mirrors
/
FreeRDP
mirror of https://github.com/FreeRDP/FreeRDP
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:awakecoding/FreeRDP

This commit is contained in:
Marc-André Moreau 2013-01-18 13:50:59 -05:00
parent 5b4aaf276f df01ba88d4
commit 04c6f689cc
61 changed files with 2046 additions and 1310 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
channels/drive/client/drive_file.c
View File

@ -601,6 +601,7 @@ BOOL drive_file_query_directory(DRIVE_FILE* file, UINT32 FsInformationClass, BYT
DEBUG_SVC(" pattern %s matched %s", file->pattern, ent_path);
free(ent_path);
ent_path = NULL;
length = ConvertToUnicode(CP_UTF8, 0, ent->d_name, -1, &ent_path, 0) * 2;

2
channels/drive/client/drive_main.c
View File

@ -391,7 +391,7 @@ static void drive_process_irp_query_volume_information(DRIVE_DEVICE* disk, IRP*
struct STAT st;
char* volumeLabel = {"FREERDP"};
char* diskType = {"FAT32"};
WCHAR* outStr;
WCHAR* outStr = NULL;
int length;
stream_read_UINT32(irp->input, FsInformationClass);

4
channels/printer/client/printer_main.c
View File

@ -235,9 +235,9 @@ void printer_register(PDEVICE_SERVICE_ENTRY_POINTS pEntryPoints, rdpPrinter* pri
char* port;
UINT32 Flags;
int DriverNameLen;
WCHAR* DriverName;
WCHAR* DriverName = NULL;
int PrintNameLen;
WCHAR* PrintName;
WCHAR* PrintName = NULL;
UINT32 CachedFieldsLen;
BYTE* CachedPrinterConfigData;
PRINTER_DEVICE* printer_dev;

113
channels/rail/client/rail_orders.c
View File

@ -70,7 +70,7 @@ static const char* const RAIL_ORDER_TYPE_STRINGS[] =
void rail_string_to_unicode_string(rdpRailOrder* rail_order, char* string, RAIL_UNICODE_STRING* unicode_string)
{
WCHAR* buffer;
WCHAR* buffer = NULL;
int length = 0;
if (unicode_string->string != NULL)
@ -88,10 +88,13 @@ void rail_string_to_unicode_string(rdpRailOrder* rail_order, char* string, RAIL_
unicode_string->length = (UINT16) length;
}
void rail_read_pdu_header(STREAM* s, UINT16* orderType, UINT16* orderLength)
BOOL rail_read_pdu_header(STREAM* s, UINT16* orderType, UINT16* orderLength)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT16(s, *orderType); /* orderType (2 bytes) */
stream_read_UINT16(s, *orderLength); /* orderLength (2 bytes) */
return TRUE;
}
void rail_write_pdu_header(STREAM* s, UINT16 orderType, UINT16 orderLength)
@ -133,23 +136,31 @@ void rail_write_high_contrast(STREAM* s, HIGH_CONTRAST* high_contrast)
rail_write_unicode_string(s, &high_contrast->colorScheme); /* colorScheme */
}
void rail_read_handshake_order(STREAM* s, RAIL_HANDSHAKE_ORDER* handshake)
BOOL rail_read_handshake_order(STREAM* s, RAIL_HANDSHAKE_ORDER* handshake)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, handshake->buildNumber); /* buildNumber (4 bytes) */
return TRUE;
}
void rail_read_server_exec_result_order(STREAM* s, RAIL_EXEC_RESULT_ORDER* exec_result)
BOOL rail_read_server_exec_result_order(STREAM* s, RAIL_EXEC_RESULT_ORDER* exec_result)
{
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT16(s, exec_result->flags); /* flags (2 bytes) */
stream_read_UINT16(s, exec_result->execResult); /* execResult (2 bytes) */
stream_read_UINT32(s, exec_result->rawResult); /* rawResult (4 bytes) */
stream_seek_UINT16(s); /* padding (2 bytes) */
rail_read_unicode_string(s, &exec_result->exeOrFile); /* exeOrFile */
return rail_read_unicode_string(s, &exec_result->exeOrFile); /* exeOrFile */
}
void rail_read_server_sysparam_order(STREAM* s, RAIL_SYSPARAM_ORDER* sysparam)
BOOL rail_read_server_sysparam_order(STREAM* s, RAIL_SYSPARAM_ORDER* sysparam)
{
BYTE body;
if(stream_get_left(s) < 5)
return FALSE;
stream_read_UINT32(s, sysparam->param); /* systemParam (4 bytes) */
stream_read_BYTE(s, body); /* body (1 byte) */
@ -166,10 +177,13 @@ void rail_read_server_sysparam_order(STREAM* s, RAIL_SYSPARAM_ORDER* sysparam)
default:
break;
}
return TRUE;
}
void rail_read_server_minmaxinfo_order(STREAM* s, RAIL_MINMAXINFO_ORDER* minmaxinfo)
BOOL rail_read_server_minmaxinfo_order(STREAM* s, RAIL_MINMAXINFO_ORDER* minmaxinfo)
{
if(stream_get_left(s) < 20)
return FALSE;
stream_read_UINT32(s, minmaxinfo->windowId); /* windowId (4 bytes) */
stream_read_UINT16(s, minmaxinfo->maxWidth); /* maxWidth (2 bytes) */
stream_read_UINT16(s, minmaxinfo->maxHeight); /* maxHeight (2 bytes) */
@ -179,11 +193,14 @@ void rail_read_server_minmaxinfo_order(STREAM* s, RAIL_MINMAXINFO_ORDER* minmaxi
stream_read_UINT16(s, minmaxinfo->minTrackHeight); /* minTrackHeight (2 bytes) */
stream_read_UINT16(s, minmaxinfo->maxTrackWidth); /* maxTrackWidth (2 bytes) */
stream_read_UINT16(s, minmaxinfo->maxTrackHeight); /* maxTrackHeight (2 bytes) */
return TRUE;
}
void rail_read_server_localmovesize_order(STREAM* s, RAIL_LOCALMOVESIZE_ORDER* localmovesize)
BOOL rail_read_server_localmovesize_order(STREAM* s, RAIL_LOCALMOVESIZE_ORDER* localmovesize)
{
UINT16 isMoveSizeStart;
if(stream_get_left(s) < 12)
return FALSE;
stream_read_UINT32(s, localmovesize->windowId); /* windowId (4 bytes) */
stream_read_UINT16(s, isMoveSizeStart); /* isMoveSizeStart (2 bytes) */
@ -192,20 +209,27 @@ void rail_read_server_localmovesize_order(STREAM* s, RAIL_LOCALMOVESIZE_ORDER* l
stream_read_UINT16(s, localmovesize->moveSizeType); /* moveSizeType (2 bytes) */
stream_read_UINT16(s, localmovesize->posX); /* posX (2 bytes) */
stream_read_UINT16(s, localmovesize->posY); /* posY (2 bytes) */
return TRUE;
}
void rail_read_server_get_appid_resp_order(STREAM* s, RAIL_GET_APPID_RESP_ORDER* get_appid_resp)
BOOL rail_read_server_get_appid_resp_order(STREAM* s, RAIL_GET_APPID_RESP_ORDER* get_appid_resp)
{
if(stream_get_left(s) < 516)
return FALSE;
stream_read_UINT32(s, get_appid_resp->windowId); /* windowId (4 bytes) */
stream_read(s, &get_appid_resp->applicationIdBuffer[0], 512); /* applicationId (256 UNICODE chars) */
get_appid_resp->applicationId.length = 512;
get_appid_resp->applicationId.string = &get_appid_resp->applicationIdBuffer[0];
return TRUE;
}
void rail_read_langbar_info_order(STREAM* s, RAIL_LANGBAR_INFO_ORDER* langbar_info)
BOOL rail_read_langbar_info_order(STREAM* s, RAIL_LANGBAR_INFO_ORDER* langbar_info)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, langbar_info->languageBarStatus); /* languageBarStatus (4 bytes) */
return TRUE;
}
void rail_write_handshake_order(STREAM* s, RAIL_HANDSHAKE_ORDER* handshake)
@ -332,9 +356,10 @@ void rail_write_langbar_info_order(STREAM* s, RAIL_LANGBAR_INFO_ORDER* langbar_i
stream_write_UINT32(s, langbar_info->languageBarStatus); /* languageBarStatus (4 bytes) */
}
void rail_recv_handshake_order(rdpRailOrder* rail_order, STREAM* s)
BOOL rail_recv_handshake_order(rdpRailOrder* rail_order, STREAM* s)
{
rail_read_handshake_order(s, &rail_order->handshake);
if(!rail_read_handshake_order(s, &rail_order->handshake))
return FALSE;
rail_order->handshake.buildNumber = 0x00001DB0;
rail_send_handshake_order(rail_order);
@ -371,56 +396,70 @@ void rail_recv_handshake_order(rdpRailOrder* rail_order, STREAM* s)
rail_send_channel_event(rail_order->plugin,
RDP_EVENT_TYPE_RAIL_CHANNEL_GET_SYSPARAMS, &rail_order->sysparam);
return TRUE;
}
void rail_recv_exec_result_order(rdpRailOrder* rail_order, STREAM* s)
BOOL rail_recv_exec_result_order(rdpRailOrder* rail_order, STREAM* s)
{
rail_read_server_exec_result_order(s, &rail_order->exec_result);
if(!rail_read_server_exec_result_order(s, &rail_order->exec_result))
return FALSE;
rail_send_channel_event(rail_order->plugin,
RDP_EVENT_TYPE_RAIL_CHANNEL_EXEC_RESULTS, &rail_order->exec_result);
return TRUE;
}
void rail_recv_server_sysparam_order(rdpRailOrder* rail_order, STREAM* s)
BOOL rail_recv_server_sysparam_order(rdpRailOrder* rail_order, STREAM* s)
{
rail_read_server_sysparam_order(s, &rail_order->sysparam);
if(!rail_read_server_sysparam_order(s, &rail_order->sysparam))
return FALSE;
rail_send_channel_event(rail_order->plugin,
RDP_EVENT_TYPE_RAIL_CHANNEL_SERVER_SYSPARAM, &rail_order->sysparam);
return TRUE;
}
void rail_recv_server_minmaxinfo_order(rdpRailOrder* rail_order, STREAM* s)
BOOL rail_recv_server_minmaxinfo_order(rdpRailOrder* rail_order, STREAM* s)
{
rail_read_server_minmaxinfo_order(s, &rail_order->minmaxinfo);
if(!rail_read_server_minmaxinfo_order(s, &rail_order->minmaxinfo))
return FALSE;
rail_send_channel_event(rail_order->plugin,
RDP_EVENT_TYPE_RAIL_CHANNEL_SERVER_MINMAXINFO, &rail_order->minmaxinfo);
return TRUE;
}
void rail_recv_server_localmovesize_order(rdpRailOrder* rail_order, STREAM* s)
BOOL rail_recv_server_localmovesize_order(rdpRailOrder* rail_order, STREAM* s)
{
rail_read_server_localmovesize_order(s, &rail_order->localmovesize);
if(!rail_read_server_localmovesize_order(s, &rail_order->localmovesize))
return FALSE;
rail_send_channel_event(rail_order->plugin,
RDP_EVENT_TYPE_RAIL_CHANNEL_SERVER_LOCALMOVESIZE, &rail_order->localmovesize);
return TRUE;
}
void rail_recv_server_get_appid_resp_order(rdpRailOrder* rail_order, STREAM* s)
BOOL rail_recv_server_get_appid_resp_order(rdpRailOrder* rail_order, STREAM* s)
{
rail_read_server_get_appid_resp_order(s, &rail_order->get_appid_resp);
if(!rail_read_server_get_appid_resp_order(s, &rail_order->get_appid_resp))
return FALSE;
rail_send_channel_event(rail_order->plugin,
RDP_EVENT_TYPE_RAIL_CHANNEL_APPID_RESP, &rail_order->get_appid_resp);
return TRUE;
}
void rail_recv_langbar_info_order(rdpRailOrder* rail_order, STREAM* s)
BOOL rail_recv_langbar_info_order(rdpRailOrder* rail_order, STREAM* s)
{
rail_read_langbar_info_order(s, &rail_order->langbar_info);
if(!rail_read_langbar_info_order(s, &rail_order->langbar_info))
return FALSE;
rail_send_channel_event(rail_order->plugin,
RDP_EVENT_TYPE_RAIL_CHANNEL_LANGBARINFO, &rail_order->langbar_info);
return TRUE;
}
void rail_order_recv(rdpRailOrder* rail_order, STREAM* s)
BOOL rail_order_recv(rdpRailOrder* rail_order, STREAM* s)
{
UINT16 orderType;
UINT16 orderLength;
rail_read_pdu_header(s, &orderType, &orderLength);
if(!rail_read_pdu_header(s, &orderType, &orderLength))
return FALSE;
DEBUG_RAIL("Received %s PDU, length:%d",
RAIL_ORDER_TYPE_STRINGS[((orderType & 0xF0) >> 3) + (orderType & 0x0F)], orderLength);
@ -428,37 +467,31 @@ void rail_order_recv(rdpRailOrder* rail_order, STREAM* s)
switch (orderType)
{
case RDP_RAIL_ORDER_HANDSHAKE:
rail_recv_handshake_order(rail_order, s);
break;
return rail_recv_handshake_order(rail_order, s);
case RDP_RAIL_ORDER_EXEC_RESULT:
rail_recv_exec_result_order(rail_order, s);
break;
return rail_recv_exec_result_order(rail_order, s);
case RDP_RAIL_ORDER_SYSPARAM:
rail_recv_server_sysparam_order(rail_order, s);
break;
return rail_recv_server_sysparam_order(rail_order, s);
case RDP_RAIL_ORDER_MINMAXINFO:
rail_recv_server_minmaxinfo_order(rail_order, s);
break;
return rail_recv_server_minmaxinfo_order(rail_order, s);
case RDP_RAIL_ORDER_LOCALMOVESIZE:
rail_recv_server_localmovesize_order(rail_order, s);
break;
return rail_recv_server_localmovesize_order(rail_order, s);
case RDP_RAIL_ORDER_GET_APPID_RESP:
rail_recv_server_get_appid_resp_order(rail_order, s);
break;
return rail_recv_server_get_appid_resp_order(rail_order, s);
case RDP_RAIL_ORDER_LANGBARINFO:
rail_recv_langbar_info_order(rail_order, s);
break;
return rail_recv_langbar_info_order(rail_order, s);
default:
printf("Unknown RAIL PDU order reveived.");
break;
}
return TRUE;
}
void rail_send_handshake_order(rdpRailOrder* rail_order)

