]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 829cb3d) | patch
ui: validate NUL byte padding in SASL client data more strictly
authorDaniel P. Berrangé <berrange@redhat.com>
Mon, 16 Sep 2024 12:49:11 +0000 (13:49 +0100)
committerDaniel P. Berrangé <berrange@redhat.com>
Tue, 22 Oct 2024 12:02:31 +0000 (13:02 +0100)
commit1a225f57f3a6bc7a9544b0aa567727f0ef51bc17
treed4b9dbc225e35419f7926fdcdc501e17ec1967f6tree
parent829cb3d0eab08e4fea768926f06db1c411a2767fcommit | diff
ui: validate NUL byte padding in SASL client data more strictly

When the SASL data is non-NULL, the SASL protocol spec requires that
it is padded with a trailing NUL byte. QEMU discards the trailing
byte, but does not currently validate that it was in fact a NUL.
Apply strict validation to better detect any broken clients.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
ui/vnc-auth-sasl.c diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git