diff options
Diffstat (limited to 'user/tigervnc/0001-CSecurityTLS-Use-size_t-as-argument-for-new.patch')
| -rw-r--r-- | user/tigervnc/0001-CSecurityTLS-Use-size_t-as-argument-for-new.patch | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/user/tigervnc/0001-CSecurityTLS-Use-size_t-as-argument-for-new.patch b/user/tigervnc/0001-CSecurityTLS-Use-size_t-as-argument-for-new.patch new file mode 100644 index 000000000..1c608048c --- /dev/null +++ b/user/tigervnc/0001-CSecurityTLS-Use-size_t-as-argument-for-new.patch @@ -0,0 +1,66 @@ +From 065a471d16636c3fba5da8aed86ffa30dcfd489b Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" <AWilcox@Wilcox-Tech.com> +Date: Wed, 20 Mar 2019 13:22:51 -0500 +Subject: [PATCH 1/2] CSecurityTLS: Use size_t as argument for new +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Using an 'int' is invalid, and produces the following output under GCC 8.3.0: + +tigervnc-1.9.0/common/rfb/CSecurityTLS.cxx: In member function ‘void rfb::CSecurityTLS::checkSession()’: +tigervnc-1.9.0/common/rfb/CSecurityTLS.cxx:384:11: error: specified bound range [18446744071562067968, 18446744073709551615] exceeds ‘INT_MAX’ [-Werror=format-truncation=] + snprintf(certinfo, len, "This certificate has been signed by an unknown " + ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + "authority:\n\n%s\n\nDo you want to save it and " + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + "continue? ", info.data); + ~~~~~~~~~~~~~~~~~~~~~~~~ +tigervnc-1.9.0/common/rfb/CSecurityTLS.cxx:380:26: error: argument 1 range [18446744071562067968, 18446744073709551615] exceeds maximum object size 9223372036854775807 [-Werror=alloc-size-larger-than=] + certinfo = new char[len]; + ^ +In file included from /usr/include/c++/8.3.0/ext/new_allocator.h:33, + from /usr/include/c++/8.3.0/powerpc64-foxkit-linux-musl/bits/c++allocator.h:33, + from /usr/include/c++/8.3.0/bits/allocator.h:46, + from /usr/include/c++/8.3.0/bits/stl_tree.h:64, + from /usr/include/c++/8.3.0/set:60, + from tigervnc-1.9.0/common/rfb/ConnParams.h:26, + from tigervnc-1.9.0/common/rfb/SMsgHandler.h:28, + from tigervnc-1.9.0/common/rfb/SConnection.h:29, + from tigervnc-1.9.0/common/rfb/SSecurity.h:47, + from tigervnc-1.9.0/common/rfb/SSecurityStack.h:23, + from tigervnc-1.9.0/common/rfb/SSecurityVeNCrypt.h:32, + from tigervnc-1.9.0/common/rfb/CSecurityTLS.h:34, + from tigervnc-1.9.0/common/rfb/CSecurityTLS.cxx:36: +/usr/include/c++/8.3.0/new:122:7: note: in a call to allocation function ‘void* operator new [](std::size_t)’ declared here + void* operator new[](std::size_t) _GLIBCXX_THROW (std::bad_alloc) + ^~~~~~~~ +--- + common/rfb/CSecurityTLS.cxx | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx +index c6d1e310..235df45d 100644 +--- a/common/rfb/CSecurityTLS.cxx ++++ b/common/rfb/CSecurityTLS.cxx +@@ -383,7 +383,7 @@ void CSecurityTLS::checkSession() + size_t out_size = 0; + char *out_buf = NULL; + char *certinfo = NULL; +- int len = 0; ++ size_t len = 0; + + vlog.debug("certificate issuer unknown"); + +@@ -403,7 +403,7 @@ void CSecurityTLS::checkSession() + "authority:\n\n%s\n\nDo you want to save it and " + "continue? ", info.data); + +- for (int i = 0; i < len - 1; i++) ++ for (size_t i = 0; i < len - 1; i++) + if (certinfo[i] == ',' && certinfo[i + 1] == ' ') + certinfo[i] = '\n'; + +-- +2.19.2 + |