nixpkgs/pkgs/tools/admin/tightvnc/1.3.10-CVE-2019-15680.patch
Robert Scott 2482f8b8dc tightvnc: add patches for four CVEs
Security fixes for:
* CVE-2019-8287
* CVE-2019-15678
* CVE-2019-15679
* CVE-2019-15680

mostly adapted from patches fixing similar issues in the actively
maintained libvnc

(#73970)
2019-11-24 19:44:01 +01:00

16 lines
513 B
Diff

diff --git a/vncviewer/zlib.c b/vncviewer/zlib.c
index 80c4eee..76998d8 100644
--- a/vncviewer/zlib.c
+++ b/vncviewer/zlib.c
@@ -55,6 +55,11 @@ HandleZlibBPP (int rx, int ry, int rw, int rh)
raw_buffer_size = (( rw * rh ) * ( BPP / 8 ));
raw_buffer = (char*) malloc( raw_buffer_size );
+ if ( raw_buffer == NULL ) {
+ fprintf(stderr,
+ "couldn't allocate raw_buffer in HandleZlibBPP");
+ return False;
+ }
}
if (!ReadFromRFBServer((char *)&hdr, sz_rfbZlibHeader))