extern/KasmVNC
1
0
Fork 0
mirror of https://github.com/kasmtech/KasmVNC.git synced 2024-11-08 09:14:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Bugfix/kasm 1912 websocket crash (#57)

Browse Source 
* Copy-paste bug in SSE2 scaling to under 0.5x

* Better handling of websocket frames

* KASM-1912 websocket crash, scaling bug

Co-authored-by: Lauri Kasanen <cand@gmx.com>
Co-authored-by: matt <matt@kasmweb.com>
This commit is contained in:
mmcclaskey 2021-09-24 08:25:35 -04:00 committed by GitHub
parent dd26c40844
commit 93e47e5d54
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
common/network/websockify.c
View File

@ -44,11 +44,11 @@ static void do_proxy(ws_ctx_t *ws_ctx, int target) {
int maxfd, client = ws_ctx->sockfd; int maxfd, client = ws_ctx->sockfd;
unsigned int opcode, left, ret; unsigned int opcode, left, ret;
unsigned int tout_start, tout_end, cout_start, cout_end; unsigned int tout_start, tout_end, cout_start, cout_end;
unsigned int tin_start, tin_end; unsigned int tin_end;
ssize_t len, bytes; ssize_t len, bytes;
tout_start = tout_end = cout_start = cout_end = tout_start = tout_end = cout_start = cout_end =
tin_start = tin_end = 0; tin_end = 0;
maxfd = client > target ? client+1 : target+1; maxfd = client > target ? client+1 : target+1;
while (1) { while (1) {
@ -165,7 +165,7 @@ static void do_proxy(ws_ctx_t *ws_ctx, int target) {
} }
if (FD_ISSET(client, &rlist)) { if (FD_ISSET(client, &rlist)) {
bytes = ws_recv(ws_ctx, ws_ctx->tin_buf + tin_end, BUFSIZE-1); bytes = ws_recv(ws_ctx, ws_ctx->tin_buf + tin_end, BUFSIZE-1-tin_end);
if (pipe_error) { break; } if (pipe_error) { break; }
if (bytes <= 0) { if (bytes <= 0) {
handler_emsg("client closed connection\n"); handler_emsg("client closed connection\n");
@ -180,13 +180,13 @@ static void do_proxy(ws_ctx_t *ws_ctx, int target) {
printf("\n"); printf("\n");
*/ */
if (ws_ctx->hybi) { if (ws_ctx->hybi) {
len = decode_hybi(ws_ctx->tin_buf + tin_start, len = decode_hybi(ws_ctx->tin_buf,
tin_end-tin_start, tin_end,
ws_ctx->tout_buf, BUFSIZE-1, ws_ctx->tout_buf, BUFSIZE-1,
&opcode, &left); &opcode, &left);
} else { } else {
len = decode_hixie(ws_ctx->tin_buf + tin_start, len = decode_hixie(ws_ctx->tin_buf,
tin_end-tin_start, tin_end,
ws_ctx->tout_buf, BUFSIZE-1, ws_ctx->tout_buf, BUFSIZE-1,
&opcode, &left); &opcode, &left);
} }
@ -208,10 +208,13 @@ static void do_proxy(ws_ctx_t *ws_ctx, int target) {
break; break;
} }
if (left) { if (left) {
tin_start = tin_end - left; const unsigned tin_start = tin_end - left;
//printf("partial frame from client"); //handler_emsg("partial frame from client, %u left, start %u end %u, lens %lu %lu\n",
// left, tin_start, tin_end, bytes, len);
memmove(ws_ctx->tin_buf, ws_ctx->tin_buf + tin_start, left);
tin_end = left;
} else { } else {
tin_start = 0; //handler_emsg("handled %lu/%lu bytes\n", bytes, len);
tin_end = 0; tin_end = 0;
} }

2
common/rfb/EncodeManager.cxx
View File

@ -1024,7 +1024,7 @@ PixelBuffer *rfb::progressiveBilinearScale(const PixelBuffer *pb,
rdr::U8 *newpx = ((ManagedPixelBuffer *) newpb)->getBufferRW(newpb->getRect(), rdr::U8 *newpx = ((ManagedPixelBuffer *) newpb)->getBufferRW(newpb->getRect(),
&newstride); &newstride);
SSE2_scale(oldpx, tgtw, tgth, newpx, oldstride, newstride, tgtdiff); SSE2_scale(oldpx, tgtw, tgth, newpx, oldstride, newstride, tgtw / (float) oldw);
if (del) if (del)
delete pb; delete pb;
} }