summaryrefslogtreecommitdiffstats
path: root/libvncserver
Commit message (Collapse)AuthorAgeFilesLines
* Rename main.c to main.cpp because it needs to be built as C++Slávek Banko2020-12-091-4/+4
| | | | | | | | for integration with TQt event loop. Use tq... includes instead of ntq.... Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
* Renaming of files in preparation for code style tools.Michele Calgaro2020-12-091-1/+0
| | | | Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
* Limit lenght to INT_MAX bytes in rfbProcessFileTransferReadBuffer()Petr Písař2019-03-031-1/+6
| | | | | | | | | | | | | This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap out-of-bound write access in rfbProcessFileTransferReadBuffer() when reading a transfered file content in a server. The former fix did not work on platforms with a 32-bit int type (expected by rfbReadExact()). CVE-2018-15127 <https://github.com/LibVNC/libvncserver/issues/243> <https://github.com/LibVNC/libvncserver/issues/273> (cherry picked from commit 09e8fc02f59f16e2583b34fe1a270c238bd9ffec)
* Merge tag 'LibVNCServer-0.9.12'Slávek Banko2019-02-0626-876/+971
|\ | | | | | | Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
| * Fix comment style and be a bit more verboseChristian Beier2019-01-061-2/+7
| | | | | | | | ... explaining cedae6e6f97b14f5df3ea7c5f7efd59f2bc9ad82.
| * Merge pull request #238 from tetrane/pr-fix-use-after-freeChristian Beier2019-01-062-9/+46
| |\ | | | | | | Fix use-after-free and concurrent access segmentation fault
| | * Check the return code of pipeQuentin BUATHIER2018-12-061-1/+4
| | |
| | * Fix the concurrent issue hapenning between the freeing of the client and the ↵Quentin BUATHIER2018-08-092-3/+31
| | | | | | | | | | | | clientOutput thread
| | * Fix use-after-freeQuentin BUATHIER2018-08-091-6/+12
| | |
| * | Error out in rfbProcessFileTransferReadBuffer if length can not be allocatedChristian Beier2019-01-061-2/+12
| | | | | | | | | | | | re #273
| * | Merge pull request #267 from veyon/external-lzoChristian Beier2018-12-291-0/+4
| |\ \ | | | | | | | | Allow to use global LZO library instead of miniLZO
| | * | Allow to use global LZO library instead of miniLZOTobias Junghans2018-11-221-0/+4
| | | | | | | | | | | | | | | | | | | | The complete LZO library nowadays is installed on many systems so we can optionally make use of it and omit internal miniLZO implementation.
| * | | Fix -Wmisleading-indentation warningsRemi Gacogne2018-11-282-9/+13
| |/ /
| * | Merge pull request #259 from veyon/cursor-shiftChristian Beier2018-11-191-4/+4
| |\ \ | | | | | | | | LibVNCClient: fix integer shifts for cursor colors
| | * | LibVNCClient: fix integer shifts for cursor colorsTobias Junghans2018-11-051-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | Shifting values > 32768 by 16 places can cause undefined results for signed integers. Therefore cast color components to unsigned integer before shifting.
| * | | LibVNCServer: properly use thread-local storageTobias Junghans2018-11-192-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | The TLS macro never has been defined due to the missing LIBVNCSERVER_HAVE_TLS macro. This revises the macro logic to also cover Win32 builds with MSVC.
| * | | Add SSL options to rfbUsage outputChristian Beier2018-11-111-0/+4
| | | |
| * | | Merge branch 'fix-#242'Christian Beier2018-11-105-18/+25
| |\ \ \
| | * | | tightvnc-filetransfer: do not close stuff from within a threadChristian Beier2018-11-101-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... as this crashes badly and the client is closed by the main thread machinery afterwards. re #242
| | * | | tightvnc-filetransfer: when creating a new download thread, make sure the ↵Christian Beier2018-10-221-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | previous one ends re #242
| | * | | tightvnc-filetransfer: wait for download thread end in CloseUndoneFileDownload()Christian Beier2018-10-212-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ...and use it when deregistering the file transfer extension. Closes #242
| | * | | tightvnc-filetransfer: refactor CloseUndoneFileTransfer() into two functionsChristian Beier2018-10-213-7/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ...for closing upload and download separately. re #242
| | * | | tightvnc-filetransfer: tie the download thread to the control structureChristian Beier2018-10-212-2/+2
| | |/ / | | | | | | | | | | | | re #242
| * | | Undef error codes before redefining them for WSATobias Junghans2018-11-061-0/+6
| |/ / | | | | | | | | | Fixes compiler warnings about redefined macros from errno.h.
