| 2014-05-19 10:32:40 |
Alexandros Frantzis |
description |
At various points in the code we are using a hardcoded size for the buffers we serialize our protobuf messages into. We are making the assumption that messages are always smaller than our hardcoded size (currenty 2KiB), but that is not correct. There are at least some protobuf messages that are unbounded.
We can see this problem cause a failure when running under VMware where the display configuration is large due to an abundance of displays and supported modes.
Marking this as critical since the bug also has potential security implications. |
At various points in the code we are using a hardcoded size for the buffers we serialize our protobuf messages into. We are making the assumption that messages are always smaller than our hardcoded size (currenty 2KiB), but that is not correct. There are at least some protobuf messages that are unbounded.
We can see this problem cause a failure when running under VMware where the display configuration is large due to an abundance of displays and supported modes, causing the client to hang because the server reply is incomplete/corrupted.
Marking this as critical since the bug also has potential security implications. |
|
