aboutsummaryrefslogtreecommitdiff
path: root/ui
AgeCommit message (Collapse)AuthorFilesLines
2014-12-10keymaps: correct keymaps.c following Qemu coding styleGonglei1-88/+108
It's hard to read because of the confused coding style in this file. Let's correct it following Qemu coding style. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-10vnc-enc-tight: fix Arguments in wrong orderGonglei1-1/+1
Arguments in wrong order (SWAPPED_ARGUMENTS) The positions of arguments in the call to tight_fill_palette do not match the ordering of the parameters: &fg is passed to bg &bg is passed to fg Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-25input: move input-send-event into experimental namespaceGerd Hoffmann1-2/+2
Ongoing discussions on how we are going to specify the console, so tag the command as experiental so we can refine things in the 2.3 development cycle. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1416923657-10614-1-git-send-email-armbru@redhat.com [Spell out "not a stable API", and x- the QAPI schema, too] Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Amos Kong <akong@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-11-21gtk: Don't crash if -nodefaultsFam Zheng1-7/+9
This fixes a crash by just skipping the vte resize hack if cur is NULL. Reproducer: qemu-system-x86_64 -nodefaults Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-21gtk: fix possible memory leak about local_errzhanghailiang1-2/+1
local_err in gd_vc_gfx_init() is not freed, and we don't use it, so remove it. Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-13QMP/input-send-event: make console parameter optionalAmos Kong1-6/+9
The 'QemuConsole' is the input source for handler, we share some input handlers to process the input events from different QemuConsole. Normally we only have one set of keyboard, mouse, usbtablet, etc. The devices have different mask, it's fine to just checking mask to insure that the handler has the ability to process the event. I saw we try to bind console to handler in usb/dev-hid.c, but display always isn't available at that time. If we have multiseat setup (as Gerd said), we only have 'problem' in this case. Actually event from different devices have the same effect for system, it's fine to always use the first available handler without caring about the console. For send-key command, we just pass a NULL for console parameter in calling qemu_input_event_send_key(NULL, ..), but 'input-send-event' needs to care more devices. Conclusion: Generally assigning the special console is meanless, and we can't directly remove the QMP parameter for compatibility. So we can make the parameter optional. The parameter might be useful for some special condition: we have multiple devices without binding console and they all have the ability(mask) to process events, and we don't want to use the first one. Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Cc: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Amos Kong <akong@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04gtk: add GDK_KEY_pause #defineGerd Hoffmann1-0/+1
Add pause key to the list of compatibility defines. Fixes the build with older gtk versions. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04gtk: Hide the menubar when in fullscreen mode (lp 1294898)Cole Robinson1-2/+2
In fullscreen mode, we attempt to shrink the menubar to 1 pixel in height, so it takes up as little room as possible while still allowing us to use the keyboard shortcuts for its various operations. However this shrinking is disregarded on gtk3, so the entire menu bar is visible, which isn't very pleasant. This patch hides the menu bar instead. The side effect is that the only keyboard shortcuts that will work in this mode are the ones that we explicitly register on the top level window and not the menu bar. The previous patches changed the fullscreen and vc shortcuts to work like that, which I think are the only ones that really matter in for the fullscreen case. https://bugs.launchpad.net/qemu/+bug/1294898 Signed-off-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04gtk: Install vc accelerators on parent windowCole Robinson1-7/+15
So they are usable when we hide the menubar in upcoming patches. This has the accelerator text caveat as the fullscreen bit in the previous patch. Signed-off-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04gtk: Install fullscreen accelerator on toplevel windowCole Robinson1-4/+14
Instead of installing it on the menu. This will be needed to keep the fullscreen keyboard shortcut working when we hide the menu (in future patches). On gtk < 3.8, this has the unfortunate side effect of no longer listing the key combo in the UI. We could manually change the label in that case, but it will look visually out of place, and I'm not sure if anyone really cares. Signed-off-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04gtk: Grab accel_group from GtkDisplayStateCole Robinson1-12/+9
Rather than needlessly pass it around Signed-off-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-31ui: Use the new ".mo-cflags" rule syntax for SDL_CFLAGSFam Zheng1-2/+3
Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-30Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20141028-1' into ↵Peter Maydell1-5/+15
