done
|
|
||||||
|
|
||||||
eval HOME=~$USER
|
|
||||||
|
|
||||||
VNCPID=$(cat "$HOME/.vnc/$(hostname)${INSTANCE}.pid" 2>/dev/null || true)
|
|
||||||
[ -n "$VNCPID" ] || die "'vncserver ${INSTANCE}' failed to start after 5 seconds!"
|
|
||||||
|
|
||||||
echo "'vncserver ${INSTANCE}' has PID $VNCPID, waiting until it exits ..."
|
|
||||||
|
|
||||||
while kill -0 $VNCPID 2>/dev/null; do
|
|
||||||
sleep 5
|
|
||||||
done
|
|
||||||
|
|
||||||
echo "PID $VNCPID exited, exiting ..."
|
|
@ -1,6 +1,6 @@
|
|||||||
Name: tigervnc
|
Name: tigervnc
|
||||||
Version: 1.9.0
|
Version: 1.10.1
|
||||||
Release: 15%{?dist}
|
Release: 7%{?dist}
|
||||||
Summary: A TigerVNC remote display system
|
Summary: A TigerVNC remote display system
|
||||||
|
|
||||||
%global _hardened_build 1
|
%global _hardened_build 1
|
||||||
@ -9,41 +9,24 @@ License: GPLv2+
|
|||||||
URL: http://www.tigervnc.com
|
URL: http://www.tigervnc.com
|
||||||
|
|
||||||
Source0: %{name}-%{version}.tar.gz
|
Source0: %{name}-%{version}.tar.gz
|
||||||
Source1: vncserver-system.service
|
Source1: xvnc.service
|
||||||
Source2: vncserver-user.service
|
Source2: xvnc.socket
|
||||||
Source3: vncserver.sysconfig
|
Source3: 10-libvnc.conf
|
||||||
Source4: 10-libvnc.conf
|
Source4: HOWTO.md
|
||||||
Source5: xvnc.service
|
|
||||||
Source6: xvnc.socket
|
|
||||||
Source7: vncserver_wrapper
|
|
||||||
|
|
||||||
Patch1: tigervnc-manpages.patch
|
|
||||||
Patch2: tigervnc-getmaster.patch
|
Patch2: tigervnc-getmaster.patch
|
||||||
Patch3: tigervnc-shebang.patch
|
|
||||||
Patch4: tigervnc-xstartup.patch
|
|
||||||
Patch5: tigervnc-cursor.patch
|
Patch5: tigervnc-cursor.patch
|
||||||
Patch6: tigervnc-1.3.1-CVE-2014-8240.patch
|
Patch6: tigervnc-1.3.1-CVE-2014-8240.patch
|
||||||
Patch7: tigervnc-1.3.1-do-not-die-when-port-is-already-taken.patch
|
|
||||||
Patch8: tigervnc-let-user-know-about-not-using-view-only-password.patch
|
Patch8: tigervnc-let-user-know-about-not-using-view-only-password.patch
|
||||||
Patch9: tigervnc-working-tls-on-fips-systems.patch
|
Patch9: tigervnc-working-tls-on-fips-systems.patch
|
||||||
Patch11: tigervnc-utilize-system-crypto-policies.patch
|
Patch11: tigervnc-utilize-system-crypto-policies.patch
|
||||||
Patch12: tigervnc-passwd-crash-with-malloc-checks.patch
|
Patch12: tigervnc-passwd-crash-with-malloc-checks.patch
|
||||||
Patch13: tigervnc-vncserver-do-not-return-returncode-indicating-error.patch
|
Patch13: 0001-xserver-add-no-op-input-thread-init-function.patch
|
||||||
|
|
||||||
Patch14: tigervnc-provide-correct-dimensions-for-xshm-setup.patch
|
Patch14: tigervnc-provide-correct-dimensions-for-xshm-setup.patch
|
||||||
|
|
||||||
Patch50: tigervnc-covscan.patch
|
# Upstream patches
|
||||||
|
Patch50: tigervnc-systemd-support.patch
|
||||||
# Security fixes
|
Patch51: tigervnc-remove-trailing-spaces-in-user-name.patch
|
||||||
Patch200: tigervnc-CVE-2019-15691.patch
|
|
||||||
