From 56473dcf495efdec31574a95efd9cf6f0eda6c4b Mon Sep 17 00:00:00 2001
From: Packit Service <user-cont-team+packit-service@redhat.com>
Date: Dec 09 2020 20:52:40 +0000
Subject: Apply patch libvncserver-0.9.11-CVE-2019-20839.patch


patch_name: libvncserver-0.9.11-CVE-2019-20839.patch
present_in_specfile: true
location_in_specfile: 15

---

diff --git a/libvncclient/sockets.c b/libvncclient/sockets.c
index 8ddfd9d..c243d71 100644
--- a/libvncclient/sockets.c
+++ b/libvncclient/sockets.c
@@ -425,6 +425,10 @@ ConnectClientToUnixSock(const char *sockFile)
   int sock;
   struct sockaddr_un addr;
   addr.sun_family = AF_UNIX;
+  if(strlen(sockFile) + 1 > sizeof(addr.sun_path)) {
+      rfbClientErr("ConnectToUnixSock: socket file name too long\n");
+      return -1;
+  }
   strcpy(addr.sun_path, sockFile);
 
   sock = socket(AF_UNIX, SOCK_STREAM, 0);