staging vnc: return directly if no vnc client connected vnc: sanitize bits_per_pixel from the client (CVE-2014-7815) # gpg: Signature made Tue 28 Oct 2014 10:52:31 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-vnc-20141028-1: vnc: return directly if no vnc client connected vnc: sanitize bits_per_pixel from the client Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-28vnc: return directly if no vnc client connectedChenLiang1-5/+5
graphic_hw_update and vnc_refresh_server_surface aren't need to do when no vnc client connected. It can reduce lock contention, because vnc_refresh will hold global big lock two millisecond every three seconds. Signed-off-by: ChenLiang <chenliang88@huawei.com> Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-28vnc: sanitize bits_per_pixel from the clientPetr Matousek1-0/+10
bits_per_pixel that are less than 8 could result in accessing non-initialized buffers later in the code due to the expectation that bytes_per_pixel value that is used to initialize these buffers is never zero. To fix this check that bits_per_pixel from the client is one of the values that the rfb protocol specification allows. This is CVE-2014-7815. Signed-off-by: Petr Matousek <pmatouse@redhat.com> [ kraxel: apply codestyle fix ] Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-28gtk: avoid gd_widget_reparent with gtk 3.14+Gerd Hoffmann1-2/+11
gtk_widget_reparent is depricated in gtk 3.14, stop using it. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-28gtk: drop gtk_widget_set_double_buffered callGerd Hoffmann1-1/+0
Dunno why it is here. Removing it seems to have no ill side effects. It is depricated in 3.14+. In some cases it has no effect since 3.10 according to the docs: https://developer.gnome.org/gtk3/stable/GtkWidget.html#gtk-widget-set-double-buffered Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15gtk: add support for the Pause keyMartin Decky1-0/+6
Special handing of the Pause key. Implemented in a similar way as in ui/sdl.c. Signed-off-by: Martin Decky <martin@decky.cz> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15gtk.c: Fix memory leak in gd_set_keycode_type()Chen Fan1-0/+7
this memory leak is introduced by the original commit 3158a3482b0093e41f2b2596fba50774ea31ae08 valgrind out showing: ==14553== 21,459 (72 direct, 21,387 indirect) bytes in 1 blocks are definitely lost in loss record 8,055 of 8,082 ==14553== at 0x4A06BC3: calloc (vg_replace_malloc.c:618) ==14553== by 0x80DBFBC: XkbGetKeyboardByName (in /usr/lib64/libX11.so.6.3.0) ==14553== by 0x40C704: gtk_display_init (gtk.c:1798) ==14553== by 0x1AEDC1: main (vl.c:4480) Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-02Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20141002-1' ↵Peter Maydell2-2/+46
into staging input monitor patches: fix send-key release ordering and new input-send-event command # gpg: Signature made Thu 02 Oct 2014 09:10:44 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-input-20141002-1: add input-send-event command input: fix send-key monitor command release event ordering Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-02add input-send-event commandMarcelo Tosatti1-0/+37
Which allows specification of absolute/relative, up/down and console parameters. Suggested by Gerd Hoffman. Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-02input: fix send-key monitor command release event orderingGerd Hoffmann1-2/+9
commit 2e377f1730d06deafb3e3ef6cf88792de4a6f4df changed the ordering of the release events as side effect. Some guests are not happy with that and don't recognise ctrl-alt-del any more. This patch restores the old last-pressed first-released behavior. Cc: Amos Kong <akong@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-30pixman: fix qemu_default_pixman_format (32bpp non-native endian)Gerd Hoffmann1-1/+1
Bug breaks SDL display of bigendian guests on little endian hosts. Reported-by: BALATON Zoltan <balaton@eik.bme.hu> Reported-by: Valentin Manea <valentin.manea@gmail.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-29console: add graphic_console_set_hwopsGerd Hoffmann1-2/+9
Add a function to allow display emulations to switch the hwops function pointers. This is useful for devices which have two completely different operation modes. Typical case is the vga compatibility mode vs. native mode in qxl and the upcoming virtio-vga device. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-22block: delete cow block driverStefan Hajnoczi1-1/+1
This patch removes support for the cow file format. Normally we do not break backwards compatibility but in this case there is no impact and it is the most logical option. Extraordinary claims require extraordinary evidence so I will show why removing the cow block driver is the right thing to do. The cow file format is the disk image format for Usermode Linux, a way of running a Linux system in userspace. The performance of UML was never great and it was hacky, but it enjoyed some popularity before hardware virtualization support became mainstream. QEMU's block/cow.c is supposed to read this image file format. Unfortunately the file format was underspecified: 1. Earlier Linux versions used the MAXPATHLEN constant for the backing filename field. The value of MAXPATHLEN can change, so Linux switched to a 4096 literal but QEMU has a 1024 literal. 