rpms/tigervnc
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Do not crash passwd when using malloc perturb checks

Browse Source 
Resolves: bz#1631483
This commit is contained in:
Jan Grulich 2018-09-25 11:44:29 +02:00
parent 9c672c186e
commit cdb07f6fa9
2 changed files with 49 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
tigervnc-passwd-crash-with-malloc-checks.patch Normal file
View File

@ -0,0 +1,41 @@
diff --git a/common/rfb/Password.cxx b/common/rfb/Password.cxx
index 240c9d4..cf9362e 100644
--- a/common/rfb/Password.cxx
+++ b/common/rfb/Password.cxx
@@ -55,7 +55,7 @@ PlainPasswd::~PlainPasswd() {
void PlainPasswd::replaceBuf(char* b) {
if (buf)
- memset(buf, 0, strlen(buf));
+ memset(buf, 0, length ? length : strlen(buf));
CharArray::replaceBuf(b);
}
diff --git a/common/rfb/util.h b/common/rfb/util.h
index b678b89..fffe322 100644
--- a/common/rfb/util.h
+++ b/common/rfb/util.h
@@ -50,16 +50,21 @@ namespace rfb {
CharArray() : buf(0) {}
CharArray(char* str) : buf(str) {} // note: assumes ownership
CharArray(int len) {
+ length = len;
buf = new char[len];
}
~CharArray() {
- delete [] buf;
+ if (buf) {
+ delete [] buf;
+ buf = nullptr;
+ }
}
void format(const char *fmt, ...) __printf_attr(2, 3);
// Get the buffer pointer & clear it (i.e. caller takes ownership)
char* takeBuf() {char* tmp = buf; buf = 0; return tmp;}
- void replaceBuf(char* b) {delete [] buf; buf = b;}
+ void replaceBuf(char* b) {if (buf) delete [] buf; buf = b;}
char* buf;
+ int length = 0;
private:
CharArray(const CharArray&);
CharArray& operator=(const CharArray&);

9
tigervnc.spec
View File

@ -1,6 +1,6 @@
Name: tigervnc Name: tigervnc
Version: 1.9.0 Version: 1.9.0
Release: 2%{?dist} Release: 3%{?dist}
Summary: A TigerVNC remote display system Summary: A TigerVNC remote display system
%global _hardened_build 1 %global _hardened_build 1
@ -21,6 +21,7 @@ Patch3: tigervnc-shebang.patch
Patch4: tigervnc-xstartup.patch Patch4: tigervnc-xstartup.patch
Patch5: tigervnc-utilize-system-crypto-policies.patch Patch5: tigervnc-utilize-system-crypto-policies.patch
Patch6: tigervnc-ignore-buttons-in-mouse-leave-event.patch Patch6: tigervnc-ignore-buttons-in-mouse-leave-event.patch
Patch7: tigervnc-passwd-crash-with-malloc-checks.patch
Patch100: tigervnc-xserver120.patch Patch100: tigervnc-xserver120.patch
@ -159,6 +160,8 @@ popd
%patch6 -p1 -b .ignore-buttons-in-mouse-leave-event %patch6 -p1 -b .ignore-buttons-in-mouse-leave-event
%patch7 -p1 -b .tigervnc-passwd-crash-with-malloc-checks
%build %build
%ifarch sparcv9 sparc64 s390 s390x %ifarch sparcv9 sparc64 s390 s390x
export CFLAGS="$RPM_OPT_FLAGS -fPIC" export CFLAGS="$RPM_OPT_FLAGS -fPIC"
@ -304,6 +307,10 @@ install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.c
%{_datadir}/icons/hicolor/*/apps/* %{_datadir}/icons/hicolor/*/apps/*
%changelog %changelog
* Tue Sep 25 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-3
- Do not crash passwd when using malloc perturb checks
Resolves: bz#1631483
* Wed Aug 01 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-2 * Wed Aug 01 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-2
- Ignore buttons in mouse leave events - Ignore buttons in mouse leave events
Resolves: bz#1609516 Resolves: bz#1609516