mii/qemu
1
0
Fork 0
mirror of https://github.com/mii443/qemu.git synced 2025-08-22 23:25:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d921fea338c1059a27ce7b75309d7a2e485f710b
qemu/ui
History
Mauro Matteo Cascella d921fea338 ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255) 
A wrong exit condition may lead to an infinite loop when inflating a
valid zlib buffer containing some extra bytes in the `inflate_buffer`
function. The bug only occurs post-authentication. Return the buffer
immediately if the end of the compressed data has been reached
(Z_STREAM_END).

Fixes: CVE-2023-3255
Fixes: 0bf41cab ("ui/vnc: clipboard support")
Reported-by: Kevin Denis <kevin.denis@synacktiv.com>
Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-ID: <20230704084210.101822-1-mcascell@redhat.com>
2023-07-17 15:20:56 +04:00
..
icons
configure: move directory options from config-host.mak to meson
2020-10-26 07:08:38 -04:00
shader
ui/shader: fix #version directive must occur on first line
2023-03-13 23:48:45 +04:00
clipboard.c
ui/clipboard: reset the serial state on reset
2022-09-23 14:38:27 +02:00
cocoa.m
cocoa: Fix warnings about invalid prototype declarations
2023-06-13 11:28:58 +02:00
console-gl.c
ui/console: fix texture leak when calling surface_gl_create_texture()
2022-03-04 11:28:37 +01:00
console.c
ui: add optional d3d texture pointer to scanout texture
2023-06-27 17:08:56 +02:00
curses_keys.h
curses.c
ui/curses: Avoid dynamic stack allocation
2022-09-22 16:38:28 +01:00
cursor_hidden.xpm
cursor_left_ptr.xpm
cursor.c
ui/cursor: make width/height unsigned 16-bit integer
2023-05-28 13:08:25 +04:00
dbus-chardev.c
ui/dbus: win32 support
2023-06-27 17:08:56 +02:00
dbus-clipboard.c
ui/dbus: unregister clipboard on connection close
2023-03-13 22:57:39 +04:00
dbus-console.c
ui: add optional d3d texture pointer to scanout texture
2023-06-27 17:08:56 +02:00
dbus-display1.xml
ui/dbus: use shared D3D11 Texture2D when possible
2023-06-27 17:08:56 +02:00
dbus-error.c
ui: add a D-Bus display backend
2021-12-21 10:50:22 +04:00
dbus-listener.c
ui/dbus: fix build errors in dbus_update_gl_cb and dbus_call_update_gl
2023-06-30 23:15:29 +02:00
dbus-module.c
ui/dbus: add p2p=on/off option
2021-12-21 10:50:22 +04:00
dbus.c
ui/dbus: add GL support on win32
2023-06-27 17:08:56 +02:00
dbus.h
ui/dbus: win32 support
2023-06-27 17:08:56 +02:00
egl-context.c
ui/egl: fix make_context_current() callback return value
2023-06-27 17:08:56 +02:00
egl-headless.c
ui: add optional d3d texture pointer to scanout texture
2023-06-27 17:08:56 +02:00
egl-helpers.c
ui/egl: query ANGLE d3d device
2023-06-27 17:08:56 +02:00
gtk-clipboard.c
Remove qemu-common.h include from most units
2022-04-06 14:31:55 +02:00
gtk-egl.c
ui: add optional d3d texture pointer to scanout texture
2023-06-27 17:08:56 +02:00
gtk-gl-area.c
ui: add optional d3d texture pointer to scanout texture
2023-06-27 17:08:56 +02:00
gtk.c
ui/gtk: making dmabuf NULL when it's released.
