qemu/ui
Fiona Ebner 4b2648356f ui/vnc-clipboard: fix inflate_buffer
Commit d921fea338 ("ui/vnc-clipboard: fix infinite loop in
inflate_buffer (CVE-2023-3255)") removed this hunk, but it is still
required, because it can happen that stream.avail_in becomes zero
before coming across a return value of Z_STREAM_END in the loop.

This fixes the host->guest direction of the clipboard with noVNC and
TigerVNC as clients.

Fixes: d921fea338 ("ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)")
Reported-by: Friedrich Weber <f.weber@proxmox.com>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20231122125826.228189-1-f.ebner@proxmox.com>
(cherry picked from commit ebfbf39467)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2023-12-13 18:51:00 +03:00
..
icons
shader ui/shader: fix #version directive must occur on first line 2023-03-13 23:48:45 +04:00
clipboard.c ui/clipboard: reset the serial state on reset 2022-09-23 14:38:27 +02:00
cocoa.m cocoa: Fix warnings about invalid prototype declarations 2023-06-13 11:28:58 +02:00
console-gl.c
console.c ui: fix crash when there are no active_console 2023-09-21 19:35:19 +03:00
curses_keys.h For curses display, recognize a few more control keys 2023-07-25 10:56:51 +01:00
curses.c ui/curses: Avoid dynamic stack allocation 2022-09-22 16:38:28 +01:00
cursor_hidden.xpm
cursor_left_ptr.xpm
cursor.c ui/cursor: make width/height unsigned 16-bit integer 2023-05-28 13:08:25 +04:00
dbus-chardev.c ui/dbus: win32 support 2023-06-27 17:08:56 +02:00
dbus-clipboard.c ui/dbus: unregister clipboard on connection close 2023-03-13 22:57:39 +04:00
dbus-console.c ui/dbus: Properly dispose touch/mouse dbus objects 2023-09-21 19:35:19 +03:00
dbus-display1.xml ui/dbus: use shared D3D11 Texture2D when possible 2023-06-27 17:08:56 +02:00
dbus-error.c
dbus-listener.c ui/dbus: fix clang compilation issue 2023-08-01 23:52:23 +02:00
dbus-module.c
dbus.c ui/dbus: add GL support on win32 2023-06-27 17:08:56 +02:00
dbus.h ui/dbus: win32 support 2023-06-27 17:08:56 +02:00
egl-context.c ui/egl: fix make_context_current() callback return value 2023-06-27 17:08:56 +02:00
egl-headless.c ui: add optional d3d texture pointer to scanout texture 2023-06-27 17:08:56 +02:00
egl-helpers.c virtio-gpu-udmabuf: correct naming of QemuDmaBuf size properties 2023-07-17 15:22:28 +04:00
gtk-clipboard.c
gtk-egl.c ui/gtk-egl: move function calls back to regular code path 2023-12-13 18:51:00 +03:00
gtk-gl-area.c ui/gtk: set scanout mode in gd_egl/gd_gl_area_scanout_texture 2023-08-07 17:13:42 +04:00
gtk.c ui/gtk: force realization of drawing area 2023-11-09 16:39:13 +03:00
input-barrier.c
input-barrier.h
input-keymap.c
input-legacy.c
input-linux.c
input.c ui: add helpers for virtio-multitouch events 2023-05-28 13:08:25 +04:00
kbd-state.c
keymaps.c
keymaps.h
meson.build ui: add egl-headless support on win32 2023-06-27 17:08:56 +02:00
qemu-pixman.c console/win32: allocate shareable display surface 2023-06-27 17:08:56 +02:00
qemu-x509.h
qemu.desktop
sdl2-2d.c
sdl2-gl.c ui: add optional d3d texture pointer to scanout texture 2023-06-27 17:08:56 +02:00
sdl2-input.c
sdl2.c ui/sdl2: OpenGL window context 2023-06-27 12:31:15 +02:00
shader.c
spice-app.c Do not include "qemu/error-report.h" in headers that do not need it 2023-02-14 09:11:27 +01:00
spice-core.c ui/spice: fix compilation on win32 2023-03-24 11:55:55 +01:00
spice-display.c ui: add optional d3d texture pointer to scanout texture 2023-06-27 17:08:56 +02:00
spice-input.c
spice-module.c
trace-events ui/egl: query ANGLE d3d device 2023-06-27 17:08:56 +02:00
trace.h
udmabuf.c Do not include "qemu/error-report.h" in headers that do not need it 2023-02-14 09:11:27 +01:00
ui-hmp-cmds.c spice: move client_migrate_info command to ui/ 2023-04-24 15:01:46 +02:00
ui-qmp-cmds.c spice: move client_migrate_info command to ui/ 2023-04-24 15:01:46 +02:00
util.c include/hw/pci: Split pci_device.h off pci.h 2023-01-08 01:54:22 -05:00
vdagent.c Do not include "qemu/error-report.h" in headers that do not need it 2023-02-14 09:11:27 +01:00
vgafont.h ui: fix tab indentation 2022-11-08 10:23:06 +01:00
vnc_keysym.h ui: fix tab indentation 2022-11-08 10:23:06 +01:00
vnc-auth-sasl.c
vnc-auth-sasl.h
vnc-auth-vencrypt.c
vnc-auth-vencrypt.h
vnc-clipboard.c ui/vnc-clipboard: fix inflate_buffer 2023-12-13 18:51:00 +03:00
vnc-enc-hextile-template.h
vnc-enc-hextile.c Drop useless casts from g_malloc() & friends to pointer 2022-10-22 23:15:40 +02:00
vnc-enc-tight.c misc: Fix some typos in documentation and comments 2023-08-01 23:52:23 +02:00
vnc-enc-tight.h
vnc-enc-zlib.c
vnc-enc-zrle.c
vnc-enc-zrle.c.inc
vnc-enc-zrle.h
vnc-enc-zywrle-template.c ui: fix tab indentation 2022-11-08 10:23:06 +01:00
vnc-enc-zywrle.h ui: fix tab indentation 2022-11-08 10:23:06 +01:00
vnc-jobs.c vnc: move assert in vnc_worker_thread_loop 2023-06-10 00:00:24 +03:00
vnc-jobs.h
vnc-palette.c
vnc-palette.h
vnc-stubs.c
vnc-ws.c bulk: Remove pointless QOM casts 2023-06-05 20:48:34 +02:00
vnc-ws.h
vnc.c ui/vnc: fix handling of VNC_FEATURE_XVP 2023-10-03 02:00:54 +03:00
vnc.h ui: keep current cursor with QemuConsole 2023-03-13 22:57:39 +04:00
win32-kbd-hook.c
x_keymap.c
x_keymap.h