extern/KasmVNC
1
0
Fork 0
mirror of https://github.com/kasmtech/KasmVNC.git synced 2024-11-22 16:13:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
856 Commits 32 Branches 15 Tags 5.1 MiB
16e365747a
Commit Graph

7 Commits

Author SHA1 Message Date
Pierre Ossman
57a3c3bba8 Simplify stream availability handling 
Just have a simply number of bytes argument to avoid a lot of
complexity.
 2021-03-29 10:48:26 +03:00
Pierre Ossman
92c7695981 Create common base classes for buffered streams 
Most streams are backed by a memory buffer. Create common base classes
for this functionality to avoid code duplication.
 2021-03-29 10:11:16 +03:00
Pierre Ossman
7f90205cf2 Add stream avail() methods 
Makes it more readable to write code that needs to know how much
data/space is available in a stream.
 2021-03-29 10:08:40 +03:00
Pierre Ossman
b7dc4a16fe Handle pending data in TLS buffers 
There might be more bytes left in the current TLS record, even if
there is nothing on the underlying stream. Make sure we properly
return this when we aren't being requested to block.
 2020-09-21 13:00:41 +03:00
Pierre Ossman
ae6cbd19e9 Be defensive about overflows in stream objects 
We use a lot of lengths given to us over the network, so be more
paranoid about them causing an overflow as otherwise an attacker
might trick us in to overwriting other memory.

This primarily affects the client which often gets lengths from the
server, but there are also some scenarios where the server might
theoretically be vulnerable.

Issue found by Pavel Cheremushkin from Kaspersky Lab.
 2020-09-21 12:56:23 +03:00
Pierre Ossman
259f1055cb Use size_t for lengths in stream objects 
Provides safety against them accidentally becoming negative because
of bugs in the calculations.

Also does the same to CharArray and friends as they were strongly
connection to the stream objects.
 2020-09-21 12:55:59 +03:00
matt
408c005d3e Initial commit 2020-09-20 12:16:44 +00:00