16
channels/rail/client/rail_orders.h
View File

@ -56,13 +56,13 @@
void rail_string_to_unicode_string(rdpRailOrder* rail_order, char* string, RAIL_UNICODE_STRING* unicode_string);
void rail_read_handshake_order(STREAM* s, RAIL_HANDSHAKE_ORDER* handshake);
void rail_read_server_exec_result_order(STREAM* s, RAIL_EXEC_RESULT_ORDER* exec_result);
void rail_read_server_sysparam_order(STREAM* s, RAIL_SYSPARAM_ORDER* sysparam);
void rail_read_server_minmaxinfo_order(STREAM* s, RAIL_MINMAXINFO_ORDER* minmaxinfo);
void rail_read_server_localmovesize_order(STREAM* s, RAIL_LOCALMOVESIZE_ORDER* localmovesize);
void rail_read_server_get_appid_resp_order(STREAM* s, RAIL_GET_APPID_RESP_ORDER* get_appid_resp);
void rail_read_langbar_info_order(STREAM* s, RAIL_LANGBAR_INFO_ORDER* langbar_info);
BOOL rail_read_handshake_order(STREAM* s, RAIL_HANDSHAKE_ORDER* handshake);
BOOL rail_read_server_exec_result_order(STREAM* s, RAIL_EXEC_RESULT_ORDER* exec_result);
BOOL rail_read_server_sysparam_order(STREAM* s, RAIL_SYSPARAM_ORDER* sysparam);
BOOL rail_read_server_minmaxinfo_order(STREAM* s, RAIL_MINMAXINFO_ORDER* minmaxinfo);
BOOL rail_read_server_localmovesize_order(STREAM* s, RAIL_LOCALMOVESIZE_ORDER* localmovesize);
BOOL rail_read_server_get_appid_resp_order(STREAM* s, RAIL_GET_APPID_RESP_ORDER* get_appid_resp);
BOOL rail_read_langbar_info_order(STREAM* s, RAIL_LANGBAR_INFO_ORDER* langbar_info);
void rail_write_handshake_order(STREAM* s, RAIL_HANDSHAKE_ORDER* handshake);
void rail_write_client_status_order(STREAM* s, RAIL_CLIENT_STATUS_ORDER* client_status);
@ -76,7 +76,7 @@ void rail_write_client_window_move_order(STREAM* s, RAIL_WINDOW_MOVE_ORDER* wind
void rail_write_client_get_appid_req_order(STREAM* s, RAIL_GET_APPID_REQ_ORDER* get_appid_req);
void rail_write_langbar_info_order(STREAM* s, RAIL_LANGBAR_INFO_ORDER* langbar_info);
void rail_order_recv(rdpRailOrder* rail_order, STREAM* s);
BOOL rail_order_recv(rdpRailOrder* rail_order, STREAM* s);
void rail_send_handshake_order(rdpRailOrder* rail_order);
void rail_send_client_status_order(rdpRailOrder* rail_order);

2
channels/rdpdr/client/rdpdr_main.c
View File

@ -92,7 +92,7 @@ static void rdpdr_send_client_announce_reply(rdpdrPlugin* rdpdr)
static void rdpdr_send_client_name_request(rdpdrPlugin* rdpdr)
{
STREAM* data_out;
WCHAR* computerNameW;
WCHAR* computerNameW = NULL;
size_t computerNameLenW;
if (!rdpdr->computerName[0])

6
client/Windows/wf_gdi.c
View File

@ -468,7 +468,7 @@ void wf_gdi_surface_bits(rdpContext* context, SURFACE_BITS_COMMAND* surface_bits
tile_bitmap = (char*) malloc(32);
ZeroMemory(tile_bitmap, 32);
if (surface_bits_command->codecID == CODEC_ID_REMOTEFX)
if (surface_bits_command->codecID == RDP_CODEC_ID_REMOTEFX)
{
message = rfx_process_message(rfx_context, surface_bits_command->bitmapData, surface_bits_command->bitmapDataLength);
@ -503,7 +503,7 @@ void wf_gdi_surface_bits(rdpContext* context, SURFACE_BITS_COMMAND* surface_bits
rfx_message_free(rfx_context, message);
}
else if (surface_bits_command->codecID == CODEC_ID_NSCODEC)
else if (surface_bits_command->codecID == RDP_CODEC_ID_NSCODEC)
{
nsc_process_message(nsc_context, surface_bits_command->bpp, surface_bits_command->width, surface_bits_command->height,
surface_bits_command->bitmapData, surface_bits_command->bitmapDataLength);
@ -520,7 +520,7 @@ void wf_gdi_surface_bits(rdpContext* context, SURFACE_BITS_COMMAND* surface_bits
wf_invalidate_region(wfi, surface_bits_command->destLeft, surface_bits_command->destTop,
surface_bits_command->width, surface_bits_command->height);
}
else if (surface_bits_command->codecID == CODEC_ID_NONE)
else if (surface_bits_command->codecID == RDP_CODEC_ID_NONE)
{
ZeroMemory(&bitmap_info, sizeof(bitmap_info));
bitmap_info.bmiHeader.biSize = sizeof(BITMAPINFOHEADER);

2
client/X11/xf_cliprdr.c
View File

@ -533,7 +533,7 @@ static BYTE* xf_cliprdr_process_requested_raw(BYTE* data, int* size)
static BYTE* xf_cliprdr_process_requested_unicodetext(BYTE* data, int* size)
{
char* inbuf;
WCHAR* outbuf;
WCHAR* outbuf = NULL;
int out_size;
inbuf = (char*) lf2crlf(data, size);

6
client/X11/xf_gdi.c
View File

@ -953,7 +953,7 @@ void xf_gdi_surface_bits(rdpContext* context, SURFACE_BITS_COMMAND* surface_bits
RFX_CONTEXT* rfx_context = (RFX_CONTEXT*) xfi->rfx_context;
NSC_CONTEXT* nsc_context = (NSC_CONTEXT*) xfi->nsc_context;
if (surface_bits_command->codecID == CODEC_ID_REMOTEFX)
if (surface_bits_command->codecID == RDP_CODEC_ID_REMOTEFX)
{
message = rfx_process_message(rfx_context,
surface_bits_command->bitmapData, surface_bits_command->bitmapDataLength);
@ -990,7 +990,7 @@ void xf_gdi_surface_bits(rdpContext* context, SURFACE_BITS_COMMAND* surface_bits
XSetClipMask(xfi->display, xfi->gc, None);
rfx_message_free(rfx_context, message);
}
else if (surface_bits_command->codecID == CODEC_ID_NSCODEC)
else if (surface_bits_command->codecID == RDP_CODEC_ID_NSCODEC)
{
nsc_process_message(nsc_context, surface_bits_command->bpp, surface_bits_command->width, surface_bits_command->height,
surface_bits_command->bitmapData, surface_bits_command->bitmapDataLength);
@ -1017,7 +1017,7 @@ void xf_gdi_surface_bits(rdpContext* context, SURFACE_BITS_COMMAND* surface_bits
XSetClipMask(xfi->display, xfi->gc, None);
}
else if (surface_bits_command->codecID == CODEC_ID_NONE)
else if (surface_bits_command->codecID == RDP_CODEC_ID_NONE)
{
XSetFunction(xfi->display, xfi->gc, GXcopy);
XSetFillStyle(xfi->display, xfi->gc, FillSolid);

6
client/X11/xf_graphics.c
View File

@ -135,10 +135,10 @@ void xf_Bitmap_Decompress(rdpContext* context, rdpBitmap* bitmap,
switch (codec_id)
{
case CODEC_ID_NSCODEC:
case RDP_CODEC_ID_NSCODEC:
printf("xf_Bitmap_Decompress: nsc not done\n");
break;
case CODEC_ID_REMOTEFX:
case RDP_CODEC_ID_REMOTEFX:
xfi = ((xfContext*)context)->xfi;
rfx_context_set_pixel_format(xfi->rfx_context, RDP_PIXEL_FORMAT_B8G8R8A8);
msg = rfx_process_message(xfi->rfx_context, data, length);
@ -163,7 +163,7 @@ void xf_Bitmap_Decompress(rdpContext* context, rdpBitmap* bitmap,
rfx_message_free(xfi->rfx_context, msg);
}
break;
case CODEC_ID_JPEG:
case RDP_CODEC_ID_JPEG:
if (!jpeg_decompress(data, bitmap->data, width, height, length, bpp))
{
printf("xf_Bitmap_Decompress: jpeg Decompression Failed\n");

