From nobody Wed Oct 23 00:29:33 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1729610718; cv=none; d=zohomail.com; s=zohoarc; b=NQJx0j3ZFKMLdaEh+elNFzich/JmuEOvV9AC5JVKVrXqrDphnH2380HCouTqLAtVFgLi9/iWltLfPd4Jo8mE2LxlpL4t4oh4mVknw14yHNQ0sl4NH+BFgk3YZkPsmihuevHy9gBz/xz74bT+6hZP9ZCQHoFUUCuLE8ve1U08ltI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1729610718; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=nZt2HKNUb5PfyAVwT+0TZxl+WowuzdEI4U/sbyJhCzs=; b=SMrpT3RqI3+QCqvH3uKFZy/2qorLsWa3MUr4LkfvRnsvC8bW99euuTA4FGAbWSEsb1xZgftjyUVFxHpb0P4iWLKz6L97wfJJ6XNTChZCTQyGwdgF+HCXnm/KqMmI4VCc9LuiqsscQ9VlfRL2pMgOMTWlmxuOcpEfS4SmbI7Nlx4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1729610717901191.51346183266662; Tue, 22 Oct 2024 08:25:17 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1t3Gkp-0008RS-Im; Tue, 22 Oct 2024 11:25:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1t3Gkm-0008FR-7C for qemu-devel@nongnu.org; Tue, 22 Oct 2024 11:25:00 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1t3Gkk-00052V-GY for qemu-devel@nongnu.org; Tue, 22 Oct 2024 11:24:59 -0400 Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-638-Ha-k4F5IOv25ZGvye_cFlw-1; Tue, 22 Oct 2024 11:24:53 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id C9BD6193586C; Tue, 22 Oct 2024 15:24:52 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.59]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 97A7219560A2; Tue, 22 Oct 2024 15:24:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1729610698; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nZt2HKNUb5PfyAVwT+0TZxl+WowuzdEI4U/sbyJhCzs=; b=XUihSqvF/Xpx0BDDHec7LjE2pHFP0czp7JEZ/b5A7PnIDBNWEm52eko59PcAzqIyfMwf7K JT4T6pGG8r3iLnsO//GqCNr9qGHafZhfi1aFChcKvFIaAb+OdtRRDqg9PGi/XpgimaFdpq 75+5Eupd3aT/z0ZTneQ0XO7ua+h+Bqk= X-MC-Unique: Ha-k4F5IOv25ZGvye_cFlw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: Wainer dos Santos Moschetta , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Thomas Huth , =?UTF-8?q?Alex=20Benn=C3=A9e?= Subject: [PULL 12/14] ui: fix handling of NULL SASL server data Date: Tue, 22 Oct 2024 16:24:13 +0100 Message-ID: <20241022152415.1632556-13-berrange@redhat.com> In-Reply-To: <20241022152415.1632556-1-berrange@redhat.com> References: <20241022152415.1632556-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.519, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1729610718844116600 The code is supposed to distinguish between SASL server data that is NULL, vs non-NULL but zero-length. It was incorrectly checking the 'serveroutlen' variable, rather than 'serverout' though, so failing to distinguish the cases. Fortunately we can fix this without breaking compatibility with clients, as clients already know how to decode the input data correctly. Reviewed-by: Marc-Andr=C3=A9 Lureau Signed-off-by: Daniel P. Berrang=C3=A9 --- ui/vnc-auth-sasl.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c index 25f6b4b776..a04feeb429 100644 --- a/ui/vnc-auth-sasl.c +++ b/ui/vnc-auth-sasl.c @@ -289,9 +289,10 @@ static int protocol_client_auth_sasl_step(VncState *vs= , uint8_t *data, size_t le goto authabort; } =20 - if (serveroutlen) { + if (serverout) { vnc_write_u32(vs, serveroutlen + 1); - vnc_write(vs, serverout, serveroutlen + 1); + vnc_write(vs, serverout, serveroutlen); + vnc_write_u8(vs, '\0'); } else { vnc_write_u32(vs, 0); } @@ -410,9 +411,10 @@ static int protocol_client_auth_sasl_start(VncState *v= s, uint8_t *data, size_t l goto authabort; } =20 - if (serveroutlen) { + if (serverout) { vnc_write_u32(vs, serveroutlen + 1); - vnc_write(vs, serverout, serveroutlen + 1); + vnc_write(vs, serverout, serveroutlen); + vnc_write_u8(vs, '\0'); } else { vnc_write_u32(vs, 0); } --=20 2.46.0