| * | tightvnc-filetransfer: fix heap use-after-freeChristian Beier2018-10-211-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | One can only guess what the intended semantics were here, but as every other rfbCloseClient() call in this file is followed by an immediate return, let's assume this was forgotton in this case. Anyway, don't forget to clean up to not leak memory. Closes #241
| * | LibVNCServer: fix heap out-of-bound write accessChristian Beier2018-10-211-1/+1
| | | | | | | | | | | | Closes #243
| * | websockets: remove Flash fallbackChristian Beier2018-10-012-13/+1
| | | | | | | | | | | | Closes #162
| * | httpd: send proper MIME type for Javascript filesChristian Beier2018-10-011-0/+2
| | | | | | | | | | | | re #148
| * | Fix compilaton with gcc 4.4.xDRC2018-09-301-2/+2
| |/ | | | | | | | | | | Closes #204 Signed-off-by: Christian Beier <dontmind@freeshell.org>
| * crypto: move to commonChristian Beier2018-06-295-190/+0
| | | | | | | | | | | | As of now, only LibVNCServer makes uses of these digest functions _and_ they depend on sys/uio.h, but in the future LibVNCClient will need those as well.
| * Tight: export SendCompressedData and SendTightHeader functionsEddie James2018-06-201-14/+11
| | | | | | | | | | | | | | | | | | These functions can be used to send already compressed jpegs to a client, circumventing the usual rect/region update methods which operate on a raw rgb framebuffer. Rename the functions with the usual rfb prefix and add the prototypes in rfb.h. Signed-off-by: Eddie James <eajames@us.ibm.com>
| * rfbserver: fix a typoChristian Beier2018-03-241-1/+1
| |
| * rfbserver: get rid of inttypes.h againChristian Beier2018-03-241-4/+1
| |
| * Limit client cut text length to 1 MBPetr Písař2018-03-081-1/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch constrains a client cut text length to 1 MB. Otherwise a client could make server allocate 2 GB of memory and that seems to be to much to classify it as a denial of service. The limit also prevents from an integer overflow followed by copying an uninitilized memory when processing msg.cct.length value larger than SIZE_MAX or INT_MAX - sz_rfbClientCutTextMsg. This patch also corrects accepting length value of zero (malloc(0) is interpreted on differnet systems differently). CVE-2018-7225 <https://github.com/LibVNC/libvncserver/issues/218>
| * fix: the function should not return a valueWu Zongyong2017-06-251-1/+1
| |
| * Fixed compilation of websockets on system where there is no implementation ↵Jocelyn Le Sage2017-06-133-8/+6
| | | | | | | | of base64 functions.
| * Merge pull request #158 from kempniu/gtk-vnc-0.7.0-compatChristian Beier2017-05-151-1/+4
| |\ | | | | | | websockets: Ensure compatibility with gtk-vnc 0.7.0+
| | * Ensure compatibility with gtk-vnc 0.7.0+Michał Kępień2017-02-141-1/+4
| | |
| * | websockets: hide decode debug output per defaultChristian Beier2017-05-151-32/+41
| | |
| * | websockets: restore webSocketCheckDisconnect() to keep API compatibilityChristian Beier2017-05-141-0/+11
| | |
| * | remove potential 64 bit len overflow calculationAndreas Weigel2017-05-142-38/+31
| | |
| * | add decode support for continuation framesAndreas Weigel2017-05-143-46/+126
| | | | | | | | | | | | | | | | | | use FIN bit and implement opcode 0x00 make consistent use of uint64_t for big frame sizes
| * | remove Hixie-specific MD5 and check functionsAndreas Weigel2017-05-142-68/+0
| | |
| * | add generation wstest to cmakeAndreas Weigel2017-05-142-25/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | add wstestdata.c, because the python data generation script has too many dependencies remove some redundance from jpeg test creation add support for decoding close messages
| * | add ws_decode testsAndreas Weigel2017-05-143-41/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | modify automake to include ws_decode test add python frame generator for decode tests modify configure to only include ws_decode test if preconditions are fulfilled
| * | remove obsolete hixie protocol supportAndreas Weigel2017-05-141-246/+51
| | |
| * | factor out hybi decode part to make it testableAndreas Weigel2017-05-143-580/+631
| | | | | | | | | | | | | | | remove direct dependency on rfbClientPtr structure in hybi decode function(s)
| * | fix overflow and refactor websockets decode (Hybi)Andreas Weigel2017-05-141-132/+463
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix critical heap-based buffer overflow which allowed easy modification of a return address via an overwritten function pointer fix bug causing connections to fail due a "one websocket frame = one ws_read" assumption, which failed with LibVNCServer-0.9.11 refactor websocket Hybi decode to use a simple state machine for decoding of websocket frames
| * | font: Fix a small resource leak in a failure case in rfbLoadConsoleFont()Lioncash2017-05-101-0/+1
| | | | | | | | | | | | The file handle wouldn't be closed in this instance.
| * | rfbInitServer: only init Winsock onceChristian Beier2017-02-211-1/+9
| | |
generated by cgit v1.2.1 (git 2.18.0) at 2024-12-22 21:51:56 +0000