2
client/X11/xfreerdp.c
View File

@ -665,7 +665,7 @@ UINT32 xf_detect_cpu()
if (edx & (1<<26))
{
DEBUG("SSE2 detected");
DEBUG_MSG("SSE2 detected");
cpu_opt |= CPU_SSE2;
}

42
cunit/test_orders.c
View File

@ -83,7 +83,7 @@ void test_read_dstblt_order(void)
orderInfo->fieldFlags = 0x0C;
memset(&dstblt, 0, sizeof(DSTBLT_ORDER));
update_read_dstblt_order(s, orderInfo, &dstblt);
CU_ASSERT(update_read_dstblt_order(s, orderInfo, &dstblt));
CU_ASSERT(dstblt.nLeftRect == 0);
CU_ASSERT(dstblt.nTopRect == 0);
@ -108,7 +108,7 @@ void test_read_patblt_order(void)
orderInfo->fieldFlags = 0x027F;
memset(&patblt, 0, sizeof(PATBLT_ORDER));
update_read_patblt_order(s, orderInfo, &patblt);
CU_ASSERT(update_read_patblt_order(s, orderInfo, &patblt));
CU_ASSERT(patblt.nLeftRect == 26);
CU_ASSERT(patblt.nTopRect == 451);
@ -138,7 +138,7 @@ void test_read_scrblt_order(void)
orderInfo->fieldFlags = 0x7D;
memset(&scrblt, 0, sizeof(SCRBLT_ORDER));
update_read_scrblt_order(s, orderInfo, &scrblt);
CU_ASSERT(update_read_scrblt_order(s, orderInfo, &scrblt));
CU_ASSERT(scrblt.nLeftRect == 7);
CU_ASSERT(scrblt.nTopRect == 0);
@ -165,7 +165,7 @@ void test_read_opaque_rect_order(void)
orderInfo->fieldFlags = 0x7C;
memset(&opaque_rect, 0, sizeof(OPAQUE_RECT_ORDER));
update_read_opaque_rect_order(s, orderInfo, &opaque_rect);
CU_ASSERT(update_read_opaque_rect_order(s, orderInfo, &opaque_rect));
CU_ASSERT(opaque_rect.nLeftRect == 0);
CU_ASSERT(opaque_rect.nTopRect == 0);
@ -194,7 +194,7 @@ void test_read_draw_nine_grid_order(void)
draw_nine_grid.srcRight = 38;
draw_nine_grid.srcBottom = 40;
update_read_draw_nine_grid_order(s, orderInfo, &draw_nine_grid);
CU_ASSERT(update_read_draw_nine_grid_order(s, orderInfo, &draw_nine_grid));
CU_ASSERT(draw_nine_grid.srcLeft == 0);
CU_ASSERT(draw_nine_grid.srcTop == 0);
@ -223,7 +223,7 @@ void test_read_multi_opaque_rect_order(void)
orderInfo->fieldFlags = 0x01BF;
memset(&multi_opaque_rect, 0, sizeof(MULTI_OPAQUE_RECT_ORDER));
update_read_multi_opaque_rect_order(s, orderInfo, &multi_opaque_rect);
CU_ASSERT(update_read_multi_opaque_rect_order(s, orderInfo, &multi_opaque_rect));
CU_ASSERT(multi_opaque_rect.nLeftRect == 391);
CU_ASSERT(multi_opaque_rect.nTopRect == 284);
@ -276,7 +276,7 @@ void test_read_line_to_order(void)
line_to.nXEnd = 829;
line_to.nYEnd = 347;
update_read_line_to_order(s, orderInfo, &line_to);
CU_ASSERT(update_read_line_to_order(s, orderInfo, &line_to));
CU_ASSERT(line_to.nXStart == 829);
CU_ASSERT(line_to.nYStart == 271);
@ -314,7 +314,7 @@ void test_read_polyline_order(void)
memset(&polyline, 0, sizeof(POLYLINE_ORDER));
update_read_polyline_order(s, orderInfo, &polyline);
CU_ASSERT(update_read_polyline_order(s, orderInfo, &polyline));
CU_ASSERT(polyline.xStart == 504);
CU_ASSERT(polyline.yStart == 696);
@ -383,7 +383,7 @@ void test_read_glyph_index_order(void)
memset(&glyph_index, 0, sizeof(GLYPH_INDEX_ORDER));
update_read_glyph_index_order(s, orderInfo, &glyph_index);
CU_ASSERT(update_read_glyph_index_order(s, orderInfo, &glyph_index));
CU_ASSERT(glyph_index.bkRight == 618);
@ -397,7 +397,7 @@ void test_read_glyph_index_order(void)
memset(&glyph_index, 0, sizeof(GLYPH_INDEX_ORDER));
update_read_glyph_index_order(s, orderInfo, &glyph_index);
CU_ASSERT(update_read_glyph_index_order(s, orderInfo, &glyph_index));
CU_ASSERT(glyph_index.fOpRedundant == 0);
CU_ASSERT(glyph_index.foreColor == 0x00FFFFFF);
@ -432,7 +432,7 @@ void test_read_fast_index_order(void)
orderInfo->fieldFlags = 0x70FF;
memset(&fast_index, 0, sizeof(FAST_INDEX_ORDER));
update_read_fast_index_order(s, orderInfo, &fast_index);
CU_ASSERT(update_read_fast_index_order(s, orderInfo, &fast_index));
CU_ASSERT(fast_index.cacheId == 7);
CU_ASSERT(fast_index.flAccel == 3);
@ -471,7 +471,7 @@ void test_read_fast_glyph_order(void)
memset(&fast_glyph, 0, sizeof(FAST_GLYPH_ORDER));
update_read_fast_glyph_order(s, orderInfo, &fast_glyph);
CU_ASSERT(update_read_fast_glyph_order(s, orderInfo, &fast_glyph));
CU_ASSERT(fast_glyph.backColor == 0);
CU_ASSERT(fast_glyph.foreColor == 0x0000FFFF);
@ -506,7 +506,7 @@ void test_read_polygon_cb_order(void)
memset(&polygon_cb, 0, sizeof(POLYGON_CB_ORDER));
update_read_polygon_cb_order(s, orderInfo, &polygon_cb);
CU_ASSERT(update_read_polygon_cb_order(s, orderInfo, &polygon_cb));
CU_ASSERT(polygon_cb.xStart == 234);
CU_ASSERT(polygon_cb.yStart == 326);
@ -537,7 +537,7 @@ void test_read_cache_bitmap_order(void)
memset(&cache_bitmap, 0, sizeof(CACHE_BITMAP_ORDER));
update_read_cache_bitmap_order(s, &cache_bitmap, TRUE, extraFlags);
CU_ASSERT(update_read_cache_bitmap_order(s, &cache_bitmap, TRUE, extraFlags));
CU_ASSERT(cache_bitmap.cacheId == 0);
CU_ASSERT(cache_bitmap.bitmapWidth == 16);
@ -578,7 +578,7 @@ void test_read_cache_bitmap_v2_order(void)
memset(&cache_bitmap_v2, 0, sizeof(CACHE_BITMAP_V2_ORDER));
update_read_cache_bitmap_v2_order(s, &cache_bitmap_v2, TRUE, extraFlags);
CB_ASSERT(update_read_cache_bitmap_v2_order(s, &cache_bitmap_v2, TRUE, extraFlags));
CU_ASSERT(cache_bitmap_v2.cacheId == 1);
CU_ASSERT(cache_bitmap_v2.bitmapBpp == 16);
@ -609,7 +609,7 @@ void test_read_cache_bitmap_v3_order(void)
memset(&cache_bitmap_v3, 0, sizeof(CACHE_BITMAP_V3_ORDER));
update_read_cache_bitmap_v3_order(s, &cache_bitmap_v3, TRUE, extraFlags);
CU_ASSERT(update_read_cache_bitmap_v3_order(s, &cache_bitmap_v3, TRUE, extraFlags));
CU_ASSERT(cache_bitmap_v3.cacheIndex == 32767);
CU_ASSERT(cache_bitmap_v3.key1 == 0xBCEC5035);
@ -637,7 +637,7 @@ void test_read_cache_brush_order(void)
memset(&cache_brush, 0, sizeof(CACHE_BRUSH_ORDER));
update_read_cache_brush_order(s, &cache_brush, 0);
CU_ASSERT(update_read_cache_brush_order(s, &cache_brush, 0));
CU_ASSERT(cache_brush.index == 0);
CU_ASSERT(cache_brush.bpp == 1);
@ -667,7 +667,7 @@ void test_read_create_offscreen_bitmap_order(void)
deleteList->sIndices = 16;
deleteList->indices = malloc(sizeof(UINT16) * deleteList->sIndices);
update_read_create_offscreen_bitmap_order(s, &create_offscreen_bitmap);
CU_ASSERT(update_read_create_offscreen_bitmap_order(s, &create_offscreen_bitmap));
CU_ASSERT(create_offscreen_bitmap.id == 0);
CU_ASSERT(create_offscreen_bitmap.cx == 352);
@ -689,7 +689,7 @@ void test_read_switch_surface_order(void)
memset(&switch_surface, 0, sizeof(SWITCH_SURFACE_ORDER));
update_read_switch_surface_order(s, &switch_surface);
CU_ASSERT(update_read_switch_surface_order(s, &switch_surface));
CU_ASSERT(switch_surface.bitmapId == 0xFFFF);
@ -754,7 +754,7 @@ void test_update_recv_orders(void)
s->p = s->data = orders_update_1;
s->size = sizeof(orders_update_1);
update_recv(update, s);
CU_ASSERT(update_recv(update, s));
CU_ASSERT(opaque_rect_count == 5);
CU_ASSERT(polyline_count == 2);
@ -763,7 +763,7 @@ void test_update_recv_orders(void)
s->p = s->data = orders_update_2;
s->size = sizeof(orders_update_2);
update_recv(update, s);
CU_ASSERT(update_recv(update, s));
CU_ASSERT(patblt_count == 3);

8
include/freerdp/constants.h
View File

@ -25,10 +25,10 @@
*/
enum RDP_CODEC_ID
{
CODEC_ID_NONE = 0x00,
CODEC_ID_NSCODEC = 0x01,
CODEC_ID_JPEG = 0x02,
CODEC_ID_REMOTEFX = 0x03
RDP_CODEC_ID_NONE = 0x00,
RDP_CODEC_ID_NSCODEC = 0x01,
RDP_CODEC_ID_JPEG = 0x02,
RDP_CODEC_ID_REMOTEFX = 0x03
};
/**

2
include/freerdp/crypto/ber.h
View File

@ -51,7 +51,7 @@
#define BER_PC(_pc) (_pc ? BER_CONSTRUCT : BER_PRIMITIVE)
FREERDP_API void ber_read_length(STREAM* s, int* length);
FREERDP_API BOOL ber_read_length(STREAM* s, int* length);
FREERDP_API int ber_write_length(STREAM* s, int length);
FREERDP_API int _ber_skip_length(int length);
FREERDP_API int ber_get_content_length(int length);

