summaryrefslogtreecommitdiffstats
path: root/libvncclient
Commit message (Collapse)AuthorAgeFilesLines
* LibVNCClient: fix three possible heap buffer overflowsChristian Beier2018-09-291-4/+6
| | | | | | | An attacker could feed `0xffffffff`, causing a `malloc(0)` for the buffers which are subsequently written to. Closes #247
* LibVNCClient: make sure ReadFromRFBServer() does not write after buffer end ↵Christian Beier2018-09-291-1/+1
| | | | | | in CoRRE decoding Closes #250
* LibVNCClient: fix possible infinite loopChristian Beier2018-09-291-1/+1
| | | | Closes #251
* LibVNCClient: don't leak uninitialised memory to remoteChristian Beier2018-09-291-0/+2
| | | | | | | The pad fields of the rfbClientCutTextMsg and rfbKeyEventMsg could contain arbitray memory belonging to the process, don't leak this to the remote. Closes #252
* When connecting to a repeater, only send initialised stringChristian Beier2018-09-291-2/+6
| | | | Closes #253
* Remove the turbojpeg.h dependency from public headersChristian Beier2018-09-271-0/+2
| | | | Closes #230
* Merge pull request #215 from BastiaanOlij/fix_nozlib_compile_errorChristian Beier2018-05-141-1/+1
|\ | | | | | | | | libvncclient: zrle.c: Move undef of REALBPP down rfbproto.c which includes this file expects an undefined REALBPP after the inclusion. Do this whether or not there is zlib available.
| * Moved undef of REALBPP downBastiaan Olij2018-01-271-1/+1
| |
* | libvncclient/sasl: prefix the header guard (again) to fix a warningChristian Beier2018-03-241-3/+3
|/
* Merge pull request #203 from dcommander/turbovnc-clientChristian Beier2018-01-233-147/+101
|\ | | | | Include Tight decoding optimizations from TurboVNC
| * Include Tight decoding optimizations from TurboVNCDRC2018-01-223-147/+101
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - As with the encoder, the decoder now uses the TurboJPEG wrapper, which allows it to decode JPEG images directly into the framebuffer. This eliminates a buffer copy (CopyRectangle()) as well as the expensive RGB pixel conversion in DecompressJpegRectBPP(). The TurboJPEG wrapper performs RGB pixel conversion more optimally, and only when necessary (it uses the libjpeg-turbo colorspace extensions when available, in order to avoid RGB conversion.) - The other Tight subencoding types are also now decoded directly into the framebuffer, which eliminates buffer copies. - The Tight decoder now supports the rfbTightNoZlib extension, which allows the server to bypass zlib compression when Compression Level 0 is selected. The encoder already supports this extension. Passing the data stream through zlib when Compression Level 0 is selected needlessly wastes CPU time, since all zlib is doing is copying the data internally into its own structures.
* | Add trle decoderWiki Wang2017-09-152-0/+359
|/
* libvncclient: rename rfbsasl.[c|h] to sasl.[c|h] to be in line with naming ↵Christian Beier2017-09-024-7/+7
| | | | of other files
* Move HAVE_SASL #ifdefs into header file to have less LOCChristian Beier2017-09-023-6/+4
|
* Merge branch 'sasl2' of git://github.com/simonwaterman/libvncserver into ↵Christian Beier2017-09-029-11/+748
|\ | | | | | | simonwaterman-sasl2
| * Added SASL authentication supportsimon2017-06-259-12/+749
| | | | | | | | Added SASL support to OpenSSL
* | Merge pull request #175 from simonwaterman/x509verifyChristian Beier2017-05-141-4/+100
|\ \ | | | | | | Added support for X509 server certificate verification
| * | Removed comment left over from developmentsimon2017-04-251-3/+0
| | |
| * | Modified certificate verification for compatibility with GnuTLS 2.12.23simon2017-04-251-22/+102
| | |
| * | Added support for X509 server certificate verification as part of the ↵simon2017-04-201-3/+22
| |/ | | | | | | handshake process.