Patch201: tigervnc-encapsulate-pixelbuffer-internal-details.patch
|
|
||||||
Patch202: tigervnc-CVE-2019-15692.patch
|
|
||||||
Patch203: tigervnc-add-write-protection-to-offsetpixelbuffer.patch
|
|
||||||
Patch204: tigervnc-CVE-2019-15693.patch
|
|
||||||
Patch205: tigervnc-pixelformat-sanity-checks.patch
|
|
||||||
Patch206: tigervnc-CVE-2019-15694.patch
|
|
||||||
Patch207: tigervnc-be-defensive-about-overflows-in-stream-objects.patch
|
|
||||||
Patch208: tigervnc-CVE-2019-15695.patch
|
|
||||||
|
|
||||||
# This is tigervnc-%%{version}/unix/xserver116.patch rebased on the latest xorg
|
# This is tigervnc-%%{version}/unix/xserver116.patch rebased on the latest xorg
|
||||||
Patch100: tigervnc-xserver120.patch
|
Patch100: tigervnc-xserver120.patch
|
||||||
@ -55,12 +38,11 @@ BuildRequires: libX11-devel, automake, autoconf, libtool, gettext, gettext-auto
|
|||||||
BuildRequires: libXext-devel, xorg-x11-server-source, libXi-devel
|
BuildRequires: libXext-devel, xorg-x11-server-source, libXi-devel
|
||||||
BuildRequires: xorg-x11-xtrans-devel, xorg-x11-util-macros, libXtst-devel
|
BuildRequires: xorg-x11-xtrans-devel, xorg-x11-util-macros, libXtst-devel
|
||||||
BuildRequires: libxkbfile-devel, openssl-devel, libpciaccess-devel
|
BuildRequires: libxkbfile-devel, openssl-devel, libpciaccess-devel
|
||||||
BuildRequires: mesa-libGL-devel, libXinerama-devel
|
BuildRequires: mesa-libGL-devel, libXinerama-devel, xorg-x11-font-utils
|
||||||
BuildRequires: freetype-devel, libXdmcp-devel, libxshmfence-devel
|
BuildRequires: freetype-devel, libXdmcp-devel, libxshmfence-devel
|
||||||
BuildRequires: desktop-file-utils, java-devel, jpackage-utils
|
|
||||||
BuildRequires: libjpeg-turbo-devel, gnutls-devel, pam-devel
|
BuildRequires: libjpeg-turbo-devel, gnutls-devel, pam-devel
|
||||||
BuildRequires: libdrm-devel, libXt-devel, pixman-devel
|
BuildRequires: libdrm-devel, libXt-devel, pixman-devel
|
||||||
BuildRequires: systemd, cmake
|
BuildRequires: systemd, cmake, desktop-file-utils, selinux-policy-devel
|
||||||
%if 0%{?fedora} > 24 || 0%{?rhel} >= 7
|
%if 0%{?fedora} > 24 || 0%{?rhel} >= 7
|
||||||
BuildRequires: libXfont2-devel
|
BuildRequires: libXfont2-devel
|
||||||
%else
|
%else
|
||||||
@ -70,9 +52,7 @@ BuildRequires: libXfont-devel
|
|||||||
# TigerVNC 1.4.x requires fltk 1.3.3 for keyboard handling support
|
# TigerVNC 1.4.x requires fltk 1.3.3 for keyboard handling support
|
||||||
# See https://github.com/TigerVNC/tigervnc/issues/8, also bug #1208814
|
# See https://github.com/TigerVNC/tigervnc/issues/8, also bug #1208814
|
||||||
BuildRequires: fltk-devel >= 1.3.3
|
BuildRequires: fltk-devel >= 1.3.3
|
||||||
%ifnarch s390 s390x
|
|
||||||
BuildRequires: xorg-x11-server-devel
|
BuildRequires: xorg-x11-server-devel
|
||||||
%endif
|
|
||||||
|
|
||||||
Requires(post): coreutils
|
Requires(post): coreutils
|
||||||
Requires(postun):coreutils
|
Requires(postun):coreutils
|
||||||
@ -92,7 +72,8 @@ server.