4
include/freerdp/utils/debug.h
View File

@ -28,9 +28,9 @@
#define DEBUG_WARN(fmt, ...) DEBUG_PRINT("Warning %s (%d): ", fmt, ## __VA_ARGS__)
#ifdef WITH_DEBUG
#define DEBUG(fmt, ...) DEBUG_PRINT("DBG %s (%d): ", fmt, ## __VA_ARGS__)
#define DEBUG_MSG(fmt, ...) DEBUG_PRINT("DBG %s (%d): ", fmt, ## __VA_ARGS__)
#else
#define DEBUG(fmt, ...) DEBUG_NULL(fmt, ## __VA_ARGS__)
#define DEBUG_MSG(fmt, ...) DEBUG_NULL(fmt, ## __VA_ARGS__)
#endif
#endif /* FREERDP_UTILS_DEBUG_H */

2
include/freerdp/utils/rail.h
View File

@ -26,7 +26,7 @@
FREERDP_API void rail_unicode_string_alloc(RAIL_UNICODE_STRING* unicode_string, UINT16 cbString);
FREERDP_API void rail_unicode_string_free(RAIL_UNICODE_STRING* unicode_string);
FREERDP_API void rail_read_unicode_string(STREAM* s, RAIL_UNICODE_STRING* unicode_string);
FREERDP_API BOOL rail_read_unicode_string(STREAM* s, RAIL_UNICODE_STRING* unicode_string);
FREERDP_API void rail_write_unicode_string(STREAM* s, RAIL_UNICODE_STRING* unicode_string);
FREERDP_API void rail_write_unicode_string_value(STREAM* s, RAIL_UNICODE_STRING* unicode_string);
FREERDP_API void* rail_clone_order(UINT32 event_type, void* order);

6
include/freerdp/utils/stream.h
View File

@ -172,5 +172,11 @@ FREERDP_API void stream_extend(STREAM* stream, int request_size);
_src->p += _n; \
} while (0)
static INLINE BOOL stream_skip(STREAM* s, int sz) {
if (stream_get_left(s) < sz)
return FALSE;
stream_seek(s, sz);
return TRUE;
}
#endif /* FREERDP_UTILS_STREAM_H */

2
include/freerdp/utils/string.h
View File

@ -32,7 +32,7 @@ struct rdp_string
};
typedef struct rdp_string rdpString;
FREERDP_API void freerdp_string_read_length32(STREAM* s, rdpString* string);
FREERDP_API BOOL freerdp_string_read_length32(STREAM* s, rdpString* string);
FREERDP_API void freerdp_string_free(rdpString* string);
#endif /* FREERDP_UTILS_STRING_H */

6
libfreerdp/cache/bitmap.c vendored
View File

@ -83,7 +83,7 @@ void update_gdi_cache_bitmap(rdpContext* context, CACHE_BITMAP_ORDER* cache_bitm
bitmap->Decompress(context, bitmap,
cache_bitmap->bitmapDataStream, cache_bitmap->bitmapWidth, cache_bitmap->bitmapHeight,
cache_bitmap->bitmapBpp, cache_bitmap->bitmapLength,
cache_bitmap->compressed, CODEC_ID_NONE);
cache_bitmap->compressed, RDP_CODEC_ID_NONE);
bitmap->New(context, bitmap);
@ -114,7 +114,7 @@ void update_gdi_cache_bitmap_v2(rdpContext* context, CACHE_BITMAP_V2_ORDER* cach
bitmap->Decompress(context, bitmap,
cache_bitmap_v2->bitmapDataStream, cache_bitmap_v2->bitmapWidth, cache_bitmap_v2->bitmapHeight,
cache_bitmap_v2->bitmapBpp, cache_bitmap_v2->bitmapLength,
cache_bitmap_v2->compressed, CODEC_ID_NONE);
cache_bitmap_v2->compressed, RDP_CODEC_ID_NONE);
bitmap->New(context, bitmap);
@ -192,7 +192,7 @@ void update_gdi_bitmap_update(rdpContext* context, BITMAP_UPDATE* bitmap_update)
bitmap->Decompress(context, bitmap,
bitmap_data->bitmapDataStream, bitmap_data->width, bitmap_data->height,
bitmap_data->bitsPerPixel, bitmap_data->bitmapLength,
bitmap_data->compressed, CODEC_ID_NONE);
bitmap_data->compressed, RDP_CODEC_ID_NONE);
if (reused)
bitmap->Free(context, bitmap);

9
libfreerdp/core/activation.c
View File

@ -61,9 +61,7 @@ BOOL rdp_send_server_synchronize_pdu(rdpRdp* rdp)
s = rdp_data_pdu_init(rdp);
rdp_write_synchronize_pdu(s, rdp->settings);
rdp_send_data_pdu(rdp, s, DATA_PDU_TYPE_SYNCHRONIZE, rdp->mcs->user_id);
return TRUE;
return rdp_send_data_pdu(rdp, s, DATA_PDU_TYPE_SYNCHRONIZE, rdp->mcs->user_id);
}
BOOL rdp_recv_client_synchronize_pdu(rdpRdp* rdp, STREAM* s)
@ -120,7 +118,8 @@ BOOL rdp_recv_server_control_pdu(rdpRdp* rdp, STREAM* s)
{
UINT16 action;
rdp_recv_control_pdu(s, &action);
if(rdp_recv_control_pdu(s, &action) == FALSE)
return FALSE;
switch (action)
{
@ -253,6 +252,8 @@ BOOL rdp_recv_server_font_map_pdu(rdpRdp* rdp, STREAM* s)
BOOL rdp_recv_client_font_map_pdu(rdpRdp* rdp, STREAM* s)
{
if(stream_get_left(s) < 8)
return FALSE;
rdp->finalize_sc_pdus |= FINALIZE_SC_FONT_MAP_PDU;
stream_seek_UINT16(s); /* numberEntries (2 bytes) */

