KasmVNC

extern/KasmVNC

Fork 0

mirror of https://github.com/kasmtech/KasmVNC.git synced 2024-11-22 08:04:04 +01:00

Commit Graph

Author	SHA1	Message	Date
Pierre Ossman	3282836baf	Make ZlibInStream more robust against failures Move the checks around to avoid missing cases where we might access memory that is no longer valid. Also avoid touching the underlying stream implicitly (e.g. via the destructor) as it might also no longer be valid. A malicious server could theoretically use this for remote code execution in the client. Issue found by Pavel Cheremushkin from Kaspersky Lab	2020-09-21 12:40:12 +03:00
matt	408c005d3e	Initial commit	2020-09-20 12:16:44 +00:00

Author

SHA1

Message

Date

Pierre Ossman

3282836baf

Make ZlibInStream more robust against failures

Move the checks around to avoid missing cases where we might access
memory that is no longer valid. Also avoid touching the underlying
stream implicitly (e.g. via the destructor) as it might also no
longer be valid.

A malicious server could theoretically use this for remote code
execution in the client.

Issue found by Pavel Cheremushkin from Kaspersky Lab

2020-09-21 12:40:12 +03:00

matt

408c005d3e

Initial commit

2020-09-20 12:16:44 +00:00

1 2 3 4

152 Commits