On So, 2014-06-29 at 14:16 +0200, Peter Lieven wrote:
Hi,
while debugging a VNC issue I found this:
case VNC_MSG_CLIENT_CUT_TEXT:
if (len == 1)
return 8;
if (len == 8) {
uint32_t dlen = read_u32(data, 4);
if (dlen 0)
On 30.06.2014 09:33, Gerd Hoffmann wrote:
On So, 2014-06-29 at 14:16 +0200, Peter Lieven wrote:
Hi,
while debugging a VNC issue I found this:
case VNC_MSG_CLIENT_CUT_TEXT:
if (len == 1)
return 8;
if (len == 8) {
uint32_t dlen = read_u32(data,
Hi,
I would vote for disconnect as soon as the limit specified is too big.
Otherwise
we had to rewrite the whole receive logic which could introduce additional
bugs.
Sounds sensible.
cheers,
Gerd
On 30.06.2014 09:46, Gerd Hoffmann wrote:
Hi,
I would vote for disconnect as soon as the limit specified is too big. Otherwise
we had to rewrite the whole receive logic which could introduce additional
bugs.
Sounds sensible.
Especially since client_cut_text is currently a NOP.
Peter
Hi,
while debugging a VNC issue I found this:
case VNC_MSG_CLIENT_CUT_TEXT:
if (len == 1)
return 8;
if (len == 8) {
uint32_t dlen = read_u32(data, 4);
if (dlen 0)
return 8 + dlen;
}
client_cut_text(vs,
On Sun, Jun 29, 2014 at 5:16 AM, Peter Lieven p...@kamp.de wrote:
Hi,
while debugging a VNC issue I found this:
case VNC_MSG_CLIENT_CUT_TEXT:
if (len == 1)
return 8;
if (len == 8) {
uint32_t dlen = read_u32(data, 4);
if (dlen 0)