2. Padding was not used on the header struct (both in the Linux kernel and in QEMU) so the struct layout varied across architectures. In particular, i386 and x86_64 were different due to int64_t alignment differences. Linux now uses __attribute__((packed)), QEMU does not. Therefore: 1. QEMU cow images do not conform to the Linux cow image file format. 2. cow images cannot be shared between different host architectures. This means QEMU cow images are useless and QEMU has not had bug reports from users actually hitting these issues. Let's get rid of this thing, it serves no purpose and no one will be affected. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-id: 1410877464-20481-1-git-send-email-stefanha@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-18vnc-tls: Clean up dead store in vnc_set_x509_credential()Markus Armbruster1-2/+0
Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-17ui/vnc: set TCP_NODELAYPeter Lieven1-0/+1
we currently have the Nagle algorithm enabled for all outgoing VNC updates. This may delay sensitive updates as mouse movements or typing in the console. As we currently prepare all data in a buffer and then send as much as we can disabling the Nagle algorithm should not cause big trouble. Well established VNC servers like TightVNC set TCP_NODELAY as well. A regular framebuffer update request generates exactly one framebuffer update which should be pushed out as fast as possible. Signed-off-by: Peter Lieven <pl@kamp.de> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-16qemu-char: Rename register_char_driver_qapi() to register_char_driver()Peter Maydell1-2/+1
Now we have removed the legacy register_char_driver() we can rename register_char_driver_qapi() to the more obvious and shorter name. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1409653457-27863-6-git-send-email-peter.maydell@linaro.org
2014-09-16Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-20140916-1' into ↵Peter Maydell2-4/+4
staging Two minor sdl2 fixes. # gpg: Signature made Tue 16 Sep 2014 07:20:37 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-sdl-20140916-1: sdl2: keymap fixups sdl2: drop sdl_zoom.h Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-16spice: call qemu_spice_set_passwd() during initMarc-André Lureau1-1/+1
Don't call SPICE API directly to set password given in command line, but use the internal API, saving password for later calls. This solves losing password when changing expiration in qemu monitor. https://bugzilla.redhat.com/show_bug.cgi?id=1138639 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-16sdl2: keymap fixupsGerd Hoffmann1-3/+4
Make a few keys works correctly in SDL2. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-16sdl2: drop sdl_zoom.hGerd Hoffmann1-1/+0
It isn't used. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-11Merge remote-tracking branch 'remotes/kraxel/tags/pull-console-20140905-2' ↵Peter Maydell4-152/+208
into staging console: pixman switchover continued, add some infrastructure to make it easier using pixman in display device emulation. # gpg: Signature made Fri 05 Sep 2014 14:38:57 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-console-20140905-2: console: Remove unused QEMU_BIG_ENDIAN_FLAG console: add qemu_pixman_linebuf_copy console: add dpy_gfx_update_dirty console: add qemu_create_displaysurface_guestmem console: stop using PixelFormat console: reimplement qemu_default_pixelformat console: add qemu_default_pixman_format console: add qemu_pixelformat_from_pixman Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-05console: Remove unused QEMU_BIG_ENDIAN_FLAGBenjamin Herrenschmidt2-15/+4
If we need to, we should use the pixman formats instead but for now this is unused except in commented out code so take it out to avoid further confusion about surface endianness. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-05console: add qemu_pixman_linebuf_copyGerd Hoffmann1-0/+9
Helper function for copying data from linebuf to framebuffer using pixman, possibly converting in case src and dst formats differ. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-05console: add dpy_gfx_update_dirtyGerd Hoffmann1-0/+61
Calls dpy_gfx_update for all dirty scanlines. Works for DisplaySurfaces backed by guest memory (i.e. the ones created using qemu_create_displaysurface_guestmem). Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-05console: add qemu_create_displaysurface_guestmemGerd Hoffmann1-0/+37
This patch adds a qemu_create_displaysurface_guestmem helper function. Works simliar to qemu_create_displaysurface_from, but accepts a guest address instead of a host pointer and it handles cpu_physical_memory_{map,unmap} for you. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-05console: stop using PixelFormatGerd Hoffmann2-25/+13
With this patch the qemu console core stops using PixelFormat and pixman format codes side-by-side, pixman format code is the primary way to specify the DisplaySurface format: * DisplaySurface stops carrying a PixelFormat field. * qemu_create_displaysurface_from() expects a pixman format now. Functions to convert PixelFormat to pixman_format_code_t (and back) exist for those who still use PixelFormat. As PixelFormat allows easy access to masks and shifts it will probably continue to exist. [ xenfb added by Benjamin Herrenschmidt ] Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-05console: reimplement qemu_default_pixelformatGerd Hoffmann1-113/+4