306
libfreerdp/core/capabilities.c
View File

@ -114,14 +114,17 @@ void rdp_capability_set_finish(STREAM* s, BYTE* header, UINT16 type)
* @msdn{cc240549}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_general_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_general_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT16 extraFlags;
BYTE refreshRectSupport;
BYTE suppressOutputSupport;
if(length < 24)
return FALSE;
if (settings->ServerMode)
{
stream_read_UINT16(s, settings->OsMajorType); /* osMajorType (2 bytes) */
@ -150,6 +153,7 @@ void rdp_read_general_capability_set(STREAM* s, UINT16 length, rdpSettings* sett
if (suppressOutputSupport == FALSE)
settings->SuppressOutput = FALSE;
return TRUE;
}
/**
@ -197,9 +201,10 @@ void rdp_write_general_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240554}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_bitmap_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_bitmap_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
BYTE drawingFlags;
UINT16 desktopWidth;
@ -207,6 +212,8 @@ void rdp_read_bitmap_capability_set(STREAM* s, UINT16 length, rdpSettings* setti
UINT16 desktopResizeFlag;
UINT16 preferredBitsPerPixel;
if(length < 28)
return FALSE;
stream_read_UINT16(s, preferredBitsPerPixel); /* preferredBitsPerPixel (2 bytes) */
stream_seek_UINT16(s); /* receive1BitPerPixel (2 bytes) */
stream_seek_UINT16(s); /* receive4BitsPerPixel (2 bytes) */
@ -236,6 +243,7 @@ void rdp_read_bitmap_capability_set(STREAM* s, UINT16 length, rdpSettings* setti
settings->DesktopWidth = desktopWidth;
settings->DesktopHeight = desktopHeight;
}
return TRUE;
}
/**
@ -285,15 +293,18 @@ void rdp_write_bitmap_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240556}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_order_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_order_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
int i;
UINT16 orderFlags;
BYTE orderSupport[32];
UINT16 orderSupportExFlags;
if(length < 88)
return FALSE;
stream_seek(s, 16); /* terminalDescriptor (16 bytes) */
stream_seek_UINT32(s); /* pad4OctetsA (4 bytes) */
stream_seek_UINT16(s); /* desktopSaveXGranularity (2 bytes) */
@ -317,6 +328,14 @@ void rdp_read_order_capability_set(STREAM* s, UINT16 length, rdpSettings* settin
if (orderSupport[i] == FALSE)
settings->OrderSupport[i] = FALSE;
}
/* pad4octetsB (4 bytes) */
/* desktopSaveSize (4 bytes) */
/* pad2octetsC (2 bytes) */
/* pad2octetsD (2 bytes) */
/* textANSICodePage (2 bytes) */
/* pad2octetsE (2 bytes) */
return TRUE;
}
/**
@ -379,10 +398,13 @@ void rdp_write_order_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240559}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_bitmap_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_bitmap_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 40)
return FALSE;
stream_seek_UINT32(s); /* pad1 (4 bytes) */
stream_seek_UINT32(s); /* pad2 (4 bytes) */
stream_seek_UINT32(s); /* pad3 (4 bytes) */
@ -395,6 +417,7 @@ void rdp_read_bitmap_cache_capability_set(STREAM* s, UINT16 length, rdpSettings*
stream_seek_UINT16(s); /* Cache1MaximumCellSize (2 bytes) */
stream_seek_UINT16(s); /* Cache2Entries (2 bytes) */
stream_seek_UINT16(s); /* Cache2MaximumCellSize (2 bytes) */
return TRUE;
}
/**
@ -441,14 +464,18 @@ void rdp_write_bitmap_cache_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240568}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_control_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_control_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 12)
return FALSE;
stream_seek_UINT16(s); /* controlFlags (2 bytes) */
stream_seek_UINT16(s); /* remoteDetachFlag (2 bytes) */
stream_seek_UINT16(s); /* controlInterest (2 bytes) */
stream_seek_UINT16(s); /* detachInterest (2 bytes) */
return TRUE;
}
/**
@ -477,14 +504,18 @@ void rdp_write_control_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240569}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_window_activation_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_window_activation_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 12)
return FALSE;
stream_seek_UINT16(s); /* helpKeyFlag (2 bytes) */
stream_seek_UINT16(s); /* helpKeyIndexFlag (2 bytes) */
stream_seek_UINT16(s); /* helpExtendedKeyFlag (2 bytes) */
stream_seek_UINT16(s); /* windowManagerKeyFlag (2 bytes) */
return TRUE;
}
/**
@ -513,14 +544,17 @@ void rdp_write_window_activation_capability_set(STREAM* s, rdpSettings* settings
* @msdn{cc240562}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_pointer_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_pointer_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT16 colorPointerFlag;
UINT16 colorPointerCacheSize;
UINT16 pointerCacheSize;
if(length < 10)
return FALSE;
stream_read_UINT16(s, colorPointerFlag); /* colorPointerFlag (2 bytes) */
stream_read_UINT16(s, colorPointerCacheSize); /* colorPointerCacheSize (2 bytes) */
stream_read_UINT16(s, pointerCacheSize); /* pointerCacheSize (2 bytes) */
@ -532,6 +566,7 @@ void rdp_read_pointer_capability_set(STREAM* s, UINT16 length, rdpSettings* sett
{
settings->PointerCacheSize = pointerCacheSize;
}
return TRUE;
}
/**
@ -566,12 +601,16 @@ void rdp_write_pointer_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240570}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_share_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_share_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 8)
return FALSE;
stream_seek_UINT16(s); /* nodeId (2 bytes) */
stream_seek_UINT16(s); /* pad2Octets (2 bytes) */
return TRUE;
}
/**
@ -601,12 +640,16 @@ void rdp_write_share_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc241564}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_color_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_color_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 8)
return FALSE;
stream_seek_UINT16(s); /* colorTableCacheSize (2 bytes) */
stream_seek_UINT16(s); /* pad2Octets (2 bytes) */
return TRUE;
}
/**
@ -633,16 +676,20 @@ void rdp_write_color_cache_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240552}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_sound_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_sound_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT16 soundFlags;
if(length < 8)
return FALSE;
stream_read_UINT16(s, soundFlags); /* soundFlags (2 bytes) */
stream_seek_UINT16(s); /* pad2OctetsA (2 bytes) */
settings->SoundBeepsEnabled = (soundFlags & SOUND_BEEPS_FLAG) ? TRUE : FALSE;
return TRUE;
}
/**
@ -672,12 +719,15 @@ void rdp_write_sound_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240563}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_input_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_input_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT16 inputFlags;
if(length < 88)
return FALSE;
stream_read_UINT16(s, inputFlags); /* inputFlags (2 bytes) */
stream_seek_UINT16(s); /* pad2OctetsA (2 bytes) */
@ -714,6 +764,7 @@ void rdp_read_input_capability_set(STREAM* s, UINT16 length, rdpSettings* settin
settings->FastPathInput = FALSE;
}
}
return TRUE;
}
/**
@ -754,15 +805,17 @@ void rdp_write_input_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240571}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_font_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_font_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if (length > 4)
stream_seek_UINT16(s); /* fontSupportFlags (2 bytes) */
if (length > 6)
stream_seek_UINT16(s); /* pad2Octets (2 bytes) */
return TRUE;
}
/**
@ -789,11 +842,15 @@ void rdp_write_font_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240564}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_brush_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_brush_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 8)
return FALSE;
stream_seek_UINT32(s); /* brushSupportLevel (4 bytes) */
return TRUE;
}
/**
@ -841,18 +898,22 @@ void rdp_write_cache_definition(STREAM* s, GLYPH_CACHE_DEFINITION* cache_definit
* @msdn{cc240565}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_glyph_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_glyph_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT16 glyphSupportLevel;
if(length < 52)
return FALSE;
stream_seek(s, 40); /* glyphCache (40 bytes) */
stream_seek_UINT32(s); /* fragCache (4 bytes) */
stream_read_UINT16(s, glyphSupportLevel); /* glyphSupportLevel (2 bytes) */
stream_seek_UINT16(s); /* pad2Octets (2 bytes) */
settings->GlyphSupportLevel = glyphSupportLevel;
return TRUE;
}
/**
@ -894,18 +955,22 @@ void rdp_write_glyph_cache_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240550}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_offscreen_bitmap_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_offscreen_bitmap_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT32 offscreenSupportLevel;
if(length < 12)
return FALSE;
stream_read_UINT32(s, offscreenSupportLevel); /* offscreenSupportLevel (4 bytes) */
stream_read_UINT16(s, settings->OffscreenCacheSize); /* offscreenCacheSize (2 bytes) */
stream_read_UINT16(s, settings->OffscreenCacheEntries); /* offscreenCacheEntries (2 bytes) */
if (offscreenSupportLevel & TRUE)
settings->OffscreenSupportLevel = TRUE;
return TRUE;
}
/**
@ -937,18 +1002,22 @@ void rdp_write_offscreen_bitmap_cache_capability_set(STREAM* s, rdpSettings* set
* @msdn{cc240557}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_bitmap_cache_host_support_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_bitmap_cache_host_support_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
BYTE cacheVersion;
if(length < 8)
return FALSE;
stream_read_BYTE(s, cacheVersion); /* cacheVersion (1 byte) */
stream_seek_BYTE(s); /* pad1 (1 byte) */
stream_seek_UINT16(s); /* pad2 (2 bytes) */
if (cacheVersion & BITMAP_CACHE_V2)
settings->BitmapCachePersistEnabled = TRUE;
return TRUE;
}
/**
@ -989,10 +1058,14 @@ void rdp_write_bitmap_cache_cell_info(STREAM* s, BITMAP_CACHE_V2_CELL_INFO* cell
* @msdn{cc240560}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_bitmap_cache_v2_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_bitmap_cache_v2_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 40)
return FALSE;
stream_seek_UINT16(s); /* cacheFlags (2 bytes) */
stream_seek_BYTE(s); /* pad2 (1 byte) */
stream_seek_BYTE(s); /* numCellCaches (1 byte) */
@ -1002,6 +1075,7 @@ void rdp_read_bitmap_cache_v2_capability_set(STREAM* s, UINT16 length, rdpSettin
stream_seek(s, 4); /* bitmapCache3CellInfo (4 bytes) */
stream_seek(s, 4); /* bitmapCache4CellInfo (4 bytes) */
stream_seek(s, 12); /* pad3 (12 bytes) */
return TRUE;
}
/**
@ -1041,13 +1115,16 @@ void rdp_write_bitmap_cache_v2_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240551}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_virtual_channel_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_virtual_channel_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT32 flags;
UINT32 VCChunkSize;
if(length < 8)
return FALSE;
stream_read_UINT32(s, flags); /* flags (4 bytes) */
if (length > 8)
@ -1057,6 +1134,7 @@ void rdp_read_virtual_channel_capability_set(STREAM* s, UINT16 length, rdpSettin
if (settings->ServerMode != TRUE)
settings->VirtualChannelChunkSize = VCChunkSize;
return TRUE;
}
/**
@ -1086,12 +1164,15 @@ void rdp_write_virtual_channel_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc241565}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_draw_nine_grid_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_draw_nine_grid_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT32 drawNineGridSupportLevel;
if(length < 12)
return FALSE;
stream_read_UINT32(s, drawNineGridSupportLevel); /* drawNineGridSupportLevel (4 bytes) */
stream_read_UINT16(s, settings->DrawNineGridCacheSize); /* drawNineGridCacheSize (2 bytes) */
stream_read_UINT16(s, settings->DrawNineGridCacheEntries); /* drawNineGridCacheEntries (2 bytes) */
@ -1099,6 +1180,7 @@ void rdp_read_draw_nine_grid_cache_capability_set(STREAM* s, UINT16 length, rdpS
if ((drawNineGridSupportLevel & DRAW_NINEGRID_SUPPORTED) ||
(drawNineGridSupportLevel & DRAW_NINEGRID_SUPPORTED_V2))
settings->DrawNineGridEnabled = TRUE;
return TRUE;
}
/**
@ -1153,13 +1235,16 @@ void rdp_write_gdiplus_image_cache_properties(STREAM* s, UINT16 oiccs, UINT16 oi
* @msdn{cc241566}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_draw_gdiplus_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_draw_gdiplus_cache_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT32 drawGDIPlusSupportLevel;
UINT32 drawGdiplusCacheLevel;
if(length < 40)
return FALSE;
stream_read_UINT32(s, drawGDIPlusSupportLevel); /* drawGDIPlusSupportLevel (4 bytes) */
stream_seek_UINT32(s); /* GdipVersion (4 bytes) */
stream_read_UINT32(s, drawGdiplusCacheLevel); /* drawGdiplusCacheLevel (4 bytes) */
@ -1172,6 +1257,7 @@ void rdp_read_draw_gdiplus_cache_capability_set(STREAM* s, UINT16 length, rdpSet
if (drawGdiplusCacheLevel & DRAW_GDIPLUS_CACHE_LEVEL_ONE)
