projects / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3488fc3) | patch
vnc: avoid underflow when accessing user-provided address
authorPaolo Bonzini <pbonzini@redhat.com>
Thu, 30 Mar 2023 12:23:40 +0000 (14:23 +0200)
committerPaolo Bonzini <pbonzini@redhat.com>
Thu, 20 Apr 2023 09:17:35 +0000 (11:17 +0200)
commit3f9c41c5df9617510d8533cf6588172efb3df34b
treeebb251784ad78c2dff960cd3f607e40028b28575tree | snapshot
parent3488fc326297831e5d57e6d49ed17d9c1c6d056bcommit | diff
vnc: avoid underflow when accessing user-provided address

If hostlen is zero, there is a possibility that addrstr[hostlen - 1]
underflows and, if a closing bracked is there, hostlen - 2 is passed
to g_strndup() on the next line.  If websocket==false then
addrstr[0] would be a colon, but if websocket==true this could in
principle happen.

Fix it by checking hostlen.

Reported by Coverity.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
ui/vnc.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.