Mailinglist Archive: opensuse-commit (1177 mails)

Hello community,

here is the log from the commit of package xrdp for openSUSE:Factory
checked in at Mon Jan 12 02:18:24 CET 2009.

--------
--- xrdp/xrdp.changes 2009-01-09 02:19:02.000000000 +0100
+++ /mounts/work_src_done/STABLE/xrdp/xrdp.changes 2009-01-09
21:08:43.000000000 +0100
@@ -1,0 +2,5 @@
+Fri Jan 9 14:57:30 EST 2009 - davidr@xxxxxxxxxx
+
+- Fix multiple buffer overflows. (bnc#450898)
+
+-------------------------------------------------------------------

calling whatdependson for head-i586

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ xrdp.spec ++++++
--- /var/tmp/diff_new_pack.Gi7593/_old 2009-01-12 02:16:57.000000000 +0100
+++ /var/tmp/diff_new_pack.Gi7593/_new 2009-01-12 02:16:57.000000000 +0100
@@ -21,7 +21,7 @@
Name: xrdp
%define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services
Version: 0.4.1
-Release: 18
+Release: 20
License: GPL v2 or later
Requires: dbus-1 xorg-x11-libXau xorg-x11-server-dmx xorg-x11-server-rdp
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -97,6 +97,8 @@
%config %{_fwdefdir}/xrdp

%changelog
+* Fri Jan 09 2009 davidr@xxxxxxxxxx
+- Fix multiple buffer overflows. (bnc#450898)
* Tue Jan 06 2009 davidr@xxxxxxxxxx
- Properly install firewall definition file. (bnc#460835)
* Mon Jan 05 2009 davidr@xxxxxxxxxx
@@ -144,7 +146,7 @@
- Update xrdp-NOMAD.diff
* Fix Xdmx command line arguments
* Fix session data matching for XDMX sessions
-* Fri Sep 12 2008 hfiguiere@xxxxxxx
+* Thu Sep 11 2008 hfiguiere@xxxxxxx
- Add Avahi support.
- More comprehensive support of NOMAD.
* Tue Sep 02 2008 hfiguiere@xxxxxxx

