qemu/ui
Fiona Ebner aada709c26 ui/vnc-clipboard: fix inflate_buffer
Commit d921fea338 ("ui/vnc-clipboard: fix infinite loop in
inflate_buffer (CVE-2023-3255)") removed this hunk, but it is still
required, because it can happen that stream.avail_in becomes zero
before coming across a return value of Z_STREAM_END in the loop.

This fixes the host->guest direction of the clipboard with noVNC and
TigerVNC as clients.

Fixes: d921fea338 ("ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)")
Reported-by: Friedrich Weber <f.weber@proxmox.com>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20231122125826.228189-1-f.ebner@proxmox.com>
(cherry picked from commit ebfbf39467)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2023-12-20 19:11:10 +03:00
..
icons configure: move directory options from config-host.mak to meson 2020-10-26 07:08:38 -04:00
keycodemapdb@d21009b1c9 ui: update keycodemapdb submodule commit 2021-07-26 10:24:49 +02:00
shader meson: clean up build_by_default 2020-09-30 19:09:19 +02:00
clipboard.c ui/clipboard: reset the serial state on reset 2022-09-23 14:38:27 +02:00
cocoa.m ui/cocoa: Run qemu_init in the main thread 2022-09-23 14:36:33 +02:00
console-gl.c ui/console: fix texture leak when calling surface_gl_create_texture() 2022-03-04 11:28:37 +01:00
console.c ui: fix crash when there are no active_console 2023-09-13 21:56:29 +03:00
curses_keys.h
curses.c ui/curses: Avoid dynamic stack allocation 2022-09-22 16:38:28 +01:00
cursor_hidden.xpm
cursor_left_ptr.xpm
cursor.c ui/cursor: fix integer overflow in cursor_alloc (CVE-2021-4206) 2022-04-07 12:30:54 +02:00
dbus-chardev.c ui/dbus: add chardev backend & interface 2021-12-21 10:50:22 +04:00
dbus-clipboard.c ui/dbus: add clipboard interface 2021-12-21 10:50:22 +04:00
dbus-console.c ui/dbus: associate the DBusDisplayConsole listener with the given console 2022-03-14 15:16:08 +04:00
dbus-display1.xml ui/dbus: add chardev backend & interface 2021-12-21 10:50:22 +04:00
dbus-error.c ui: add a D-Bus display backend 2021-12-21 10:50:22 +04:00
dbus-listener.c ui/dbus: do not send 2d scanout until gfx_update 2022-03-15 12:54:59 +04:00
dbus-module.c ui/dbus: add p2p=on/off option 2021-12-21 10:50:22 +04:00
dbus.c dbus-display: fix test race when initializing p2p connection 2022-07-19 14:35:00 +02:00
dbus.h ui: fix path to dbus-display1.h 2022-09-29 18:23:51 +02:00
egl-context.c ui: split the GL context in a different object 2021-12-21 10:50:21 +04:00
egl-headless.c ui/console: egl-headless is compatible with non-gl listeners 2022-03-14 15:16:05 +04:00
egl-helpers.c ui/gtk-egl: blitting partial guest fb to the proper scanout surface 2021-11-05 12:29:44 +01:00
gtk-clipboard.c Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
gtk-egl.c ui/gtk-egl: move function calls back to regular code path 2023-12-20 19:11:10 +03:00
gtk-gl-area.c ui/gtk: set the area of the scanout texture correctly 2023-07-02 07:49:18 +03:00
gtk.c ui/gtk: force realization of drawing area 2023-11-07 20:24:01 +03:00
input-barrier.c ui/input-barrier: Move TODOs from barrier.txt to a comment 2021-08-02 12:55:51 +01:00
input-barrier.h
input-keymap.c meson: rename included C source files to .c.inc 2020-08-21 06:18:30 -04:00
input-legacy.c ui/input-legacy: pass horizontal scroll information 2022-01-13 15:33:18 +01:00
input-linux.c ui: replace qemu_set_nonblock() 2022-05-03 15:52:37 +04:00
