diff options
| author | Fiona Ebner <f.ebner@proxmox.com> | 2023-11-22 13:58:26 +0100 |
|---|---|---|
| committer | Marc-André Lureau <marcandre.lureau@redhat.com> | 2023-12-04 11:28:26 +0400 |
| commit | ebfbf394671163c14e2b24d98f3927a3151d1aff (patch) | |
| tree | 4c3dae628c0400231e5327531775c3a41d26d0c1 /hw | |
| parent | 53a939f1bf8e4a3e38f9449fac44f572676966ad (diff) | |
| download | qemu-ebfbf394671163c14e2b24d98f3927a3151d1aff.zip qemu-ebfbf394671163c14e2b24d98f3927a3151d1aff.tar.gz qemu-ebfbf394671163c14e2b24d98f3927a3151d1aff.tar.bz2 | |
ui/vnc-clipboard: fix inflate_buffer
Commit d921fea338 ("ui/vnc-clipboard: fix infinite loop in
inflate_buffer (CVE-2023-3255)") removed this hunk, but it is still
required, because it can happen that stream.avail_in becomes zero
before coming across a return value of Z_STREAM_END in the loop.
This fixes the host->guest direction of the clipboard with noVNC and
TigerVNC as clients.
Fixes: d921fea338 ("ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)")
Reported-by: Friedrich Weber <f.weber@proxmox.com>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20231122125826.228189-1-f.ebner@proxmox.com>
Diffstat (limited to 'hw')
0 files changed, 0 insertions, 0 deletions