rpms/gtk-vnc/F-12 gtk-vnc-0.3.10-bounds.patch, NONE, 1.1 gtk-vnc.spec, 1.43, 1.44
Daniel P. Berrange
berrange at fedoraproject.org
Tue Apr 27 12:47:37 UTC 2010
Author: berrange
Update of /cvs/pkgs/rpms/gtk-vnc/F-12
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv20609
Modified Files:
gtk-vnc.spec
Added Files:
gtk-vnc-0.3.10-bounds.patch
Log Message:
Drop VNC connection if the server sends a update spaning outside bounds of desktop (rhbz #540810)
gtk-vnc-0.3.10-bounds.patch:
gvnc.c | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++-------
vncdisplay.c | 6 +++-
2 files changed, 80 insertions(+), 10 deletions(-)
--- NEW FILE gtk-vnc-0.3.10-bounds.patch ---
diff -rup gtk-vnc-0.3.10/src/gvnc.c gtk-vnc-0.3.10.new/src/gvnc.c
--- gtk-vnc-0.3.10/src/gvnc.c 2010-04-27 12:04:45.657317541 +0100
+++ gtk-vnc-0.3.10.new/src/gvnc.c 2010-04-27 12:12:00.726185001 +0100
@@ -2192,35 +2192,64 @@ static void gvnc_ext_key_event(struct gv
gvnc->keycode_map = x_keycode_to_pc_keycode_map();
}
-static void gvnc_framebuffer_update(struct gvnc *gvnc, int32_t etype,
- uint16_t x, uint16_t y,
- uint16_t width, uint16_t height)
+
+static gboolean gvnc_validate_boundary(struct gvnc *gvnc,
+ uint16_t width, uint16_t height)
+{
+
+ if (width > gvnc->width || height > gvnc->height) {
+ GVNC_DEBUG("Framebuffer update %dx%d outside boundary %dx%d",
+ width, height, gvnc->width, gvnc->height);
+ gvnc->has_error = TRUE;
+ }
+
+ return !gvnc_has_error(gvnc);
+}
+
+static gboolean gvnc_framebuffer_update(struct gvnc *gvnc, int32_t etype,
+ uint16_t x, uint16_t y,
+ uint16_t width, uint16_t height)
{
GVNC_DEBUG("FramebufferUpdate(%d, %d, %d, %d, %d)",
etype, x, y, width, height);
+ if (gvnc_has_error(gvnc))
+ return !gvnc_has_error(gvnc);
+
switch (etype) {
case GVNC_ENCODING_RAW:
+ if (!gvnc_validate_boundary(gvnc, width, height))
+ break;
gvnc_raw_update(gvnc, x, y, width, height);
gvnc_update(gvnc, x, y, width, height);
break;
case GVNC_ENCODING_COPY_RECT:
+ if (!gvnc_validate_boundary(gvnc, width, height))
+ break;
gvnc_copyrect_update(gvnc, x, y, width, height);
gvnc_update(gvnc, x, y, width, height);
break;
case GVNC_ENCODING_RRE:
+ if (!gvnc_validate_boundary(gvnc, width, height))
+ break;
gvnc_rre_update(gvnc, x, y, width, height);
gvnc_update(gvnc, x, y, width, height);
break;
case GVNC_ENCODING_HEXTILE:
+ if (!gvnc_validate_boundary(gvnc, width, height))
+ break;
gvnc_hextile_update(gvnc, x, y, width, height);
gvnc_update(gvnc, x, y, width, height);
break;
case GVNC_ENCODING_ZRLE:
+ if (!gvnc_validate_boundary(gvnc, width, height))
+ break;
gvnc_zrle_update(gvnc, x, y, width, height);
gvnc_update(gvnc, x, y, width, height);
break;
case GVNC_ENCODING_TIGHT:
+ if (!gvnc_validate_boundary(gvnc, width, height))
+ break;