input.c Trivial: 3 char repeat typos 2022-06-28 11:06:02 +02:00
kbd-state.c
keymaps.c Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
keymaps.h
meson.build gtk: disable GTK Clipboard with a new meson option 2022-11-23 12:15:06 +01:00
qemu-pixman.c ui/pixman: Add qemu_pixman_to_drm_format() 2021-05-27 12:07:37 +02:00
qemu-x509.h
qemu.desktop
sdl2-2d.c ui/console: Pass placeholder surface to displays 2021-03-04 09:35:36 +01:00
sdl2-gl.c ui/sdl2: fix surface_gl_update_texture: Assertion 'gls' failed 2023-05-31 09:43:56 +03:00
sdl2-input.c ui/sdl2-input: use trace-events to debug key events 2020-05-19 09:06:44 +02:00
sdl2.c ui/sdl2: disable SDL_HINT_GRAB_KEYBOARD on Windows 2023-05-31 09:43:56 +03:00
shader.c ui/shader: free associated programs 2022-03-14 15:16:16 +04:00
spice-app.c ui/spice: Use HAVE_SPICE_GL for OpenGL checks 2021-07-26 10:24:49 +02:00
spice-core.c ui: move qemu_spice_fill_device_address to ui/util.c 2021-12-21 10:50:21 +04:00
spice-display.c ui/console: move dcl compatiblity check to a callback 2022-03-14 15:16:01 +04:00
spice-input.c spice: move add_interface() to QemuSpiceOps. 2020-10-21 15:46:14 +02:00
spice-module.c spice: wire up monitor in QemuSpiceOps. 2020-10-21 15:46:14 +02:00
trace-events ui: add some vdagent related traces 2022-09-23 14:38:23 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
udmabuf.c ui/console: Restrict udmabuf_fd() to Linux 2021-08-31 14:31:43 +02:00
util.c ui: move qemu_spice_fill_device_address to ui/util.c 2021-12-21 10:50:21 +04:00
vdagent.c ui/vdagent: fix serial reset of guest agent 2022-09-23 14:38:27 +02:00
vgafont.h ui: fix tab indentation 2022-11-08 10:23:06 +01:00
vnc_keysym.h ui: fix tab indentation 2022-11-08 10:23:06 +01:00
vnc-auth-sasl.c vnc: avoid deprecation warnings for SASL on OS X 2021-06-15 17:17:09 +02:00
vnc-auth-sasl.h vnc: avoid deprecation warnings for SASL on OS X 2021-06-15 17:17:09 +02:00
vnc-auth-vencrypt.c vnc: fix resource leak when websocket channel error 2020-11-04 08:25:17 +01:00
vnc-auth-vencrypt.h
vnc-clipboard.c ui/vnc-clipboard: fix inflate_buffer 2023-12-20 19:11:10 +03:00
vnc-enc-hextile-template.h
vnc-enc-hextile.c Drop useless casts from g_malloc() & friends to pointer 2022-10-22 23:15:40 +02:00
vnc-enc-tight.c Replacing CONFIG_VNC_PNG with CONFIG_PNG 2022-04-27 07:50:28 +02:00
vnc-enc-tight.h
vnc-enc-zlib.c
vnc-enc-zrle.c meson: rename included C source files to .c.inc 2020-08-21 06:18:30 -04:00
vnc-enc-zrle.c.inc meson: rename included C source files to .c.inc 2020-08-21 06:18:30 -04:00
vnc-enc-zrle.h
vnc-enc-zywrle-template.c ui: fix tab indentation 2022-11-08 10:23:06 +01:00
vnc-enc-zywrle.h ui: fix tab indentation 2022-11-08 10:23:06 +01:00
vnc-jobs.c vnc: move assert in vnc_worker_thread_loop 2023-06-11 11:03:26 +03:00
vnc-jobs.h
vnc-palette.c
vnc-palette.h
vnc-stubs.c vnc: support "-vnc help" 2021-01-23 15:55:07 -05:00
vnc-ws.c vnc: fix resource leak when websocket channel error 2020-11-04 08:25:17 +01:00
vnc-ws.h
vnc.c ui/vnc: fix handling of VNC_FEATURE_XVP 2023-09-28 07:34:34 +03:00
vnc.h Replacing CONFIG_VNC_PNG with CONFIG_PNG 2022-04-27 07:50:28 +02:00
win32-kbd-hook.c ui/win32-kbd-hook: handle AltGr in a hook procedure 2020-05-19 09:06:44 +02:00
x_keymap.c ui: Fix memory leak in qemu_xkeymap_mapping_table() 2021-05-02 17:24:50 +02:00
x_keymap.h