tigervnc/patches/tigervnc-1.0.90-CVE-2011-1775.patch

Index: common/rfb/CSecurityTLS.cxx
===================================================================
--- common/rfb/CSecurityTLS.cxx	(revision 4399)
+++ common/rfb/CSecurityTLS.cxx	(revision 4400)
@@ -171,8 +171,15 @@
     if (!is->checkNoWait(1))
       return false;
 
-    if (is->readU8() == 0)
-      return true;
+    if (is->readU8() == 0) {
+      rdr::U32 result = is->readU32();
+      CharArray reason;
+      if (result == secResultFailed || result == secResultTooMany)
+        reason.buf = is->readString();
+      else
+        reason.buf = strDup("Authentication failure (protocol error)");
+      throw AuthFailureException(reason.buf);
+    }
 
     if (gnutls_init(&session, GNUTLS_CLIENT) != GNUTLS_E_SUCCESS)
       throw AuthFailureException("gnutls_init failed");
1	niro	1524	Index: common/rfb/CSecurityTLS.cxx
2			===================================================================
3			--- common/rfb/CSecurityTLS.cxx (revision 4399)
4			+++ common/rfb/CSecurityTLS.cxx (revision 4400)
5			@@ -171,8 +171,15 @@
6			if (!is->checkNoWait(1))
7			return false;
8
9			- if (is->readU8() == 0)
10			- return true;
11			+ if (is->readU8() == 0) {
12			+ rdr::U32 result = is->readU32();
13			+ CharArray reason;
14			+ if (result == secResultFailed \|\| result == secResultTooMany)
15			+ reason.buf = is->readString();
16			+ else
17			+ reason.buf = strDup("Authentication failure (protocol error)");
18			+ throw AuthFailureException(reason.buf);
19			+ }
20
21			if (gnutls_init(&session, GNUTLS_CLIENT) != GNUTLS_E_SUCCESS)
22			throw AuthFailureException("gnutls_init failed");