-
-
Notifications
You must be signed in to change notification settings - Fork 171
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
make it possible to enable and disable all input parsers individually (lz4, codecs, etc) #614
Comments
Remaining tasks:
|
Dealing with errors much improved in r6969. |
Notes:
This is as much for your own information as it is for testing:
the client should fail with (the same message should appear in the server log file and include the client's connecting TCP address or socket):
|
2014-07-31 22:37:06: maxmylyn commented
|
I assume you mean the "
Right you are, this is fixed in r7081.
Probably the same bugs fixed above. I've also improved the error messages that come out. Can you try again please? |
2014-08-02 00:06:55: maxmylyn commented
|
That's what older servers say (you were on r7041), newer ones provide more informative messages. Closing. |
And one more: r7689. |
As per https://winswitch.org/trac/ticket/266, we have a problem where older versions of xpra (before v0.11.x it seems) do not send zlib=1 and so we end up not using compression at all (or worse before 7689: crashing the connection!). That is fixed in r7691. (this change is for v0.14.x only as trunk is not compatible with versions older than 0.12 anyway) |
Following the recent problems with lz4 (in particular Hacking CERN - Exploiting python-lz4 for Particles and Profit, and Raising Lazarus - The 20 Year Old Bug that Went to Mars: Linux Kernel, ffmpeg..).
There have been numerous vulnerabilities in ffmpeg over the years, and even the venerable zlib is not immune to bugs. And zlib is also used in PNG...
It makes sense to assume that every non-trivial input parser is going to have issues.
This is more problematic for platforms like win32 and osx, for which we are forced to ship a large number of libraries ourselves because their respective OS vendor provides very little: this means we also become responsible for updating the installers every time a new flaw is discovered. It also means that the more security conscious users cannot pre-emptively disable this code.
The solution is to provide options to allow as many of those parsers to be switched on or off via the command line (or configuration file) - which is much easier and faster than installing newer versions of the software.
The priority should be for the parsers that can most easily be abused: the network layer must parse data before the connection is authenticated.
List of new switches required:
lz4
andzlib
(at least one should be enabled)bencode
andrencode
(at least one must be enabled)--video-encoders=
and--csc-modules=
)webp
,PIL
, ..)The text was updated successfully, but these errors were encountered: