From cfe4b2324c5e1d333e23debcfbde615f9ff718b1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <mail@3v1n0.net>
Date: Thu, 11 Feb 2021 15:57:06 +0100
Subject: [PATCH] debian/patches: Fix crashes when using desktop sharing with
 g-r-d

Related to: https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/45

LP: #1915410
---
 ...-t-NULL-out-internal-of-the-default-.patch | 34 +++++++++++++
 ...lib-Clear-buffer-pointers-on-cleanup.patch | 49 +++++++++++++++++++
 debian/patches/series                         |  3 ++
 3 files changed, 86 insertions(+)
 create mode 100644 debian/patches/0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch
 create mode 100644 debian/patches/0002-zlib-Clear-buffer-pointers-on-cleanup.patch
 create mode 100644 debian/patches/series

diff --git a/debian/patches/0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch b/debian/patches/0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch
new file mode 100644
index 0000000..98f40be
--- /dev/null
+++ b/debian/patches/0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch
@@ -0,0 +1,34 @@
+From 6ef6a9828a03024f2635b058b2bcfe472bee863f Mon Sep 17 00:00:00 2001
+From: Christian Beier <info@christianbeier.net>
+Date: Mon, 20 Jul 2020 22:33:29 +0200
+Subject: [PATCH 1/2] libvncserver: don't NULL out internal of the default
+ cursor
+
+...otherwise an rfbScreen created after rfbScreenCleanup() was called
+gets assigned an invalid cursor struct.
+
+Origin: https://github.com/LibVNC/libvncserver/commit/d138cf90130b
+Bug-GNOME: https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/45
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libvncserver/+bug/1915410
+
+---
+ libvncserver/main.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libvncserver/main.c b/libvncserver/main.c
+index 6477ee8..06efe6e 100644
+--- a/libvncserver/main.c
++++ b/libvncserver/main.c
+@@ -1021,7 +1021,8 @@ void rfbScreenCleanup(rfbScreenInfoPtr screen)
+   FREE_IF(underCursorBuffer);
+   TINI_MUTEX(screen->cursorMutex);
+ 
+-  rfbFreeCursor(screen->cursor);
++  if(screen->cursor != &myCursor)
++      rfbFreeCursor(screen->cursor);
+ 
+ #ifdef LIBVNCSERVER_HAVE_LIBZ
+   rfbZlibCleanup(screen);
+-- 
+2.25.1
+
diff --git a/debian/patches/0002-zlib-Clear-buffer-pointers-on-cleanup.patch b/debian/patches/0002-zlib-Clear-buffer-pointers-on-cleanup.patch
new file mode 100644
index 0000000..da8a176
--- /dev/null
+++ b/debian/patches/0002-zlib-Clear-buffer-pointers-on-cleanup.patch
@@ -0,0 +1,49 @@
+From 1e0538a1a1eade3eaae24c7b2b778f09e503b3ac Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
+Date: Wed, 16 Sep 2020 08:38:05 +0200
+Subject: [PATCH 2/2] zlib: Clear buffer pointers on cleanup
+
+The pointers to the buffers were freed, and the size fields were set to
+0, but the buffer pointers themsef was not set to NULL, when shutting
+down, meaning the next time used, NULL checks would not tell whether the
+pointer is valid. This caused crashes ending with
+
+  #0  0x00007ffff73729e5 in raise () from /lib64/libc.so.6
+  #1  0x00007ffff735b895 in abort () from /lib64/libc.so.6
+  #2  0x00007ffff73b6857 in __libc_message () from /lib64/libc.so.6
+  #3  0x00007ffff73bdd7c in malloc_printerr () from /lib64/libc.so.6
+  #4  0x00007ffff73c2f1a in realloc () from /lib64/libc.so.6
+  #5  0x00007ffff78b558e in rfbSendOneRectEncodingZlib (cl=0x4a4b80, x=0, y=0, w=800, h=40) at /home/jonas/Dev/gnome/libvncserver/libvncserver/zlib.c:106
+  #6  0x00007ffff78b5dec in rfbSendRectEncodingZlib (cl=0x4a4b80, x=0, y=0, w=800, h=600) at /home/jonas/Dev/gnome/libvncserver/libvncserver/zlib.c:308
+  #7  0x00007ffff7899453 in rfbSendFramebufferUpdate (cl=0x4a4b80, givenUpdateRegion=0x49ef70) at /home/jonas/Dev/gnome/libvncserver/libvncserver/rfbserver.c:3264
+  #8  0x00007ffff789079d in rfbUpdateClient (cl=0x4a4b80) at /home/jonas/Dev/gnome/libvncserver/libvncserver/main.c:1275
+  #9  0x00007ffff78905f5 in rfbProcessEvents (screen=0x4d5790, usec=0) at /home/jonas/Dev/gnome/libvncserver/libvncserver/main.c:1251
+
+Origin: https://github.com/LibVNC/libvncserver/commit/91c685ca
+Bug-GNOME: https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/45
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libvncserver/+bug/1915410
+---
+ libvncserver/zlib.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncserver/zlib.c b/libvncserver/zlib.c
+index ac20c9c..6b7731e 100644
+--- a/libvncserver/zlib.c
++++ b/libvncserver/zlib.c
+@@ -63,11 +63,13 @@ void rfbZlibCleanup(rfbScreenInfoPtr screen)
+ {
+   if (zlibBeforeBufSize) {
+     free(zlibBeforeBuf);
++    zlibBeforeBuf = NULL;
+     zlibBeforeBufSize=0;
+   }
+   if (zlibAfterBufSize) {
+     zlibAfterBufSize=0;
+     free(zlibAfterBuf);
++    zlibAfterBuf = NULL;
+   }
+ }
+ 
+-- 
+2.25.1
+
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..61f9809
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,3 @@
+0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch
+0002-zlib-Clear-buffer-pointers-on-cleanup.patch
+
-- 
GitLab