From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001 From: Christian Beier <dontmind@freeshell.org> Date: Mon, 19 Aug 2019 22:32:25 +0200 Subject: [PATCH] rfbserver: don't leak stack memory to the remote Thanks go to Pavel Cheremushkin of Kaspersky for reporting. --- libvncserver/rfbserver.c | 2 ++ 1 file changed, 2 insertions(+) --- a/server/libvncserver/rfbserver.c +++ b/server/libvncserver/rfbserver.c @@ -1557,6 +1557,8 @@ rfbServerCutTextMsg sct; rfbClientIteratorPtr iterator; + memset((char *)&sct, 0, sizeof(sct)); + iterator = rfbGetClientIterator(rfbScreen); while ((cl = rfbClientIteratorNext(iterator)) != NULL) { /* Client is not authenticated, ignore. See GNOME bug 678434. */