settings->DrawGdiPlusCacheEnabled = TRUE;
return TRUE;
}
/**
@ -1207,12 +1293,15 @@ void rdp_write_draw_gdiplus_cache_capability_set(STREAM* s, rdpSettings* setting
* @msdn{cc242518}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_remote_programs_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_remote_programs_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
UINT32 railSupportLevel;
if(length < 8)
return FALSE;
stream_read_UINT32(s, railSupportLevel); /* railSupportLevel (4 bytes) */
if ((railSupportLevel & RAIL_LEVEL_SUPPORTED) == 0)
@ -1223,6 +1312,7 @@ void rdp_read_remote_programs_capability_set(STREAM* s, UINT16 length, rdpSettin
settings->RemoteApplicationMode = FALSE;
}
}
return TRUE;
}
/**
@ -1254,13 +1344,18 @@ void rdp_write_remote_programs_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc242564}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_window_list_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_window_list_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 11)
return FALSE;
stream_seek_UINT32(s); /* wndSupportLevel (4 bytes) */
stream_seek_BYTE(s); /* numIconCaches (1 byte) */
stream_seek_UINT16(s); /* numIconCacheEntries (2 bytes) */
return TRUE;
}
/**
@ -1291,11 +1386,15 @@ void rdp_write_window_list_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{cc240855}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_desktop_composition_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_desktop_composition_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 6)
return FALSE;
stream_seek_UINT16(s); /* compDeskSupportLevel (2 bytes) */
return TRUE;
}
/**
@ -1324,11 +1423,15 @@ void rdp_write_desktop_composition_capability_set(STREAM* s, rdpSettings* settin
* @msdn{cc240649}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_multifragment_update_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_multifragment_update_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 8)
return FALSE;
stream_read_UINT32(s, settings->MultifragMaxRequestSize); /* MaxRequestSize (4 bytes) */
return TRUE;
}
/**
@ -1354,11 +1457,15 @@ void rdp_write_multifragment_update_capability_set(STREAM* s, rdpSettings* setti
* @msdn{cc240650}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_large_pointer_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_large_pointer_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 6)
return FALSE;
stream_seek_UINT16(s); /* largePointerSupportFlags (2 bytes) */
return TRUE;
}
/**
@ -1387,14 +1494,18 @@ void rdp_write_large_pointer_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{dd871563}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_surface_commands_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_surface_commands_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 12)
return FALSE;
stream_seek_UINT32(s); /* cmdFlags (4 bytes) */
stream_seek_UINT32(s); /* reserved (4 bytes) */
settings->SurfaceCommandsEnabled = TRUE;
return TRUE;
}
/**
@ -1426,14 +1537,19 @@ void rdp_write_surface_commands_capability_set(STREAM* s, rdpSettings* settings)
* @msdn{dd891377}
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_bitmap_codecs_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_bitmap_codecs_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
BYTE bitmapCodecCount;
UINT16 codecPropertiesLength;
UINT16 remainingLength;
if(length < 5)
return FALSE;
stream_read_BYTE(s, bitmapCodecCount); /* bitmapCodecCount (1 byte) */
remainingLength = length - 5;
if (settings->ServerMode)
{
@ -1444,6 +1560,8 @@ void rdp_read_bitmap_codecs_capability_set(STREAM* s, UINT16 length, rdpSettings
while (bitmapCodecCount > 0)
{
if(remainingLength < 19)
return FALSE;
if (settings->ServerMode && strncmp((char*) stream_get_tail(s), CODEC_GUID_REMOTEFX, 16) == 0)
{
stream_seek(s, 16); /* codecGUID (16 bytes) */
@ -1463,10 +1581,16 @@ void rdp_read_bitmap_codecs_capability_set(STREAM* s, UINT16 length, rdpSettings
}
stream_read_UINT16(s, codecPropertiesLength); /* codecPropertiesLength (2 bytes) */
remainingLength -= 19;
if(remainingLength < codecPropertiesLength)
return FALSE;
stream_seek(s, codecPropertiesLength); /* codecProperties */
remainingLength -= codecPropertiesLength;
bitmapCodecCount--;
}
return TRUE;
}
/**
@ -1604,7 +1728,7 @@ void rdp_write_bitmap_codecs_capability_set(STREAM* s, rdpSettings* settings)
}
else
{
stream_write_BYTE(s, CODEC_ID_REMOTEFX); /* codecID */
stream_write_BYTE(s, RDP_CODEC_ID_REMOTEFX); /* codecID */
rdp_write_rfx_client_capability_container(s, settings);
}
}
@ -1618,7 +1742,7 @@ void rdp_write_bitmap_codecs_capability_set(STREAM* s, rdpSettings* settings)
}
else
{
stream_write_BYTE(s, CODEC_ID_NSCODEC); /* codecID */
stream_write_BYTE(s, RDP_CODEC_ID_NSCODEC); /* codecID */
rdp_write_nsc_client_capability_container(s, settings);
}
}
@ -1632,7 +1756,7 @@ void rdp_write_bitmap_codecs_capability_set(STREAM* s, rdpSettings* settings)
}
else
{
stream_write_BYTE(s, CODEC_ID_JPEG); /* codecID */
stream_write_BYTE(s, RDP_CODEC_ID_JPEG); /* codecID */
rdp_write_jpeg_client_capability_container(s, settings);
}
}
@ -1643,10 +1767,14 @@ void rdp_write_bitmap_codecs_capability_set(STREAM* s, rdpSettings* settings)
* Read frame acknowledge capability set.\n
* @param s stream
* @param settings settings
* @return if the operation completed successfully
*/
void rdp_read_frame_acknowledge_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_frame_acknowledge_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 8)
return FALSE;
if (settings->ServerMode)
{
stream_read_UINT32(s, settings->FrameAcknowledge); /* (4 bytes) */
@ -1655,11 +1783,15 @@ void rdp_read_frame_acknowledge_capability_set(STREAM* s, UINT16 length, rdpSett
{
stream_seek_UINT32(s); /* (4 bytes) */
}
return TRUE;
}
void rdp_read_bitmap_cache_v3_codec_id_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
BOOL rdp_read_bitmap_cache_v3_codec_id_capability_set(STREAM* s, UINT16 length, rdpSettings* settings)
{
if(length < 5)
return FALSE;
stream_seek_BYTE(s); /* (1 byte) */
return TRUE;
}
void rdp_write_bitmap_cache_v3_codec_id_capability_set(STREAM* s, rdpSettings* settings)
@ -1715,119 +1847,148 @@ BOOL rdp_read_capability_sets(STREAM* s, rdpSettings* settings, UINT16 numberCap
switch (type)
{
case CAPSET_TYPE_GENERAL:
rdp_read_general_capability_set(s, length, settings);
if(!rdp_read_general_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_BITMAP:
rdp_read_bitmap_capability_set(s, length, settings);
if(!rdp_read_bitmap_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_ORDER:
rdp_read_order_capability_set(s, length, settings);
if(!rdp_read_order_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_BITMAP_CACHE:
rdp_read_bitmap_cache_capability_set(s, length, settings);
if(!rdp_read_bitmap_cache_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_CONTROL:
rdp_read_control_capability_set(s, length, settings);
if(!rdp_read_control_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_ACTIVATION:
rdp_read_window_activation_capability_set(s, length, settings);
if(!rdp_read_window_activation_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_POINTER:
rdp_read_pointer_capability_set(s, length, settings);
if(!rdp_read_pointer_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_SHARE:
rdp_read_share_capability_set(s, length, settings);
if(!rdp_read_share_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_COLOR_CACHE:
rdp_read_color_cache_capability_set(s, length, settings);
if(!rdp_read_color_cache_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_SOUND:
rdp_read_sound_capability_set(s, length, settings);
if(!rdp_read_sound_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_INPUT:
rdp_read_input_capability_set(s, length, settings);
if(!rdp_read_input_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_FONT:
rdp_read_font_capability_set(s, length, settings);
if(!rdp_read_font_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_BRUSH:
rdp_read_brush_capability_set(s, length, settings);
if(!rdp_read_brush_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_GLYPH_CACHE:
rdp_read_glyph_cache_capability_set(s, length, settings);
if(!rdp_read_glyph_cache_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_OFFSCREEN_CACHE:
rdp_read_offscreen_bitmap_cache_capability_set(s, length, settings);
if(!rdp_read_offscreen_bitmap_cache_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_BITMAP_CACHE_HOST_SUPPORT:
rdp_read_bitmap_cache_host_support_capability_set(s, length, settings);
if(!rdp_read_bitmap_cache_host_support_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_BITMAP_CACHE_V2:
rdp_read_bitmap_cache_v2_capability_set(s, length, settings);
if(!rdp_read_bitmap_cache_v2_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_VIRTUAL_CHANNEL:
rdp_read_virtual_channel_capability_set(s, length, settings);
if(!rdp_read_virtual_channel_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_DRAW_NINE_GRID_CACHE:
rdp_read_draw_nine_grid_cache_capability_set(s, length, settings);
if(!rdp_read_draw_nine_grid_cache_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_DRAW_GDI_PLUS:
rdp_read_draw_gdiplus_cache_capability_set(s, length, settings);
if(!rdp_read_draw_gdiplus_cache_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_RAIL:
rdp_read_remote_programs_capability_set(s, length, settings);
if(!rdp_read_remote_programs_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_WINDOW:
rdp_read_window_list_capability_set(s, length, settings);
if(!rdp_read_window_list_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_COMP_DESK:
rdp_read_desktop_composition_capability_set(s, length, settings);
if(!rdp_read_desktop_composition_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_MULTI_FRAGMENT_UPDATE:
rdp_read_multifragment_update_capability_set(s, length, settings);
if(!rdp_read_multifragment_update_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_LARGE_POINTER:
rdp_read_large_pointer_capability_set(s, length, settings);
if(!rdp_read_large_pointer_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_SURFACE_COMMANDS:
rdp_read_surface_commands_capability_set(s, length, settings);
if(!rdp_read_surface_commands_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_BITMAP_CODECS:
rdp_read_bitmap_codecs_capability_set(s, length, settings);
if(!rdp_read_bitmap_codecs_capability_set(s, length, settings))
return FALSE;
break;
case CAPSET_TYPE_FRAME_ACKNOWLEDGE:
rdp_read_frame_acknowledge_capability_set(s, length, settings);
if(!rdp_read_frame_acknowledge_capability_set(s, length, settings))
return FALSE;
break;
case 6:
rdp_read_bitmap_cache_v3_codec_id_capability_set(s, length, settings);
case CAPSET_TYPE_BITMAP_CACHE_V3_CODEC_ID:
if(!rdp_read_bitmap_cache_v3_codec_id_capability_set(s, length, settings))
return FALSE;
break;
default:
@ -1868,7 +2029,9 @@ BOOL rdp_recv_demand_active(rdpRdp* rdp, STREAM* s)
if (rdp->settings->DisableEncryption)
{
rdp_read_security_header(s, &securityFlags);
if (!rdp_read_security_header(s, &securityFlags))
return FALSE;
if (securityFlags & SEC_ENCRYPT)
{
if (!rdp_decrypt(rdp, s, length - 4, securityFlags))
@ -1899,10 +2062,13 @@ BOOL rdp_recv_demand_active(rdpRdp* rdp, STREAM* s)
return FALSE;
}
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, rdp->settings->ShareId); /* shareId (4 bytes) */
stream_read_UINT16(s, lengthSourceDescriptor); /* lengthSourceDescriptor (2 bytes) */
stream_read_UINT16(s, lengthCombinedCapabilities); /* lengthCombinedCapabilities (2 bytes) */
stream_seek(s, lengthSourceDescriptor); /* sourceDescriptor */
if (!stream_skip(s, lengthSourceDescriptor) || stream_get_left(s) < 4) /* sourceDescriptor */
return FALSE;
stream_read_UINT16(s, numberCapabilities); /* numberCapabilities (2 bytes) */
stream_seek(s, 2); /* pad2Octets (2 bytes) */
@ -2003,7 +2169,8 @@ BOOL rdp_recv_confirm_active(rdpRdp* rdp, STREAM* s)
if (rdp->settings->DisableEncryption)
{
rdp_read_security_header(s, &securityFlags);
if (!rdp_read_security_header(s, &securityFlags))
return FALSE;
if (securityFlags & SEC_ENCRYPT)
{
if (!rdp_decrypt(rdp, s, length - 4, securityFlags))
@ -2025,18 +2192,19 @@ BOOL rdp_recv_confirm_active(rdpRdp* rdp, STREAM* s)
if (pduType != PDU_TYPE_CONFIRM_ACTIVE)
return FALSE;
if(stream_get_left(s) < 10)
return FALSE;
stream_seek_UINT32(s); /* shareId (4 bytes) */
stream_seek_UINT16(s); /* originatorId (2 bytes) */
stream_read_UINT16(s, lengthSourceDescriptor); /* lengthSourceDescriptor (2 bytes) */
stream_read_UINT16(s, lengthCombinedCapabilities); /* lengthCombinedCapabilities (2 bytes) */
if(stream_get_left(s) < lengthSourceDescriptor+4)
return FALSE;
stream_seek(s, lengthSourceDescriptor); /* sourceDescriptor */
stream_read_UINT16(s, numberCapabilities); /* numberCapabilities (2 bytes) */
stream_seek(s, 2); /* pad2Octets (2 bytes) */
if (!rdp_read_capability_sets(s, rdp->settings, numberCapabilities))
return FALSE;
return TRUE;
return rdp_read_capability_sets(s, rdp->settings, numberCapabilities);
}
void rdp_write_confirm_active(STREAM* s, rdpSettings* settings)

