Annotation of /trunk/tigervnc/patches/tigervnc-1.0.90-CVE-2011-1775.patch
Parent Directory | Revision Log
Revision 1524 -
(hide annotations)
(download)
Thu Sep 8 21:58:14 2011 UTC (13 years ago) by niro
File size: 789 byte(s)
Thu Sep 8 21:58:14 2011 UTC (13 years ago) by niro
File size: 789 byte(s)
added fedora patches
1 | niro | 1524 | Index: common/rfb/CSecurityTLS.cxx |
2 | =================================================================== | ||
3 | --- common/rfb/CSecurityTLS.cxx (revision 4399) | ||
4 | +++ common/rfb/CSecurityTLS.cxx (revision 4400) | ||
5 | @@ -171,8 +171,15 @@ | ||
6 | if (!is->checkNoWait(1)) | ||
7 | return false; | ||
8 | |||
9 | - if (is->readU8() == 0) | ||
10 | - return true; | ||
11 | + if (is->readU8() == 0) { | ||
12 | + rdr::U32 result = is->readU32(); | ||
13 | + CharArray reason; | ||
14 | + if (result == secResultFailed || result == secResultTooMany) | ||
15 | + reason.buf = is->readString(); | ||
16 | + else | ||
17 | + reason.buf = strDup("Authentication failure (protocol error)"); | ||
18 | + throw AuthFailureException(reason.buf); | ||
19 | + } | ||
20 | |||
21 | if (gnutls_init(&session, GNUTLS_CLIENT) != GNUTLS_E_SUCCESS) | ||
22 | throw AuthFailureException("gnutls_init failed"); |