|
|||||||
%package server
|
%package server
|
||||||
Summary: A TigerVNC server
|
Summary: A TigerVNC server
|
||||||
Requires: perl-interpreter
|
Requires: perl-interpreter
|
||||||
Requires: tigervnc-server-minimal
|
Requires: tigervnc-server-minimal = %{version}-%{release}
|
||||||
|
Requires: tigervnc-selinux = %{version}-%{release}
|
||||||
Requires: xorg-x11-xauth
|
Requires: xorg-x11-xauth
|
||||||
Requires: xorg-x11-xinit
|
Requires: xorg-x11-xinit
|
||||||
Requires(post): systemd
|
Requires(post): systemd
|
||||||
@ -113,7 +94,7 @@ Requires(post): chkconfig
|
|||||||
Requires(preun):chkconfig
|
Requires(preun):chkconfig
|
||||||
|
|
||||||
Requires: mesa-dri-drivers, xkeyboard-config, xorg-x11-xkb-utils
|
Requires: mesa-dri-drivers, xkeyboard-config, xorg-x11-xkb-utils
|
||||||
Requires: tigervnc-license
|
Requires: tigervnc-license, dbus-x11
|
||||||
|
|
||||||
%description server-minimal
|
%description server-minimal
|
||||||
The VNC system allows you to access the same desktop from a wide
|
The VNC system allows you to access the same desktop from a wide
|
||||||
@ -121,7 +102,6 @@ variety of platforms. This package contains minimal installation
|
|||||||
of TigerVNC server, allowing others to access the desktop on your
|
of TigerVNC server, allowing others to access the desktop on your
|
||||||
machine.
|
machine.
|
||||||
|
|
||||||
%ifnarch s390 s390x
|
|
||||||
%package server-module
|
%package server-module
|
||||||
Summary: TigerVNC module to Xorg
|
Summary: TigerVNC module to Xorg
|
||||||
Requires: xorg-x11-server-Xorg %(xserver-sdk-abi-requires ansic) %(xserver-sdk-abi-requires videodrv)
|
Requires: xorg-x11-server-Xorg %(xserver-sdk-abi-requires ansic) %(xserver-sdk-abi-requires videodrv)
|
||||||
@ -130,16 +110,6 @@ Requires: tigervnc-license
|
|||||||
%description server-module
|
%description server-module
|
||||||
This package contains libvnc.so module to X server, allowing others
|
This package contains libvnc.so module to X server, allowing others
|
||||||
to access the desktop on your machine.
|
to access the desktop on your machine.
|
||||||
%endif
|
|
||||||
|
|
||||||
%package server-applet
|
|
||||||
Summary: Java TigerVNC viewer applet for TigerVNC server
|
|
||||||
Requires: tigervnc-server, java, jpackage-utils
|
|
||||||
BuildArch: noarch
|
|
||||||
|
|
||||||
%description server-applet
|
|
||||||
The Java TigerVNC viewer applet for web browsers. Install this package to allow
|
|
||||||
clients to use web browser when connect to the TigerVNC server.
|
|
||||||
|
|
||||||
%package license
|
%package license
|
||||||
Summary: License of TigerVNC suite
|
Summary: License of TigerVNC suite
|
||||||
@ -155,6 +125,18 @@ BuildArch: noarch
|
|||||||
%description icons
|
%description icons
|
||||||
This package contains icons for TigerVNC viewer
|
This package contains icons for TigerVNC viewer
|
||||||
|
|
||||||
|
%package selinux
|
||||||
|
Summary: SELinux module for TigerVNC
|
||||||
|
BuildArch: noarch
|
||||||
|
Requires(pre): libselinux-utils
|
||||||
|
Requires(post): selinux-policy >= %{_selinux_policy_version}
|
||||||
|
Requires(post): policycoreutils
|
||||||
|
Requires(post): libselinux-utils
|
||||||
|
|
||||||
|
%description selinux
|
||||||
|
This package provides the SELinux policy module to ensure TigerVNC
|
||||||
|
runs properly under an environment with SELinux enabled.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
