On Tue, May 12, 2009 at 01:24:09PM +0200, Peter Åstrand wrote: > > Why does it work with shorter passwords?
Currently rfb::PlainPasswd::PlainPasswd(const struct rfb::ObfuscatedPasswd &) constructor is used. It allocates space for 9 chars so 9-chars passwords are OK. I didn't inspected why 11-chars passwd is still OK but I expect that glibc allocates little bigger buffer than 9 chars or memory which is right after the buffer is not used at all (so overflow doesn't matter). > On Tue, 12 May 2009, Adam Tkac wrote: > >> Hi, >> >> on 32bit systems vncpasswd dies on invalid free() when you specify >> password longer than 12 characters. After inspection problem is >> missing constructor. >> >> Reference: >> https://bugzilla.redhat.com/show_bug.cgi?id=499401 >> >> Proposed patch (trunk + 1_0) is attached. >> >> Regards, Adam >> >> -- >> Adam Tkac, Red Hat, Inc. >> > > > --- > Peter Åstrand ThinLinc Chief Developer > Cendio AB http://www.cendio.com > Wallenbergs gata 4 > 583 30 Linköping Phone: +46-13-21 46 00 -- Adam Tkac, Red Hat, Inc. ------------------------------------------------------------------------------ The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com _______________________________________________ Tigervnc-devel mailing list Tigervnc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tigervnc-devel
