5d360b
From 1bf158dc510fc63f11725f2350369d06a3fff929 Mon Sep 17 00:00:00 2001
5d360b
From: "Daniel P. Berrange" <berrange@redhat.com>
5d360b
Date: Thu, 8 Feb 2018 17:50:40 +0100
5d360b
Subject: [PATCH 26/27] ui: correctly advance output buffer when writing SASL
5d360b
 data
5d360b
MIME-Version: 1.0
5d360b
Content-Type: text/plain; charset=UTF-8
5d360b
Content-Transfer-Encoding: 8bit
5d360b
5d360b
RH-Author: Daniel P. Berrange <berrange@redhat.com>
5d360b
Message-id: <20180208175041.5634-27-berrange@redhat.com>
5d360b
Patchwork-id: 78955
5d360b
O-Subject: [RHEL-7.5 qemu-kvm PATCH v1 26/27] ui: correctly advance output buffer when writing SASL data
5d360b
Bugzilla: 1527405
5d360b
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
5d360b
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
5d360b
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
5d360b
5d360b
In this previous commit:
5d360b
5d360b
  commit 8f61f1c5a6bc06438a1172efa80bc7606594fa07
5d360b
  Author: Daniel P. Berrange <berrange@redhat.com>
5d360b
  Date:   Mon Dec 18 19:12:20 2017 +0000
5d360b
5d360b
    ui: track how much decoded data we consumed when doing SASL encoding
5d360b
5d360b
I attempted to fix a flaw with tracking how much data had actually been
5d360b
processed when encoding with SASL. With that flaw, the VNC server could
5d360b
mistakenly discard queued data that had not been sent.
5d360b
5d360b
The fix was not quite right though, because it merely decremented the
5d360b
vs->output.offset value. This is effectively discarding data from the
5d360b
end of the pending output buffer. We actually need to discard data from
5d360b
the start of the pending output buffer. We also want to free memory that
5d360b
is no longer required. The correct way to handle this is to use the
5d360b
buffer_advance() helper method instead of directly manipulating the
5d360b
offset value.
5d360b
5d360b
Reported-by: Laszlo Ersek <lersek@redhat.com>
5d360b
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
5d360b
Reviewed-by: Eric Blake <eblake@redhat.com>
5d360b
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
5d360b
Message-id: 20180201155841.27509-1-berrange@redhat.com
5d360b
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
5d360b
(cherry picked from commit 627ebec208a8809818589e17f4fce55a59420ad2)
5d360b
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
5d360b
---
5d360b
 ui/vnc-auth-sasl.c | 2 +-
5d360b
 1 file changed, 1 insertion(+), 1 deletion(-)
5d360b
5d360b
diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c
5d360b
index 8188081..c39f588 100644
5d360b
--- a/ui/vnc-auth-sasl.c
5d360b
+++ b/ui/vnc-auth-sasl.c
5d360b
@@ -81,7 +81,7 @@ long vnc_client_write_sasl(VncState *vs)
5d360b
         } else {
5d360b
             vs->force_update_offset -= vs->sasl.encodedRawLength;
5d360b
         }
5d360b
-        vs->output.offset -= vs->sasl.encodedRawLength;
5d360b
+        buffer_advance(&vs->output, vs->sasl.encodedRawLength);
5d360b
         vs->sasl.encoded = NULL;
5d360b
         vs->sasl.encodedOffset = vs->sasl.encodedLength = 0;
5d360b
     }
5d360b
-- 
5d360b
1.8.3.1
5d360b