LibVNCClient: don't leak uninitialised memory to remote

The pad fields of the rfbClientCutTextMsg and rfbKeyEventMsg could contain arbitray memory belonging to the process,
don't leak this to the remote.

Closes #252
(cherry picked from commit 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838)
pull/38/head
Christian Beier 6 years ago committed by Slávek Banko
parent 90147500e0
commit 2554b84b8b
No known key found for this signature in database
GPG Key ID: 608F5293A04BE668

@ -501,6 +501,7 @@ SendKeyEvent(CARD32 key, Bool down)
{ {
rfbKeyEventMsg ke; rfbKeyEventMsg ke;
memset(&ke, 0, sizeof(ke));
ke.type = rfbKeyEvent; ke.type = rfbKeyEvent;
ke.down = down ? 1 : 0; ke.down = down ? 1 : 0;
ke.key = Swap32IfLE(key); ke.key = Swap32IfLE(key);
@ -518,6 +519,7 @@ SendClientCutText(const char *str, int len)
{ {
rfbClientCutTextMsg cct; rfbClientCutTextMsg cct;
memset(&cct, 0, sizeof(cct));
cct.type = rfbClientCutText; cct.type = rfbClientCutText;
cct.length = Swap32IfLE((unsigned int)len); cct.length = Swap32IfLE((unsigned int)len);
return (WriteExact(rfbsock, (char *)&cct, sz_rfbClientCutTextMsg) && return (WriteExact(rfbsock, (char *)&cct, sz_rfbClientCutTextMsg) &&

Loading…
Cancel
Save