projects / qemu / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b7ffa3b)
Fix infinite loop in VNC support, by Marc Bevand.
authorths <ths@c046a42c-6fe2-441c-8c8c-71466251a162>
Thu, 13 Sep 2007 12:41:42 +0000 (12:41 +0000)
committerths <ths@c046a42c-6fe2-441c-8c8c-71466251a162>
Thu, 13 Sep 2007 12:41:42 +0000 (12:41 +0000)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3169 c046a42c-6fe2-441c-8c8c-71466251a162

vnc.c patch | blob | history

diff --git a/vnc.c b/vnc.c
index 6490698..75e4fc9 100644 (file)
--- a/vnc.c
+++ b/vnc.c
@@ -1195,8 +1195,11 @@ static int protocol_client_msg(VncState *vs, char *data, size_t len)
        if (len == 1)
            return 8;
 
-       if (len == 8)
-           return 8 + read_u32(data, 4);
+       if (len == 8) {
+            uint32_t dlen = read_u32(data, 4);
+            if (dlen > 0)
+                return 8 + dlen;
+        }
 
        client_cut_text(vs, read_u32(data, 4), data + 8);
        break;
Unnamed repository; edit this file to name it for gitweb.