110
libfreerdp/core/certificate.c
View File

@ -129,7 +129,7 @@
* @param cert X.509 certificate
*/
void certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info)
BOOL certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info)
{
STREAM* s;
int length;
@ -141,73 +141,100 @@ void certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info)
s = stream_new(0);
stream_attach(s, cert->data, cert->length);
ber_read_sequence_tag(s, &length); /* Certificate (SEQUENCE) */
if(!ber_read_sequence_tag(s, &length)) /* Certificate (SEQUENCE) */
goto error1;
ber_read_sequence_tag(s, &length); /* TBSCertificate (SEQUENCE) */
if(!ber_read_sequence_tag(s, &length)) /* TBSCertificate (SEQUENCE) */
goto error1;
/* Explicit Contextual Tag [0] */
ber_read_contextual_tag(s, 0, &length, TRUE);
ber_read_integer(s, &version); /* version (INTEGER) */
if(!ber_read_contextual_tag(s, 0, &length, TRUE))
goto error1;
if(!ber_read_integer(s, &version)) /* version (INTEGER) */
goto error1;
version++;
/* serialNumber */
ber_read_integer(s, NULL); /* CertificateSerialNumber (INTEGER) */
if(!ber_read_integer(s, NULL)) /* CertificateSerialNumber (INTEGER) */
goto error1;
/* signature */
ber_read_sequence_tag(s, &length); /* AlgorithmIdentifier (SEQUENCE) */
stream_seek(s, length);
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
goto error1;
/* issuer */
ber_read_sequence_tag(s, &length); /* Name (SEQUENCE) */
stream_seek(s, length);
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Name (SEQUENCE) */
goto error1;
/* validity */
ber_read_sequence_tag(s, &length); /* Validity (SEQUENCE) */
stream_seek(s, length);
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Validity (SEQUENCE) */
goto error1;
/* subject */
ber_read_sequence_tag(s, &length); /* Name (SEQUENCE) */
stream_seek(s, length);
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Name (SEQUENCE) */
goto error1;
/* subjectPublicKeyInfo */
ber_read_sequence_tag(s, &length); /* SubjectPublicKeyInfo (SEQUENCE) */
if(!ber_read_sequence_tag(s, &length)) /* SubjectPublicKeyInfo (SEQUENCE) */
goto error1;
/* subjectPublicKeyInfo::AlgorithmIdentifier */
ber_read_sequence_tag(s, &length); /* AlgorithmIdentifier (SEQUENCE) */
stream_seek(s, length);
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
goto error1;
/* subjectPublicKeyInfo::subjectPublicKey */
ber_read_bit_string(s, &length, &padding); /* BIT_STRING */
if(!ber_read_bit_string(s, &length, &padding)) /* BIT_STRING */
goto error1;
/* RSAPublicKey (SEQUENCE) */
ber_read_sequence_tag(s, &length); /* SEQUENCE */
if(!ber_read_sequence_tag(s, &length)) /* SEQUENCE */
goto error1;
ber_read_integer_length(s, &modulus_length); /* modulus (INTEGER) */
if(!ber_read_integer_length(s, &modulus_length)) /* modulus (INTEGER) */
goto error1;
/* skip zero padding, if any */
do
{
if(stream_get_left(s) < padding)
goto error1;
stream_peek_BYTE(s, padding);
if (padding == 0)
{
if(stream_get_left(s) < 1)
goto error1;
stream_seek(s, 1);
modulus_length--;
}
}
while (padding == 0);
if(stream_get_left(s) < modulus_length)
goto error1;
info->ModulusLength = modulus_length;
info->Modulus = (BYTE*) malloc(info->ModulusLength);
stream_read(s, info->Modulus, info->ModulusLength);
ber_read_integer_length(s, &exponent_length); /* publicExponent (INTEGER) */
if(!ber_read_integer_length(s, &exponent_length)) /* publicExponent (INTEGER) */
goto error2;
if(stream_get_left(s) < exponent_length)
goto error2;
stream_read(s, &info->exponent[4 - exponent_length], exponent_length);
crypto_reverse(info->Modulus, info->ModulusLength);
crypto_reverse(info->exponent, 4);
stream_detach(s);
stream_free(s);
return TRUE;
error2:
free(info->Modulus);
info->Modulus = 0;
error1:
stream_detach(s);
stream_free(s);
return FALSE;
}
/**
@ -259,6 +286,8 @@ static BOOL certificate_process_server_public_key(rdpCertificate* certificate, S
UINT32 datalen;
UINT32 modlen;
if(stream_get_left(s) < 20)
return FALSE;
stream_read(s, magic, 4);
if (memcmp(magic, "RSA1", 4) != 0)
@ -273,6 +302,8 @@ static BOOL certificate_process_server_public_key(rdpCertificate* certificate, S
stream_read(s, certificate->cert_info.exponent, 4);
modlen = keylen - 8;
if(stream_get_left(s) < modlen + 8) // count padding
return FALSE;
certificate->cert_info.ModulusLength = modlen;
certificate->cert_info.Modulus = malloc(certificate->cert_info.ModulusLength);
stream_read(s, certificate->cert_info.Modulus, certificate->cert_info.ModulusLength);
@ -282,7 +313,8 @@ static BOOL certificate_process_server_public_key(rdpCertificate* certificate, S
return TRUE;
}
static BOOL certificate_process_server_public_signature(rdpCertificate* certificate, BYTE* sigdata, int sigdatalen, STREAM* s, UINT32 siglen)
static BOOL certificate_process_server_public_signature(rdpCertificate* certificate,
const BYTE* sigdata, int sigdatalen, STREAM* s, UINT32 siglen)
{
int i, sum;
CryptoMd5 md5ctx;
@ -354,6 +386,9 @@ BOOL certificate_read_server_proprietary_certificate(rdpCertificate* certificate
BYTE* sigdata;
int sigdatalen;
if(stream_get_left(s) < 12)
return FALSE;
/* -4, because we need to include dwVersion */
sigdata = stream_get_tail(s) - 4;
stream_read_UINT32(s, dwSigAlgId);
@ -374,6 +409,8 @@ BOOL certificate_read_server_proprietary_certificate(rdpCertificate* certificate
}
stream_read_UINT16(s, wPublicKeyBlobLen);
if(stream_get_left(s) < wPublicKeyBlobLen)
return FALSE;
if (!certificate_process_server_public_key(certificate, s, wPublicKeyBlobLen))
{
@ -381,6 +418,9 @@ BOOL certificate_read_server_proprietary_certificate(rdpCertificate* certificate
return FALSE;
}
if(stream_get_left(s) < 4)
return FALSE;
sigdatalen = stream_get_tail(s) - sigdata;
stream_read_UINT16(s, wSignatureBlobType);
@ -391,6 +431,8 @@ BOOL certificate_read_server_proprietary_certificate(rdpCertificate* certificate
}
stream_read_UINT16(s, wSignatureBlobLen);
if(stream_get_left(s) < wSignatureBlobLen)
return FALSE;
if (wSignatureBlobLen != 72)
{
@ -418,16 +460,23 @@ BOOL certificate_read_server_x509_certificate_chain(rdpCertificate* certificate,
int i;
UINT32 certLength;
UINT32 numCertBlobs;
BOOL ret;
DEBUG_CERTIFICATE("Server X.509 Certificate Chain");
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, numCertBlobs); /* numCertBlobs */
certificate->x509_cert_chain = certificate_new_x509_certificate_chain(numCertBlobs);
for (i = 0; i < (int) numCertBlobs; i++)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, certLength);
if(stream_get_left(s) < certLength)
return FALSE;
DEBUG_CERTIFICATE("\nX.509 Certificate #%d, length:%d", i + 1, certLength);
@ -439,14 +488,17 @@ BOOL certificate_read_server_x509_certificate_chain(rdpCertificate* certificate,
{
rdpCertInfo cert_info;
DEBUG_CERTIFICATE("License Server Certificate");
certificate_read_x509_certificate(&certificate->x509_cert_chain->array[i], &cert_info);
ret = certificate_read_x509_certificate(&certificate->x509_cert_chain->array[i], &cert_info);
DEBUG_LICENSE("modulus length:%d", (int) cert_info.ModulusLength);
free(cert_info.Modulus);
if(!ret)
return FALSE;
}
else if (numCertBlobs - i == 1)
{
DEBUG_CERTIFICATE("Terminal Server Certificate");
certificate_read_x509_certificate(&certificate->x509_cert_chain->array[i], &certificate->cert_info);
if (!certificate_read_x509_certificate(&certificate->x509_cert_chain->array[i], &certificate->cert_info))
return FALSE;
DEBUG_CERTIFICATE("modulus length:%d", (int) certificate->cert_info.ModulusLength);
}
}
@ -465,6 +517,7 @@ BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* serv
{
STREAM* s;
UINT32 dwVersion;
BOOL ret = TRUE;
if (length < 1)
{
@ -472,6 +525,9 @@ BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* serv
return FALSE;
}
if (length < 4)
return FALSE;
s = stream_new(0);
stream_attach(s, server_cert, length);
@ -480,11 +536,11 @@ BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* serv
switch (dwVersion & CERT_CHAIN_VERSION_MASK)
{
case CERT_CHAIN_VERSION_1:
certificate_read_server_proprietary_certificate(certificate, s);
ret = certificate_read_server_proprietary_certificate(certificate, s);
break;
case CERT_CHAIN_VERSION_2:
certificate_read_server_x509_certificate_chain(certificate, s);
ret = certificate_read_server_x509_certificate_chain(certificate, s);
break;
default:
@ -493,7 +549,7 @@ BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* serv
}
free(s);
return TRUE;
return ret;
}
rdpRsaKey* key_new(const char* keyfile)

2
libfreerdp/core/certificate.h
View File

@ -42,7 +42,7 @@
#define BB_RSA_KEY_BLOB 6
#define BB_RSA_SIGNATURE_BLOB 8
void certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info);
BOOL certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info);
rdpX509CertChain* certificate_new_x509_certificate_chain(UINT32 count);
void certificate_free_x509_certificate_chain(rdpX509CertChain* x509_cert_chain);

10
libfreerdp/core/channel.c
View File

@ -91,30 +91,36 @@ BOOL freerdp_channel_send(rdpRdp* rdp, UINT16 channel_id, BYTE* data, int size)
return TRUE;
}
void freerdp_channel_process(freerdp* instance, STREAM* s, UINT16 channel_id)
BOOL freerdp_channel_process(freerdp* instance, STREAM* s, UINT16 channel_id)
{
UINT32 length;
UINT32 flags;
int chunk_length;
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, length);
stream_read_UINT32(s, flags);
chunk_length = stream_get_left(s);
IFCALL(instance->ReceiveChannelData, instance,
channel_id, stream_get_tail(s), chunk_length, flags, length);
return TRUE;
}
void freerdp_channel_peer_process(freerdp_peer* client, STREAM* s, UINT16 channel_id)
BOOL freerdp_channel_peer_process(freerdp_peer* client, STREAM* s, UINT16 channel_id)
{
UINT32 length;
UINT32 flags;
int chunk_length;
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, length);
stream_read_UINT32(s, flags);
chunk_length = stream_get_left(s);
IFCALL(client->ReceiveChannelData, client,
channel_id, stream_get_tail(s), chunk_length, flags, length);
return TRUE;
}

4
libfreerdp/core/channel.h
View File

@ -21,7 +21,7 @@
#define __CHANNEL_H
BOOL freerdp_channel_send(rdpRdp* rdp, UINT16 channel_id, BYTE* data, int size);
void freerdp_channel_process(freerdp* instance, STREAM* s, UINT16 channel_id);
void freerdp_channel_peer_process(freerdp_peer* client, STREAM* s, UINT16 channel_id);
BOOL freerdp_channel_process(freerdp* instance, STREAM* s, UINT16 channel_id);
BOOL freerdp_channel_peer_process(freerdp_peer* client, STREAM* s, UINT16 channel_id);
#endif /* __CHANNEL_H */