++++++ xrdp-NOMAD.diff ++++++
--- /var/tmp/diff_new_pack.Gi7593/_old 2009-01-12 02:16:58.000000000 +0100
+++ /var/tmp/diff_new_pack.Gi7593/_new 2009-01-12 02:16:58.000000000 +0100
@@ -2100,6 +2100,40 @@
xrdp_stop
is_xrdp_running
while ! test $? -eq 0
+diff --git a/rdp/rdp_rdp.c b/rdp/rdp_rdp.c
+index db8bb30..ce50ab5 100644
+--- a/rdp/rdp_rdp.c
++++ b/rdp/rdp_rdp.c
+@@ -411,8 +411,27 @@ rdp_rdp_process_color_pointer_pdu(struct rdp_rdp* self,
struct stream* s)
+ in_uint16_le(s, cursor->height);
+ in_uint16_le(s, mlen); /* mask length */
+ in_uint16_le(s, dlen); /* data length */
+- in_uint8a(s, cursor->data, dlen);
+- in_uint8a(s, cursor->mask, mlen);
++
++ g_memset (cursor->data, 0, sizeof (cursor->data));
++ if (dlen <= sizeof (cursor->data))
++ {
++ in_uint8a(s, cursor->data, dlen);
++ }
++ else
++ {
++ in_uint8s(s, dlen);
++ }
++
++ g_memset (cursor->mask, 0, sizeof (cursor->mask));
++ if (mlen <= sizeof (cursor->mask))
++ {
++ in_uint8a(s, cursor->mask, mlen);
++ }
++ else
++ {
++ in_uint8s(s, mlen);
++ }
++
+ self->mod->server_set_cursor(self->mod, cursor->x, cursor->y,
+ cursor->data, cursor->mask);
+ }
diff --git a/sesman/Makefile.am b/sesman/Makefile.am
index 22736e6..96b9bf8 100644
--- a/sesman/Makefile.am
@@ -5343,7 +5377,7 @@
password=ask
ip=127.0.0.1
diff --git a/xrdp/xrdp_bitmap.c b/xrdp/xrdp_bitmap.c
-index b3d7162..f7eed9d 100644
+index b3d7162..ecb3716 100644
--- a/xrdp/xrdp_bitmap.c
+++ b/xrdp/xrdp_bitmap.c
@@ -98,7 +98,9 @@ xrdp_bitmap_create(int width, int height, int bpp,
@@ -5808,7 +5842,7 @@
}
else if (self->type == WND_TYPE_SCREEN) /* 2 */
{
-@@ -1052,31 +1094,25 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self,
struct xrdp_rect* rect)
+@@ -1052,65 +1094,78 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self,
struct xrdp_rect* rect)
}
else if (self->type == WND_TYPE_EDIT) /* 5 */
{
@@ -5852,7 +5886,12 @@
/* draw text */
painter->fg_color = self->wm->black;
if (self->password_char != 0)
-@@ -1088,7 +1124,25 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self, struct
xrdp_rect* rect)
+ {
+- i = g_mbstowcs(0, self->caption1, 0);
++ i = MIN (g_mbstowcs(0, self->caption1, 0), 255);
+ g_memset(text, self->password_char, i);
+ text[i] = 0;
+ xrdp_painter_draw_text(painter, self, 4, 2, text);
}
else
{
@@ -5879,7 +5918,26 @@
}
/* draw xor box(cursor) */
if (self->parent != 0)
-@@ -1110,7 +1164,7 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self, struct
xrdp_rect* rect)
+ {
+ if (self->parent->focused_control == self)
+ {
++ i = MIN (self->edit_pos, 255);
+ if (self->password_char != 0)
+ {
+- wchar_repeat(wtext, 255, self->password_char, self->edit_pos);
+- wtext[self->edit_pos] = 0;
+- g_wcstombs(text, wtext, 255);
++ wchar_repeat(wtext, 255, self->password_char, i);
++ wtext[i] = 0;
++ g_wcstombs(text, wtext, i);
+ }
+ else
+ {
+ g_mbstowcs(wtext, self->caption1, 255);
+- wtext[self->edit_pos] = 0;
++ wtext[i] = 0;
+ g_wcstombs(text, wtext, 255);
+ }
w = xrdp_painter_text_width(painter, text);
painter->fg_color = self->wm->white;
painter->rop = 0x5a;
@@ -5888,7 +5946,7 @@
}
}
/* reset rop back */
-@@ -1123,37 +1177,32 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self,
struct xrdp_rect* rect)
+@@ -1123,37 +1178,32 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self,
struct xrdp_rect* rect)
}
else if (self->type == WND_TYPE_COMBO) /* 7 combo box */
{
@@ -5946,7 +6004,7 @@
/* draw text */
if (self->parent->focused_control == self)
{
-@@ -1178,6 +1227,13 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self, struct
xrdp_rect* rect)
+@@ -1178,6 +1228,13 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self, struct
xrdp_rect* rect)
{
xrdp_bitmap_draw_button(self, painter, x, y, w, h, 1);
}
@@ -5960,7 +6018,7 @@
}
else if (self->type == WND_TYPE_SPECIAL) /* 8 special */
{
-@@ -1207,6 +1263,22 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self, struct
xrdp_rect* rect)
+@@ -1207,6 +1264,22 @@ xrdp_bitmap_invalidate(struct xrdp_bitmap* self, struct
xrdp_rect* rect)
}
}
}

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Remember to have fun...

--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx

< Previous

Next >

Mailinglist Archive: opensuse-commit (1177 mails)

commit xrdp for openSUSE:Factory

Search this list

List Navigation

This Thread