gvnc_tight_update(gvnc, x, y, width, height);
gvnc_update(gvnc, x, y, width, height);
break;
@@ -2249,6 +2278,8 @@ static void gvnc_framebuffer_update(stru
gvnc->has_error = TRUE;
break;
}
+
+ return !gvnc_has_error(gvnc);
}
gboolean gvnc_server_message(struct gvnc *gvnc)
@@ -2256,6 +2287,9 @@ gboolean gvnc_server_message(struct gvnc
uint8_t msg;
int ret;
+ if (gvnc_has_error(gvnc))
+ return !gvnc_has_error(gvnc);
+
/* NB: make sure that all server message functions
handle has_error appropriately */
@@ -2290,7 +2324,8 @@ gboolean gvnc_server_message(struct gvnc
h = gvnc_read_u16(gvnc);
etype = gvnc_read_s32(gvnc);
- gvnc_framebuffer_update(gvnc, etype, x, y, w, h);
+ if (!gvnc_framebuffer_update(gvnc, etype, x, y, w, h))
+ break;
}
} break;
case 1: { /* SetColorMapEntries */
@@ -3459,8 +3494,11 @@ void gvnc_close(struct gvnc *gvnc)
gvnc->tls_session = NULL;
}
#if HAVE_SASL
- if (gvnc->saslconn)
+ if (gvnc->saslconn) {
sasl_dispose (&gvnc->saslconn);
+ gvnc->saslconn = NULL;
+ gvnc->saslDecodedOffset = gvnc->saslDecodedLength = 0;
+ }
#endif
if (gvnc->channel) {
@@ -3512,6 +3550,7 @@ void gvnc_close(struct gvnc *gvnc)
g_free(gvnc->cred_x509_key);
gvnc->cred_x509_key = NULL;
}
+ gvnc->want_cred_x509 = gvnc->want_cred_username = gvnc->want_cred_password = FALSE;
for (i = 0; i < 5; i++)
inflateEnd(&gvnc->streams[i]);
@@ -3519,7 +3558,28 @@ void gvnc_close(struct gvnc *gvnc)
gvnc->auth_type = GVNC_AUTH_INVALID;
gvnc->auth_subtype = GVNC_AUTH_INVALID;
- gvnc->has_error = 0;
+ memset(&gvnc->fmt, 0, sizeof(gvnc->fmt));
+ gvnc->perfect_match = FALSE;
+ memset(&gvnc->local, 0, sizeof(gvnc->local));
+ gvnc->rm = gvnc->gm = gvnc->bm = 0;
+ gvnc->rrs = gvnc->grs = gvnc->brs = 0;
+ gvnc->rls = gvnc->gls = gvnc->bls = 0;
+
+ gvnc->read_offset = gvnc->read_size = 0;
+ gvnc->write_offset = 0;
+
+ if (gvnc->xmit_buffer) {
+ g_free(gvnc->xmit_buffer);
+ gvnc->xmit_buffer = NULL;
+ }
+ gvnc->xmit_buffer_size = gvnc->xmit_buffer_capacity = 0;
+ gvnc->uncompressed_length = 0;
+ gvnc->compressed_length = 0;
+
+ gvnc->width = gvnc->height = 0;
+ gvnc->major = gvnc->minor = 0;
+
+ gvnc->has_error = FALSE;
}
void gvnc_shutdown(struct gvnc *gvnc)
@@ -3569,11 +3629,15 @@ gboolean gvnc_initialize(struct gvnc *gv
gvnc->absolute = 1;
gvnc_read(gvnc, version, 12);
- version[12] = 0;
+ if (gvnc_has_error(gvnc)) {
+ GVNC_DEBUG("Error while reading server version");
+ goto fail;
+ }
+ version[12] = 0;
ret = sscanf(version, "RFB %03d.%03d\n", &gvnc->major, &gvnc->minor);
if (ret != 2) {
- GVNC_DEBUG("Error while getting server version");
+ GVNC_DEBUG("Error while parsing server version");
goto fail;
}
@@ -3604,6 +3668,8 @@ gboolean gvnc_initialize(struct gvnc *gv
gvnc->width = gvnc_read_u16(gvnc);
gvnc->height = gvnc_read_u16(gvnc);