|
||||||
@ -167,19 +149,9 @@ done
|
|||||||
%patch101 -p1 -b .rpath
|
%patch101 -p1 -b .rpath
|
||||||
popd
|
popd
|
||||||
|
|
||||||
# Synchronise manpages and --help output (bug #980870).
|
|
||||||
%patch1 -p1 -b .manpages
|
|
||||||
|
|
||||||
# libvnc.so: don't use unexported GetMaster function (bug #744881 again).
|
# libvnc.so: don't use unexported GetMaster function (bug #744881 again).
|
||||||
%patch2 -p1 -b .getmaster
|
%patch2 -p1 -b .getmaster
|
||||||
|
|
||||||
# Don't use shebang in vncserver script.
|
|
||||||
%patch3 -p1 -b .shebang
|
|
||||||
|
|
||||||
# Clearer xstartup file (bug #923655).
|
|
||||||
# Bug 1665876 - Tigervnc not starting on RHEL 7.6 server without -noxstartup option
|
|
||||||
%patch4 -p1 -b .xstartup
|
|
||||||
|
|
||||||
# Fixed viewer crash when cursor has not been set (bug #1051333).
|
# Fixed viewer crash when cursor has not been set (bug #1051333).
|
||||||
%patch5 -p1 -b .cursor
|
%patch5 -p1 -b .cursor
|
||||||
|
|
||||||
@ -187,9 +159,6 @@ popd
|
|||||||
# buffer overflow in screen size handling
|
# buffer overflow in screen size handling
|
||||||
%patch6 -p1 -b .tigervnc-1.3.1-CVE-2014-8240
|
%patch6 -p1 -b .tigervnc-1.3.1-CVE-2014-8240
|
||||||
|
|
||||||
# Bug 1322155 - Xorg socket conflict for VNC port 5901
|
|
||||||
%patch7 -p1 -b .do-not-die-when-port-is-already-taken
|
|
||||||
|
|
||||||
# Bug 1447555 - view-only accepts enter, unclear whether default password is generated or not
|
# Bug 1447555 - view-only accepts enter, unclear whether default password is generated or not
|
||||||
%patch8 -p1 -b .let-user-know-about-not-using-view-only-password
|
%patch8 -p1 -b .let-user-know-about-not-using-view-only-password
|
||||||
|
|
||||||
@ -201,22 +170,20 @@ popd
|
|||||||
|
|
||||||
%patch12 -p1 -b .passwd-crash-with-malloc-checks
|
%patch12 -p1 -b .passwd-crash-with-malloc-checks
|
||||||
|
|
||||||
%patch13 -p1 -b .vncserver-do-not-return-returncode-indicating-error
|
%patch13 -p1 -b .xserver-add-no-op-input-thread-init-function.
|
||||||
|
|
||||||
%patch50 -p1 -b .tigervnc-covscan
|
%patch14 -p1 -b .provide-correct-dimensions-for-xshm-setup
|
||||||
|
|
||||||
# Security fixes
|
# HACK make sure we are able to successfuly apply a patch. This is because we will
|
||||||
%patch200 -p1 -b .CVE-2019-15691
|
# be creating a directory under name which already exists as a file and it also seems
|
||||||
%patch201 -p1 -b .encapsulate-pixelbuffer-internal-details
|
# to be not possible to create a directory with a patch
|
||||||
%patch202 -p1 -b .CVE-2019-15692
|
pushd unix
|
||||||
%patch203 -p1 -b .add-write-protection-to-offsetpixelbuffer
|
rm vncserver
|
||||||
%patch204 -p1 -b .CVE-2019-15693
|
mkdir vncserver
|
||||||
%patch205 -p1 -b .pixelformat-sanity-checks
|
popd
|
||||||
%patch206 -p1 -b .CVE-2019-15694
|
|
||||||
%patch207 -p1 -b .be-defensive-about-overflows-in-stream-objects
|
|
||||||
%patch208 -p1 -b .CVE-2019-15695
|
|
||||||
|
|
||||||
%patch14 -p1 -b .tigervnc-provide-correct-dimensions-for-xshm-setup
|
%patch50 -p1 -b .tigervnc-systemd-support
|
||||||
|
%patch51 -p1 -b .remove-trailing-spaces-in-user-name
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%ifarch sparcv9 sparc64 s390 s390x
|
%ifarch sparcv9 sparc64 s390 s390x
|
||||||
@ -256,34 +223,27 @@ pushd media
|
|||||||
make
|
make
|
||||||
popd
|
popd
|
||||||
|
|
||||||
# Build Java applet
|
# SELinux
|
||||||
pushd java
|
pushd unix/vncserver/selinux
|
||||||
%{cmake} .