Use the new qemu_pixelformat_from_pixman and qemu_default_pixman_format functions to reimplement qemu_default_pixelformat (qemu_different_endianness_pixelformat too). Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-05console: add qemu_default_pixman_formatGerd Hoffmann1-0/+25
Function returning the default pixman format for a given depth. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-05console: add qemu_pixelformat_from_pixmanGerd Hoffmann1-0/+56
Function to convert pixman format codes to qemu PixelFormat. [ Benjamin Herrenschmidt: fix BGRA+RGBA shifts ] Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-05spice: make sure we don't overflow ssd->bufGerd Hoffmann1-5/+15
Related spice-only bug. We have a fixed 16 MB buffer here, being presented to the spice-server as qxl video memory in case spice is used with a non-qxl card. It's also used with qxl in vga mode. When using display resolutions requiring more than 16 MB of memory we are going to overflow that buffer. In theory the guest can write, indirectly via spice-server. The spice-server clears the memory after setting a new video mode though, triggering a segfault in the overflow case, so qemu crashes before the guest has a chance to do something evil. Fix that by switching to dynamic allocation for the buffer. CVE-2014-3615 Cc: qemu-stable@nongnu.org Cc: secalert@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2014-09-01spice: use console index as display idGerd Hoffmann1-2/+1
... instead of maintaining our own numbering. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-15spice: don't use 'Yoda conditions'Gonglei1-2/+2
imitate nearby code about using '!value' or 'value == NULL' Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-07-25vnc update fixGerd Hoffmann2-1/+4
We need to remember has_updates for each vnc client. Otherwise it might happen that vnc_update_client(has_dirty=1) takes the first exit due to output buffers not being flushed yet and subsequent calls with has_dirty=0 take the second exit, wrongly assuming there is nothing to do because the work defered in the first call is ignored. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de>
2014-07-25fix full frame updates for VNC clientsStephan Kulow1-0/+1
If the client asks for !incremental frame updates, it has lost its content so dirty doesn't matter - it has to see the full frame, so setting force_update Signed-off-by: Stephan Kulow <coolo@suse.de> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de>
2014-07-11Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20140711-1' into ↵Peter Maydell1-0/+5
staging spice: auth fixes # gpg: Signature made Fri 11 Jul 2014 10:17:15 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/spice/tags/pull-spice-20140711-1: spice: auth fixes Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-07-11ui/gtk: Restore keyboard focus after Page changeJohn Snow1-3/+6
(Resending for correct email addresses via MAINTAINERS ...) In the GTK UI, after changing focus to the qemu monitor Notebook Page, when restoring focus to the virtual machine page, the keyboard focus is lost to a hidden GTK widget. Focus can only be restored to the virtual machine by pressing "tab" or any of the four directional arrow keys. Clicking in the window or grabbing/ungrabbing input does not restore keyboard focus to the child widget. This patch adjusts the Notebook page switching callback to automatically steal keyboard focus on the Page switch event, so that keyboard input does not appear to break or disappear after tabbing to the QEMU monitor. Signed-off-by: John Snow <jsnow@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-07-11spice: auth fixesGerd Hoffmann1-0/+5
Set auth to sasl when sasl is enabled, this makes "info spice" correctly display sasl auth. Also throw an error in case someone tries to set a spice password via monitor without auth mode being "spice". Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-07-01ui/vnc: fix potential memory corruption issuesPeter Lieven2-86/+77
this patch makes the VNC server work correctly if the server surface and the guest surface have different sizes. Basically the server surface is adjusted to not exceed VNC_MAX_WIDTH x VNC_MAX_HEIGHT and additionally the width is rounded up to multiple of VNC_DIRTY_PIXELS_PER_BIT. If we have a resolution whose width is not dividable by VNC_DIRTY_PIXELS_PER_BIT we now get a small black bar on the right of the screen. If the surface is too big to fit the limits only the upper left area is shown. On top of that this fixes 2 memory corruption issues: The first was actually discovered during playing around with a Windows 7 vServer. During resolution change in Windows 7 it happens sometimes that Windows changes to an intermediate resolution where server_stride % cmp_bytes != 0 (in vnc_refresh_server_surface). This happens only if width % VNC_DIRTY_PIXELS_PER_BIT != 0. The second is a theoretical issue, but is maybe exploitable by the guest. If for some reason the guest surface size is bigger than VNC_MAX_WIDTH x VNC_MAX_HEIGHT we end up in severe corruption since this limit is nowhere enforced. Signed-off-by: Peter Lieven <pl@kamp.de> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>