Details | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
56 | magnus | 1 | Description: CVE-2018-20021 |
2 | CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows |
||
3 | attacker to consume excessive amount of resources like CPU and RAM |
||
4 | --- |
||
5 | |||
6 | Author: Abhijith PA <abhijith@debian.org> |
||
7 | Origin: https://github.com/LibVNC/libvncserver/commit/c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c |
||
8 | Bug: https://github.com/LibVNC/libvncserver/issues/251 |
||
9 | Bug-Debian: https://bugs.debian.org/916941 |
||
10 | Last-Update: 2018-12-23 |
||
11 | |||
12 | --- a/vnc_unixsrc/vncviewer/rfbproto.c |
||
13 | +++ b/vnc_unixsrc/vncviewer/rfbproto.c |
||
14 | @@ -3156,7 +3156,7 @@ |
||
15 | if (db) fprintf(stderr, "Raw: %dx%d+%d+%d\n", rect.r.w, rect.r.h, rect.r.x, rect.r.y); |
||
16 | area_raw += rect.r.w * rect.r.h; |
||
17 | |||
18 | - while (rect.r.h > 0) { |
||
19 | + while (linesToRead && rect.r.h > 0) { |
||
20 | if (linesToRead > rect.r.h) { |
||
21 | linesToRead = rect.r.h; |
||
22 | } |