|
make
|
||||||
JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF8" make
|
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
|
||||||
%install
|
%install
|
||||||
%make_install
|
%make_install
|
||||||
rm -f %{buildroot}%{_docdir}/%{name}-%{version}/{README.rst,LICENCE.TXT}
|
|
||||||
|
|
||||||
pushd unix/xserver/hw/vnc
|
pushd unix/xserver/hw/vnc
|
||||||
make install DESTDIR=%{buildroot}
|
make install DESTDIR=%{buildroot}
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
pushd unix/vncserver/selinux
|
||||||
|
make install DESTDIR=%{buildroot}
|
||||||
|
popd
|
||||||
|
|
||||||
|
|
||||||
# Install systemd unit file
|
# Install systemd unit file
|
||||||
mkdir -p %{buildroot}%{_unitdir}
|
install -m644 %{SOURCE1} %{buildroot}%{_unitdir}/xvnc@.service
|
||||||
mkdir -p %{buildroot}%{_userunitdir}
|
install -m644 %{SOURCE2} %{buildroot}%{_unitdir}/xvnc.socket
|
||||||
install -m644 %{SOURCE1} %{buildroot}%{_unitdir}/vncserver@.service
|
|
||||||
install -m644 %{SOURCE2} %{buildroot}%{_userunitdir}/vncserver@.service
|
|
||||||
install -m644 %{SOURCE5} %{buildroot}%{_unitdir}/xvnc@.service
|
|
||||||
install -m644 %{SOURCE6} %{buildroot}%{_unitdir}/xvnc.socket
|
|
||||||
rm -rf %{buildroot}%{_initrddir}
|
|
||||||
|
|
||||||
# Install vncserver wrapper script
|
|
||||||
install -m744 %{SOURCE7} %{buildroot}%{_bindir}/vncserver_wrapper
|
|
||||||
|
|
||||||
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
|
|
||||||
install -m644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/vncservers
|
|
||||||
|
|
||||||
# Install desktop stuff
|
# Install desktop stuff
|
||||||
mkdir -p %{buildroot}%{_datadir}/icons/hicolor/{16x16,24x24,48x48}/apps
|
mkdir -p %{buildroot}%{_datadir}/icons/hicolor/{16x16,24x24,48x48}/apps
|
||||||
@ -294,41 +254,54 @@ install -m644 tigervnc_$s.png %{buildroot}%{_datadir}/icons/hicolor/${s}x$s/apps
|
|||||||
done
|
done
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
# Install a replacement for /usr/bin/vncserver which will tell the user to read the
|
||||||
# Install Java applet
|
# HOWTO.md file
|
||||||
pushd java
|
cat <<EOF > %{buildroot}/%{_bindir}/vncserver
|
||||||
mkdir -p %{buildroot}%{_datadir}/vnc/classes
|
#!/bin/bash
|
||||||
install -m755 VncViewer.jar %{buildroot}%{_datadir}/vnc/classes
|
echo "vncserver has been replaced by a systemd unit."
|
||||||
install -m644 com/tigervnc/vncviewer/index.vnc %{buildroot}%{_datadir}/vnc/classes
|
echo "Please read /usr/share/doc/tigervnc/HOWTO.md for more information."
