sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-05-20 23:59:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Guard buildExtClipProvideText against oversized input

Browse Source
This commit is contained in:
Viktor Liu
2026-05-18 07:42:24 +02:00
parent bfb6750b13
commit 785f94d13f
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
client/vnc/server/extclipboard.go
View File

@@ -88,8 +88,12 @@ func buildExtClipRequest(formats uint32) []byte {
// buildExtClipProvideText emits a Provide carrying UTF-8 text. The inner // buildExtClipProvideText emits a Provide carrying UTF-8 text. The inner
// stream (4-byte length including the trailing NUL, then UTF-8 bytes, then // stream (4-byte length including the trailing NUL, then UTF-8 bytes, then
// NUL) is zlib-compressed; each Provide uses an independent zlib context // NUL) is zlib-compressed; each Provide uses an independent zlib context
// per the extension spec. // per the extension spec. Rejects oversized input so a caller bug can't
// produce a payload larger than the size advertised in our Caps.
func buildExtClipProvideText(text string) ([]byte, error) { func buildExtClipProvideText(text string) ([]byte, error) {
if len(text) > extClipMaxText {
return nil, fmt.Errorf("clipboard text exceeds extClipMaxText (%d > %d)", len(text), extClipMaxText)
}
body := make([]byte, 0, 4+len(text)+1) body := make([]byte, 0, 4+len(text)+1)
var lenBuf [4]byte var lenBuf [4]byte
binary.BigEndian.PutUint32(lenBuf[:], uint32(len(text)+1)) binary.BigEndian.PutUint32(lenBuf[:], uint32(len(text)+1))