Skip to content

Fix issue accessing uninitialized memory in zrle.c#685

Open
mtrea wants to merge 1 commit intoLibVNC:masterfrom
mtrea:master
Open

Fix issue accessing uninitialized memory in zrle.c#685
mtrea wants to merge 1 commit intoLibVNC:masterfrom
mtrea:master

Conversation

@mtrea
Copy link

@mtrea mtrea commented Jan 2, 2026

This replaces pointer casting in UncompressCPixel with memcpy to prevent reading uninitialized memory when REALBPP/8 is smaller than sizeof(CARDBPP). For example, this is important if REALBPP/8 was 3 bytes but sizeof(CARDBPP) was 4 bytes.

I detected this issue and verified this fix with the help of https://github.com/google/sanitizers/wiki/memorysanitizer.

@mtrea
Fix issue accessing uninitialized memory in zrle.c
694ed8d 
This replaces pointer casting in UncompressCPixel with memcpy to prevent reading uninitialized memory when REALBPP/8 is smaller than sizeof(CARDBPP). For example, this is important if REALBPP/8 was 3 bytes but sizeof(CARDBPP) was 4 bytes.
@bk138
Copy link
Member

bk138 commented Mar 14, 2026

Does not pass CI, please rebuild.

@mtrea
Copy link
Author

mtrea commented Mar 16, 2026

How can I do that? I'm having a little trouble figuring that out.

@bk138
Copy link
Member

bk138 commented Mar 16, 2026

This is where CI fails: https://github.com/LibVNC/libvncserver/actions/runs/20667505618/job/59342602753?pr=685

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

component-client response-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mtrea @bk138