|
||||||
popd
|
EOF
|
||||||
|
chmod +x %{buildroot}/%{_bindir}/vncserver
|
||||||
|
|
||||||
%find_lang %{name} %{name}.lang
|
%find_lang %{name} %{name}.lang
|
||||||
|
|
||||||
# remove unwanted files
|
# remove unwanted files
|
||||||
rm -f %{buildroot}%{_libdir}/xorg/modules/extensions/libvnc.la
|
rm -f %{buildroot}%{_libdir}/xorg/modules/extensions/libvnc.la
|
||||||
|
|
||||||
%ifarch s390 s390x
|
|
||||||
rm -f %{buildroot}%{_libdir}/xorg/modules/extensions/libvnc.so
|
|
||||||
%else
|
|
||||||
mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/
|
mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/
|
||||||
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
|
install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
|
||||||
%endif
|
|
||||||
|
install -m 644 %{SOURCE4} %{buildroot}/%{_docdir}/tigervnc/HOWTO.md
|
||||||
|
|
||||||
%post server
|
%post server
|
||||||
%systemd_post vncserver.service
|
|
||||||
%systemd_post xvnc.service
|
%systemd_post xvnc.service
|
||||||
%systemd_post xvnc.socket
|
%systemd_post xvnc.socket
|
||||||
|
|
||||||
%preun server
|
%preun server
|
||||||
%systemd_preun vncserver.service
|
|
||||||
%systemd_preun xvnc.service
|
%systemd_preun xvnc.service
|
||||||
%systemd_preun xvnc.socket
|
%systemd_preun xvnc.socket
|
||||||
|
|
||||||
%postun server
|
%postun server
|
||||||
%systemd_postun vncserver.service
|
|
||||||
%systemd_postun xvnc.service
|
%systemd_postun xvnc.service
|
||||||
%systemd_postun xvnc.socket
|
%systemd_postun xvnc.socket
|
||||||
|
|
||||||
|
%pre selinux
|
||||||
|
%selinux_relabel_pre
|
||||||
|
|
||||||
|
%post selinux
|
||||||
|
%selinux_modules_install %{_datadir}/selinux/packages/vncsession.pp
|
||||||
|
%selinux_relabel_post
|
||||||
|
|
||||||
|
%posttrans selinux
|
||||||
|
%selinux_relabel_post
|
||||||
|
|
||||||
|
%postun selinux
|
||||||
|
%selinux_modules_uninstall vncsession
|
||||||
|
if [ $1 -eq 0 ]; then
|
||||||
|
%selinux_relabel_post
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
%files -f %{name}.lang
|
%files -f %{name}.lang
|
||||||
%doc README.rst
|
%doc README.rst
|
||||||
%{_bindir}/vncviewer
|
%{_bindir}/vncviewer
|
||||||
@ -336,16 +309,22 @@ install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.c
|
|||||||
%{_mandir}/man1/vncviewer.1*
|
%{_mandir}/man1/vncviewer.1*
|
||||||
|
|
||||||
%files server
|
%files server
|
||||||
%config(noreplace) %{_sysconfdir}/sysconfig/vncservers
|
%config(noreplace) %{_sysconfdir}/pam.d/tigervnc
|
||||||
%{_userunitdir}/vncserver@.service
|
%config(noreplace) %{_sysconfdir}/tigervnc/vncserver-config-defaults
|
||||||
|
%config(noreplace) %{_sysconfdir}/tigervnc/vncserver-config-mandatory
|
||||||
|
%config(noreplace) %{_sysconfdir}/tigervnc/vncserver.users
|
||||||
%{_unitdir}/vncserver@.service
|
%{_unitdir}/vncserver@.service
|
||||||
%{_unitdir}/xvnc@.service
|
%{_unitdir}/xvnc@.service
|
||||||
%{_unitdir}/xvnc.socket
|
%{_unitdir}/xvnc.socket
|
||||||
%{_bindir}/x0vncserver
|
%{_bindir}/x0vncserver
|
||||||
%{_bindir}/vncserver
|
%{_bindir}/vncserver
|
||||||
%{_bindir}/vncserver_wrapper
|
%{_sbindir}/vncsession
|
||||||
%{_mandir}/man1/vncserver.1*
|
%{_libexecdir}/vncserver
|
||||||
|
%{_libexecdir}/vncsession-start
|
||||||
%{_mandir}/man1/x0vncserver.1*
|
%{_mandir}/man1/x0vncserver.1*
|
||||||
|
%{_mandir}/man8/vncserver.8*
|
||||||
|
%{_mandir}/man8/vncsession.8*
|
||||||
|
%{_docdir}/tigervnc/HOWTO.md
|
||||||
|
|
||||||
%files server-minimal
|
%files server-minimal
|
||||||
%{_bindir}/vncconfig
|
%{_bindir}/vncconfig
|
||||||
@ -355,62 +334,64 @@ install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.c
|
|||||||
%{_mandir}/man1/vncpasswd.1*
|
%{_mandir}/man1/vncpasswd.1*
|
||||||
%{_mandir}/man1/vncconfig.1*
|
%{_mandir}/man1/vncconfig.1*
|
||||||
|
|
||||||
%ifnarch s390 s390x
|
|
||||||
%files server-module
|
%files server-module
|
||||||
%{_libdir}/xorg/modules/extensions/libvnc.so
|
%{_libdir}/xorg/modules/extensions/libvnc.so
|
||||||
%config %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
|