* | X509 certificate verification for OpenSSLsimon2017-05-051-92/+157
|/
* Set trueColour flag to 1 instead of 255dborth2017-04-041-1/+1
| | | | | | | | | | | It turns out some server implementations (namely VMware ESXi 6.5) expect 1 as the only non-zero value for the SetPixelFormat message whereas the protocol states every non-zero value is valid (https://github.com/rfbproto/rfbproto/blob/master/rfbproto.rst#setpixelformat). Anyway, setting this to 1 shouldn't hurt. Fixes #141
* Fix building for Android and add build instructions to READMEChristian Beier2017-03-261-1/+1
|
* Fix a compiler warningChristian Beier2017-03-261-1/+1
|
* Merge branch 'circle' of https://github.com/ldmnyblzs/libvncserver into ↵Christian Beier2017-03-269-144/+145
|\ | | | | | | | | | | | | ldmnyblzs-circle Conflicts: libvncclient/rfbproto.c
| * Add function pointers for every type of rectangleBalazs Ludmany2016-06-299-120/+121
| |
* | drop autotoolsBert van Hall2017-02-131-29/+0
| | | | | | | | | | | | | | | | Since autotools officially is no longer supported (see various github issues), drop the related infrastructure to stop tempting people to use it for building. Signed-off-by: Bert van Hall <bert.vanhall@gmx.de>
* | libvncclient/tls_openssl: support openssl 1.1.xBert van Hall2017-01-311-5/+4
| | | | | | | | | | | | | | | | Treat openSSL data structures as opaque to achieve compatibility with openSSL 1.1.x. While at it, fix order of cleaning up in open_ssl_connection(). Signed-off-by: Bert van Hall <bert.vanhall@avionic-design.de>
* | Fix LibVNCClient compilation with MSVC 2014Christian Beier2017-01-282-0/+6
| |
* | Fix building on OSX.Christian Beier2016-11-241-1/+1
| |
* | Fix heap overflow in the ultra.c decoderJosef Gajdusek2016-11-141-4/+4
| | | | | | | | | | | | The Ultra type tile decoder does not use the _safe variant of the LZO decompress function, which allows a maliciuous server to overwrite parts of the heap by sending a larger-than-specified LZO data stream.
* | Fix heap overflows in the various rectangle fill functionsJosef Gajdusek2016-11-141-0/+24
|/ | | | | | Altough rfbproto.c does check whether the overall FramebufferUpdate rectangle is too large, some of the individual encoding decoders do not, which allows a malicious server to overwrite parts of the heap.
* Merge pull request #105 from cgeorges82/masterChristian Beier2016-05-301-4/+15
|\ | | | | fix for issue #97. Also, this fixes cmake builds for other platforms.
| * Append missing include directory for GNUTLS and OPENSSL in CMake projectCédric Georges2016-03-051-4/+15
| | | | | | | | Append support of gnutls > v 2.99.01 (gnutls_transport_set_global_errno have a different signature)
* | Merge pull request #103 from rdieter/masterChristian Beier2016-04-241-6/+3
|\ \ | | | | | | use namespaced vnc_max macro (issue #102)
| * | use namespaced rfbMax macro (issue #102)Rex Dieter2016-04-181-6/+3
| |/ | | | | | | Not using generic 'max', avoids conflicts with stl_algobase.h
* | Merge pull request #118 from gbdj/threadsafe-100-squashChristian Beier2016-04-242-0/+23
|\ \ | | | | | | libvncclient/tls_gnutls.c: Add hooks to WriteToTLS() for optional protection by mutex. (Squashed)
| * | libvncclient/tls_gnutls.c: Add hooks to WriteToTLS() for optional protection ↵gbdj2016-04-232-0/+23
| |/ | | | | | | | | | | | | | | by mutex. Fix upstream issue #100 Squashed commit of the pull request #101 : commit 1c7e01e81862bc46508e675e83c74cc6d63224b0 commit 1e749b094d6696380d3f0540a00138d7e3427874
* | Merge pull request #110 from AlexejStukov/patch-1Christian Beier2016-04-121-1/+2
|\ \ | | | | | | break statement out of case
| * | break statement out of caseNorrec2016-04-071-1/+2
| |/
* | Fix buffer overflow when applying client encodingszbierak2016-04-121-1/+2
|/
* Ignore null pointers in FillRectangle() and CopyRectangleFromRectangle()SpaceOne2016-01-271-0/+8
|
* Properly document HandleCursorShape and GotCursorShapeProc.Christian Beier2015-12-031-6/+0
|
* Fix some typos (found by codespell)Stefan Weil2015-10-092-2/+2
| | | | Signed-off-by: Stefan Weil <sw@weilnetz.de>
* Re-add the useful bits of 9aa9ac59b4cb10bfca93456a3098e348de172d7f.Christian Beier2015-04-172-0/+7
|
* Revert "Add libvncclient/h264.c to dist tarball."Christian Beier2015-04-171-1/+1
| | | | This reverts commit 9aa9ac59b4cb10bfca93456a3098e348de172d7f.
* Revert "LibVNCClient: Add H.264 encoding for framebuffer updates"Christian Beier2015-04-174-680/+1
| | | | | | | | This reverts commit d891478ec985660c03f95cffda0e6a1ad4ba350c. Conflicts: configure.ac libvncclient/h264.c
* Merge pull request #69 from nopdotcom/masterChristian Beier2015-04-171-1/+4
|\ | | | | Avoid divide-by-zero in raw encoding (OSX RealVNC)
| * Avoid divide-by-zero in raw encoding (OSX RealVNC)Jay Carlson2015-03-271-1/+4
| | | | | | | | | | | | | | | | | | OS X RealVNC server crashes out Remmina because the server can provoke bytesPerLine to be zero. Assume this is coding for zero lines. The condition could be checked before the calculation of bytesPerLine. I don’t understand the preconditions of this code to say one way or the other.
* | Set autotools SOVERSION.Peter Spiess-Knafl2015-02-091-1/+1
| |