publicWagsHome
/
KasmVNC
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
59 Commits
32 Branches
15 Tags
4.9 MiB
master
release/1.3.3
release/1.3.2
release/1.2.1
release/1.3.1
release/1.3.0
release/1.2.0
release/1.1.1
release/1.1.0
release/1.0.1
release/1.0.0
release/0.9.3.2
release/0.9.3.1
innovation/session_recording
release/0.9.3
KASM-1810_yaml_config
httpblacklist
feature/KASM-2119_ubuntu_2004_default
video
bugfix/KASM-2021_kali_stable
feature/KASM-2083_ARM_Neon
configchecks
bugfix/KASM-2034_mobile_audio
bugfix/KASM-2053_video_quality
KASM-1609_select_de_to_run
feature/KASM-1883_x_proxy
KASM-1910-fix_pipeline
easy-start-select-de-to-run
xdg-portal-kde-firefox
toggle-game-mode
relativemotion
pointer_lock_api
v1.3.3
v1.3.2
v1.2.1
v1.3.1
v1.3.0
v1.2.0
v1.1.0
v1.0.1
v1.0.0
v0.9.3-beta
temporary
temporary2
v0.9.0-beta
v0.9.1-beta
v0.9.2-beta
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e7016550fc'
${ noResults }
Commit Graph

3 Commits (e7016550fcf0605564646d94ec48760c5b197c36)

Author SHA1 Message Date
Pierre Ossman ae6cbd19e9 Be defensive about overflows in stream objects 
We use a lot of lengths given to us over the network, so be more
paranoid about them causing an overflow as otherwise an attacker
might trick us in to overwriting other memory.

This primarily affects the client which often gets lengths from the
server, but there are also some scenarios where the server might
theoretically be vulnerable.

Issue found by Pavel Cheremushkin from Kaspersky Lab.
 5 years ago
Pierre Ossman 259f1055cb Use size_t for lengths in stream objects 
Provides safety against them accidentally becoming negative because
of bugs in the calculations.

Also does the same to CharArray and friends as they were strongly
connection to the stream objects.
 5 years ago
matt 408c005d3e Initial commit 5 years ago