2023-06-27 17:08:56 +02:00
input-barrier.c
ui/input-barrier: Move TODOs from barrier.txt to a comment
2021-08-02 12:55:51 +01:00
input-barrier.h
input-keymap.c
input-legacy.c
ui/input-legacy: pass horizontal scroll information
2022-01-13 15:33:18 +01:00
input-linux.c
ui: replace qemu_set_nonblock()
2022-05-03 15:52:37 +04:00
input.c
ui: add helpers for virtio-multitouch events
2023-05-28 13:08:25 +04:00
kbd-state.c
keymaps.c
Remove qemu-common.h include from most units
2022-04-06 14:31:55 +02:00
keymaps.h
meson.build
ui: add egl-headless support on win32
2023-06-27 17:08:56 +02:00
qemu-pixman.c
console/win32: allocate shareable display surface
2023-06-27 17:08:56 +02:00
qemu-x509.h
qemu.desktop
sdl2-2d.c
ui/console: Pass placeholder surface to displays
2021-03-04 09:35:36 +01:00
sdl2-gl.c
ui: add optional d3d texture pointer to scanout texture
2023-06-27 17:08:56 +02:00
sdl2-input.c
sdl2.c
ui/sdl2: OpenGL window context
2023-06-27 12:31:15 +02:00
shader.c
ui/shader: free associated programs
2022-03-14 15:16:16 +04:00
spice-app.c
Do not include "qemu/error-report.h" in headers that do not need it
2023-02-14 09:11:27 +01:00
spice-core.c
ui/spice: fix compilation on win32
2023-03-24 11:55:55 +01:00
spice-display.c
ui: add optional d3d texture pointer to scanout texture
2023-06-27 17:08:56 +02:00
spice-input.c
spice-module.c
spice: wire up monitor in QemuSpiceOps.
2020-10-21 15:46:14 +02:00
trace-events
ui/egl: query ANGLE d3d device
2023-06-27 17:08:56 +02:00
trace.h
udmabuf.c
Do not include "qemu/error-report.h" in headers that do not need it
2023-02-14 09:11:27 +01:00
ui-hmp-cmds.c
spice: move client_migrate_info command to ui/
2023-04-24 15:01:46 +02:00
ui-qmp-cmds.c
spice: move client_migrate_info command to ui/
2023-04-24 15:01:46 +02:00
util.c
include/hw/pci: Split pci_device.h off pci.h
2023-01-08 01:54:22 -05:00
vdagent.c
Do not include "qemu/error-report.h" in headers that do not need it
2023-02-14 09:11:27 +01:00
vgafont.h
ui: fix tab indentation
2022-11-08 10:23:06 +01:00
vnc_keysym.h
ui: fix tab indentation
2022-11-08 10:23:06 +01:00
vnc-auth-sasl.c
vnc: avoid deprecation warnings for SASL on OS X
2021-06-15 17:17:09 +02:00
vnc-auth-sasl.h
vnc: avoid deprecation warnings for SASL on OS X
2021-06-15 17:17:09 +02:00
vnc-auth-vencrypt.c
vnc: fix resource leak when websocket channel error
2020-11-04 08:25:17 +01:00
vnc-auth-vencrypt.h
vnc-clipboard.c
ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)
2023-07-17 15:20:56 +04:00
vnc-enc-hextile-template.h
vnc-enc-hextile.c
Drop useless casts from g_malloc() & friends to pointer
2022-10-22 23:15:40 +02:00
vnc-enc-tight.c
Replacing CONFIG_VNC_PNG with CONFIG_PNG
2022-04-27 07:50:28 +02:00
vnc-enc-tight.h
vnc-enc-zlib.c
vnc-enc-zrle.c
vnc-enc-zrle.c.inc
vnc-enc-zrle.h
vnc-enc-zywrle-template.c
ui: fix tab indentation
2022-11-08 10:23:06 +01:00
vnc-enc-zywrle.h
ui: fix tab indentation
2022-11-08 10:23:06 +01:00
vnc-jobs.c
vnc: move assert in vnc_worker_thread_loop
2023-06-10 00:00:24 +03:00
vnc-jobs.h
vnc-palette.c
vnc-palette.h
vnc-stubs.c
vnc: support "-vnc help"
2021-01-23 15:55:07 -05:00
vnc-ws.c
bulk: Remove pointless QOM casts
2023-06-05 20:48:34 +02:00
vnc-ws.h
vnc.c
cutils: Adjust signature of parse_uint[_full]
2023-06-02 12:27:19 -05:00
vnc.h
ui: keep current cursor with QemuConsole
2023-03-13 22:57:39 +04:00
win32-kbd-hook.c
x_keymap.c
ui: Fix memory leak in qemu_xkeymap_mapping_table()
2021-05-02 17:24:50 +02:00
x_keymap.h