File LibVNCServer-CVE-2020-14398.patch of Package LibVNCServer.17330

Index: libvncserver-LibVNCServer-0.9.10/libvncclient/sockets.c
===================================================================
--- libvncserver-LibVNCServer-0.9.10.orig/libvncclient/sockets.c	2020-07-09 14:17:56.461707735 +0200
+++ libvncserver-LibVNCServer-0.9.10/libvncclient/sockets.c	2020-07-09 14:22:02.679183976 +0200
@@ -84,6 +84,12 @@ rfbBool errorMessageOnReadFailure = TRUE
 rfbBool
 ReadFromRFBServer(rfbClient* client, char *out, unsigned int n)
 {
+  const int USECS_WAIT_PER_RETRY = 100000;
+  /* in the upstream commit, there is new rfbClient->readTimeout variable
+     and DEFAULT_READ_TIMEOUT defined instead
+     https://github.com/LibVNC/libvncserver/commit/57433015f856cc12753378254ce4f1c78f5d9c7b */
+  const int READ_TIMEOUT = 60;
+  int retries = 0;
 #undef DEBUG_READ_EXACT
 #ifdef DEBUG_READ_EXACT
 	char* oout=out;
@@ -165,10 +171,16 @@ ReadFromRFBServer(rfbClient* client, cha
 	  errno=WSAGetLastError();
 #endif
 	  if (errno == EWOULDBLOCK || errno == EAGAIN) {
+	    if (READ_TIMEOUT > 0 &&
+		++retries > (READ_TIMEOUT * 1000 * 1000 / USECS_WAIT_PER_RETRY))
+	    {
+	      rfbClientLog("Connection timed out\n");
+	      return FALSE;
+	    }
 	    /* TODO:
 	       ProcessXtEvents();
 	    */
-	    WaitForMessage(client, 100000);
+	    WaitForMessage(client, USECS_WAIT_PER_RETRY);
 	    i = 0;
 	  } else {
 	    rfbClientErr("read (%d: %s)\n",errno,strerror(errno));
@@ -204,10 +216,16 @@ ReadFromRFBServer(rfbClient* client, cha
 	  errno=WSAGetLastError();
 #endif
 	  if (errno == EWOULDBLOCK || errno == EAGAIN) {
+	    if (READ_TIMEOUT > 0 &&
+		++retries > (READ_TIMEOUT * 1000 * 1000 / USECS_WAIT_PER_RETRY))
+	    {
+		rfbClientLog("Connection timed out\n");
+		return FALSE;
+	    }
 	    /* TODO:
 	       ProcessXtEvents();
 	    */
-	    WaitForMessage(client, 100000);
+	    WaitForMessage(client, USECS_WAIT_PER_RETRY);
 	    i = 0;
 	  } else {
 	    rfbClientErr("read (%s)\n",strerror(errno));