+ GVNC_DEBUG("Initial desktop size %dx%d", gvnc->width, gvnc->height);
+
if (gvnc_has_error(gvnc))
return FALSE;
@@ -3638,7 +3704,7 @@ gboolean gvnc_initialize(struct gvnc *gv
return !gvnc_has_error(gvnc);
fail:
- gvnc->has_error = 1;
+ gvnc->has_error = TRUE;
return !gvnc_has_error(gvnc);
}
diff -rup gtk-vnc-0.3.10/src/vncdisplay.c gtk-vnc-0.3.10.new/src/vncdisplay.c
--- gtk-vnc-0.3.10/src/vncdisplay.c 2009-10-16 17:52:28.000000000 +0100
+++ gtk-vnc-0.3.10.new/src/vncdisplay.c 2010-04-27 12:10:24.790184856 +0100
@@ -879,7 +879,8 @@ static void setup_gdk_image(VncDisplay *
priv->image = gdk_image_new(GDK_IMAGE_FASTEST, visual, width, height);
priv->pixmap = gdk_pixmap_new(GTK_WIDGET(obj)->window, width, height, -1);
- GVNC_DEBUG("Visual mask: %3d %3d %3d\n shift: %3d %3d %3d",
+ GVNC_DEBUG("Size %dx%%d\n Visual mask: %3d %3d %3d\n shift: %3d %3d %3d",
+ width, height,
visual->red_mask,
visual->green_mask,
visual->blue_mask,
@@ -973,6 +974,8 @@ static gboolean do_resize(void *opaque,
VncDisplayPrivate *priv = obj->priv;
struct signal_data s;
+ GVNC_DEBUG("Do resize %dx%d %d", width, height, quiet);
+
if (priv->gvnc == NULL || !gvnc_is_initialized(priv->gvnc))
return TRUE;
@@ -1340,6 +1343,7 @@ static gboolean delayed_unref_object(gpo
{
VncDisplay *obj = VNC_DISPLAY(data);
+ GVNC_DEBUG("Delayed unref %p %d", data, obj->priv->coroutine.exited);
g_assert(obj->priv->coroutine.exited == TRUE);
if (obj->priv->image) {
Index: gtk-vnc.spec
===================================================================
RCS file: /cvs/pkgs/rpms/gtk-vnc/F-12/gtk-vnc.spec,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -p -r1.43 -r1.44
--- gtk-vnc.spec 17 Dec 2009 18:29:38 -0000 1.43
+++ gtk-vnc.spec 27 Apr 2010 12:47:37 -0000 1.44
@@ -7,11 +7,12 @@
Summary: A GTK widget for VNC clients
Name: gtk-vnc
Version: 0.3.10
-Release: 2%{?dist}
+Release: 3%{?dist}
License: LGPLv2+
Group: Development/Libraries
Source: http://ftp.gnome.org/pub/GNOME/sources/%{name}/0.3/%{name}-%{version}.tar.bz2
Patch1: %{name}-%{version}-gcrypt-threading.patch
+Patch2: %{name}-%{version}-bounds.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
URL: http://live.gnome.org/gtk-vnc
BuildRequires: gtk2-devel pygtk2-devel python-devel zlib-devel
@@ -70,6 +71,7 @@ browsers.
%prep
%setup -q
%patch1 -p1
+%patch2 -p1
%build
%if %{with_plugin}
@@ -125,6 +127,9 @@ rm -fr %{buildroot}
%endif
%changelog
+* Tue Apr 27 2010 Daniel P. Berrange <berrange at redhat.com> - 0.3.10-3
+- Drop VNC connection if the server sends a update spaning outside bounds of desktop (rhbz #540810)
+
* Thu Dec 17 2009 Daniel P. Berrange <berrange at redhat.com> - 0.3.10-2
- Fix gcrypt threading initialization (rhbz #537489)
More information about the scm-commits
mailing list