%config %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
|
||||||
%endif
|
|
||||||
|
|
||||||
%files server-applet
|
|
||||||
%doc java/com/tigervnc/vncviewer/README
|
|
||||||
%{_datadir}/vnc/classes/*
|
|
||||||
|
|
||||||
%files license
|
%files license
|
||||||
%license LICENCE.TXT
|
%{_docdir}/tigervnc/LICENCE.TXT
|
||||||
|
|
||||||
%files icons
|
%files icons
|
||||||
%{_datadir}/icons/hicolor/*/apps/*
|
%{_datadir}/icons/hicolor/*/apps/*
|
||||||
|
|
||||||
|
%files selinux
|
||||||
|
%{_datadir}/selinux/packages/vncsession.pp
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Thu Apr 22 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-15
|
* Wed Jul 08 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-7
|
||||||
- Bump build version
|
- Enable server module on s390x
|
||||||
Resolves: bz#1819877
|
Resolves: bz#1854925
|
||||||
Resolves: bz#1819879
|
|
||||||
Resolves: bz#1819882
|
|
||||||
Resolves: bz#1819886
|
|
||||||
Resolves: bz#1819884
|
|
||||||
|
|
||||||
* Thu Apr 09 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-14
|
* Fri Jul 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-6
|
||||||
- Bump build version
|
- Remove trailing spaces in user name
|
||||||
Resolves: bz#1819877
|
Resolves: bz#1852432
|
||||||
Resolves: bz#1819879
|
|
||||||
Resolves: bz#1819882
|
|
||||||
Resolves: bz#1819886
|
|
||||||
Resolves: bz#1819884
|
|
||||||
|
|
||||||
* Wed Apr 08 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-13
|
* Thu Jun 25 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-5
|
||||||
- Fix stack buffer overflow in CMsgReader::readSetCursor
|
- Install the HOWTO file to correct location
|
||||||
Resolves: bz#1819877
|
- Add /usr/bin/vncserver file informing users to read the HOWTO.md file
|
||||||
|
Resolves: bz#1790443
|
||||||
|
|
||||||
- Fix heap buffer overflow in DecodeManager::decodeRect
|
* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-4
|
||||||
Resolves: bz#1819879
|
- Improve SELinux policy
|
||||||
|
Resolves: bz#1790443
|
||||||
|
|
||||||
- Fix heap buffer overflow in TightDecoder::FilterGradient
|
* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-3
|
||||||
Resolves: bz#1819882
|
- Add a HOWTO.md file with instructions how to start VNC server
|
||||||
|
Resolves: bz#1790443
|
||||||
|
|
||||||
- Fix heap-based buffer overflow triggered from CopyRectDecoder
|
* Tue May 26 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-2
|
||||||
Resolves: bz#1819886
|
- Make the systemd service run also for root user
|
||||||
|
Resolves: bz#1790443
|
||||||
|
|
||||||
- Fix stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder
|
* Mon Apr 27 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-1
|
||||||
Resolves: bz#1819884
|
- Update to 1.10.1
|
||||||
|
Resolves: bz#1806992
|
||||||
|
|
||||||
* Tue Jan 28 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-12
|
- Add proper systemd support
|
||||||
- Fix installation of 10-libvnc.conf file
|
Resolves: bz#1790443
|
||||||
Resolves: bz#1795168
|
|
||||||
|
|
||||||
* Mon Jan 27 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-11
|
* Tue Jan 28 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-13
|
||||||
|
- Bump build because of z-stream
|
||||||
|
Resolves: bz#1671714
|
||||||
|
|
||||||
|
* Wed Dec 11 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-12
|
||||||
|
- Fix installation of systemd files
|
||||||
|
Resolves: bz#1671714
|
||||||
|
|
||||||
|
* Wed Nov 20 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-11
|
||||||
- Use wrapper script to workaround systemd issues
|
- Use wrapper script to workaround systemd issues
|
||||||
Resolves: bz#1795168
|
Resolves: bz#1671714
|
||||||
|
|
||||||
* Fri Jul 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-10
|
* Fri Jul 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-10
|
||||||
- Do not return returncode indicating error when running "vncserver -list"
|
- Do not return returncode indicating error when running "vncserver -list"
|
||||||
|
Loading…
Reference in New Issue
Block a user