79
libfreerdp/core/fastpath.c
View File

@ -127,10 +127,9 @@ static INLINE void fastpath_write_update_header(STREAM* s, BYTE updateCode, BYTE
stream_write_BYTE(s, updateHeader);
}
UINT16 fastpath_read_header_rdp(rdpFastPath* fastpath, STREAM* s)
BOOL fastpath_read_header_rdp(rdpFastPath* fastpath, STREAM* s, UINT16 *length)
{
BYTE header;
UINT16 length;
stream_read_BYTE(s, header);
@ -140,9 +139,11 @@ UINT16 fastpath_read_header_rdp(rdpFastPath* fastpath, STREAM* s)
fastpath->numberEvents = (header & 0x3C) >> 2;
}
per_read_length(s, &length);
if (!per_read_length(s, length))
return FALSE;
return length - stream_get_length(s);
*length = *length - stream_get_length(s);
return TRUE;
}
static BOOL fastpath_recv_orders(rdpFastPath* fastpath, STREAM* s)
@ -162,35 +163,44 @@ static BOOL fastpath_recv_orders(rdpFastPath* fastpath, STREAM* s)
return TRUE;
}
static void fastpath_recv_update_common(rdpFastPath* fastpath, STREAM* s)
static BOOL fastpath_recv_update_common(rdpFastPath* fastpath, STREAM* s)
{
UINT16 updateType;
rdpUpdate* update = fastpath->rdp->update;
rdpContext* context = update->context;
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, updateType); /* updateType (2 bytes) */
switch (updateType)
{
case UPDATE_TYPE_BITMAP:
update_read_bitmap(update, s, &update->bitmap_update);
if(!update_read_bitmap(update, s, &update->bitmap_update))
return FALSE;
IFCALL(update->BitmapUpdate, context, &update->bitmap_update);
break;
case UPDATE_TYPE_PALETTE:
update_read_palette(update, s, &update->palette_update);
if(!update_read_palette(update, s, &update->palette_update))
return FALSE;
IFCALL(update->Palette, context, &update->palette_update);
break;
}
return TRUE;
}
static void fastpath_recv_update_synchronize(rdpFastPath* fastpath, STREAM* s)
static BOOL fastpath_recv_update_synchronize(rdpFastPath* fastpath, STREAM* s)
{
stream_seek_UINT16(s); /* size (2 bytes), must be set to zero */
/* server 2008 can send invalid synchronize packet with missing padding,
so don't return FALSE even if the packet is invalid */
stream_skip(s, 2); /* size (2 bytes), MUST be set to zero */
return TRUE;
}
static BOOL fastpath_recv_update(rdpFastPath* fastpath, BYTE updateCode, UINT32 size, STREAM* s)
static int fastpath_recv_update(rdpFastPath* fastpath, BYTE updateCode, UINT32 size, STREAM* s)
{
int status = 0;
rdpUpdate* update = fastpath->rdp->update;
rdpContext* context = fastpath->rdp->update->context;
rdpPointerUpdate* pointer = update->pointer;
@ -204,21 +214,24 @@ static BOOL fastpath_recv_update(rdpFastPath* fastpath, BYTE updateCode, UINT32
{
case FASTPATH_UPDATETYPE_ORDERS:
if (!fastpath_recv_orders(fastpath, s))
return FALSE;
return -1;
break;
case FASTPATH_UPDATETYPE_BITMAP:
case FASTPATH_UPDATETYPE_PALETTE:
fastpath_recv_update_common(fastpath, s);
if (!fastpath_recv_update_common(fastpath, s))
return -1;
break;
case FASTPATH_UPDATETYPE_SYNCHRONIZE:
fastpath_recv_update_synchronize(fastpath, s);
IFCALL(update->Synchronize, context);
if (!fastpath_recv_update_synchronize(fastpath, s))
printf("fastpath_recv_update_synchronize failure but we continue\n");
else
IFCALL(update->Synchronize, context);
break;
case FASTPATH_UPDATETYPE_SURFCMDS:
update_recv_surfcmds(update, size, s);
status = update_recv_surfcmds(update, size, s);
break;
case FASTPATH_UPDATETYPE_PTR_NULL:
@ -232,22 +245,26 @@ static BOOL fastpath_recv_update(rdpFastPath* fastpath, BYTE updateCode, UINT32
break;
case FASTPATH_UPDATETYPE_PTR_POSITION:
update_read_pointer_position(s, &pointer->pointer_position);
if (!update_read_pointer_position(s, &pointer->pointer_position))
return -1;
IFCALL(pointer->PointerPosition, context, &pointer->pointer_position);
break;
case FASTPATH_UPDATETYPE_COLOR:
update_read_pointer_color(s, &pointer->pointer_color);
if (!update_read_pointer_color(s, &pointer->pointer_color))
return -1;
IFCALL(pointer->PointerColor, context, &pointer->pointer_color);
break;
case FASTPATH_UPDATETYPE_CACHED:
update_read_pointer_cached(s, &pointer->pointer_cached);
if (!update_read_pointer_cached(s, &pointer->pointer_cached))
return -1;
IFCALL(pointer->PointerCached, context, &pointer->pointer_cached);
break;
case FASTPATH_UPDATETYPE_POINTER:
update_read_pointer_new(s, &pointer->pointer_new);
if (!update_read_pointer_new(s, &pointer->pointer_new))
return -1;
IFCALL(pointer->PointerNew, context, &pointer->pointer_new);
break;
@ -256,11 +273,12 @@ static BOOL fastpath_recv_update(rdpFastPath* fastpath, BYTE updateCode, UINT32
break;
}
return TRUE;
return status;
}
static BOOL fastpath_recv_update_data(rdpFastPath* fastpath, STREAM* s)
{
int status;
UINT16 size;
int next_pos;
UINT32 totalSize;
@ -270,10 +288,11 @@ static BOOL fastpath_recv_update_data(rdpFastPath* fastpath, STREAM* s)
BYTE compressionFlags;
STREAM* update_stream;
STREAM* comp_stream;
rdpRdp *rdp;
rdpRdp* rdp;
UINT32 roff;
UINT32 rlen;
status = 0;
rdp = fastpath->rdp;
fastpath_read_update_header(s, &updateCode, &fragmentation, &compression);
@ -284,6 +303,10 @@ static BOOL fastpath_recv_update_data(rdpFastPath* fastpath, STREAM* s)
compressionFlags = 0;
stream_read_UINT16(s, size);
if (stream_get_left(s) < size)
return -1;
next_pos = stream_get_pos(s) + size;
comp_stream = s;
@ -317,6 +340,7 @@ static BOOL fastpath_recv_update_data(rdpFastPath* fastpath, STREAM* s)
stream_check_size(fastpath->updateData, size);
stream_copy(fastpath->updateData, comp_stream, size);
/* TODO: add a limit on the fragmentation buffer size */
if (fragmentation == FASTPATH_FRAGMENT_LAST)
{
@ -328,8 +352,10 @@ static BOOL fastpath_recv_update_data(rdpFastPath* fastpath, STREAM* s)
if (update_stream)
{
if (!fastpath_recv_update(fastpath, updateCode, totalSize, update_stream))
return FALSE;
status = fastpath_recv_update(fastpath, updateCode, totalSize, update_stream);
if (status < 0)
return -1;
}
stream_set_pos(s, next_pos);
@ -337,24 +363,25 @@ static BOOL fastpath_recv_update_data(rdpFastPath* fastpath, STREAM* s)
if (comp_stream != s)
free(comp_stream);
return TRUE;
return status;
}
int fastpath_recv_updates(rdpFastPath* fastpath, STREAM* s)
{
int status = 0;
rdpUpdate* update = fastpath->rdp->update;
IFCALL(update->BeginPaint, update->context);
while (stream_get_left(s) >= 3)
{
if (!fastpath_recv_update_data(fastpath, s))
if (fastpath_recv_update_data(fastpath, s) < 0)
return -1;
}
IFCALL(update->EndPaint, update->context);
return 0;
return status;
}
static BOOL fastpath_read_input_event_header(STREAM* s, BYTE* eventFlags, BYTE* eventCode)

2
libfreerdp/core/fastpath.h
View File

@ -104,7 +104,7 @@ struct rdp_fastpath
UINT16 fastpath_header_length(STREAM* s);
UINT16 fastpath_read_header(rdpFastPath* fastpath, STREAM* s);
UINT16 fastpath_read_header_rdp(rdpFastPath* fastpath, STREAM* s);
BOOL fastpath_read_header_rdp(rdpFastPath* fastpath, STREAM* s, UINT16 *length);
BOOL fastpath_recv_updates(rdpFastPath* fastpath, STREAM* s);
BOOL fastpath_recv_inputs(rdpFastPath* fastpath, STREAM* s);

35
libfreerdp/core/gcc.c
View File

@ -314,7 +314,8 @@ BOOL gcc_read_client_data_blocks(STREAM* s, rdpSettings* settings, int length)
while (length > 0)
{
pos = stream_get_pos(s);
gcc_read_user_data_header(s, &type, &blockLength);
if(!gcc_read_user_data_header(s, &type, &blockLength))
return FALSE;
switch (type)
{
@ -452,12 +453,12 @@ void gcc_write_server_data_blocks(STREAM* s, rdpSettings* settings)
BOOL gcc_read_user_data_header(STREAM* s, UINT16* type, UINT16* length)
{
if (stream_get_left(s) < 4)
return FALSE;
stream_read_UINT16(s, *type); /* type */
stream_read_UINT16(s, *length); /* length */
if (*length < 4)
return FALSE;
if (stream_get_left(s) < *length - 4)
return FALSE;
@ -655,13 +656,13 @@ BOOL gcc_read_client_core_data(STREAM* s, rdpSettings* settings, UINT16 blockLen
void gcc_write_client_core_data(STREAM* s, rdpSettings* settings)
{
UINT32 version;
WCHAR* clientName;
WCHAR* clientName = NULL;
int clientNameLength;
BYTE connectionType;
UINT16 highColorDepth;
UINT16 supportedColorDepths;
UINT16 earlyCapabilityFlags;
WCHAR* clientDigProductId;
WCHAR* clientDigProductId = NULL;
int clientDigProductIdLength;
gcc_write_user_data_header(s, CS_CORE, 216);
@ -749,6 +750,8 @@ BOOL gcc_read_server_core_data(STREAM* s, rdpSettings* settings)
UINT32 version;
UINT32 clientRequestedProtocols;
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, version); /* version */
stream_read_UINT32(s, clientRequestedProtocols); /* clientRequestedProtocols */
@ -822,6 +825,8 @@ BOOL gcc_read_server_security_data(STREAM* s, rdpSettings* settings)
BYTE* data;
UINT32 length;
if (stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, settings->EncryptionMethods); /* encryptionMethod */
stream_read_UINT32(s, settings->EncryptionLevel); /* encryptionLevel */
@ -834,9 +839,14 @@ BOOL gcc_read_server_security_data(STREAM* s, rdpSettings* settings)
return TRUE;
}
if (stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, settings->ServerRandomLength); /* serverRandomLen */
stream_read_UINT32(s, settings->ServerCertificateLength); /* serverCertLen */
if (stream_get_left(s) < settings->ServerRandomLength + settings->ServerCertificateLength)
return FALSE;
if (settings->ServerRandomLength > 0)
{
/* serverRandom */
@ -1106,6 +1116,8 @@ BOOL gcc_read_server_network_data(STREAM* s, rdpSettings* settings)
UINT16 channelCount;
UINT16 channelId;
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT16(s, MCSChannelId); /* MCSChannelId */
stream_read_UINT16(s, channelCount); /* channelCount */
@ -1115,6 +1127,9 @@ BOOL gcc_read_server_network_data(STREAM* s, rdpSettings* settings)
settings->ChannelCount, channelCount);
}
if(stream_get_left(s) < channelCount * 2)
return FALSE;
for (i = 0; i < channelCount; i++)
{
stream_read_UINT16(s, channelId); /* channelId */
@ -1122,7 +1137,7 @@ BOOL gcc_read_server_network_data(STREAM* s, rdpSettings* settings)
}
if (channelCount % 2 == 1)
stream_seek(s, 2); /* padding */
return stream_skip(s, 2); /* padding */
return TRUE;
}
@ -1156,13 +1171,17 @@ BOOL gcc_read_client_cluster_data(STREAM* s, rdpSettings* settings, UINT16 block
{
UINT32 flags;
if (blockLength < 8)
if (blockLength < 4)
return FALSE;
stream_read_UINT32(s, flags); /* flags */
if ((flags & REDIRECTED_SESSIONID_FIELD_VALID))
{
if(blockLength < 8)
return FALSE;
stream_read_UINT32(s, settings->RedirectedSessionId); /* redirectedSessionID */
}
return TRUE;
}

73
libfreerdp/core/info.c
View File

@ -49,15 +49,18 @@ static const char* const INFO_TYPE_LOGON_STRINGS[] =
* @param settings settings
*/
void rdp_read_server_auto_reconnect_cookie(STREAM* s, rdpSettings* settings)
BOOL rdp_read_server_auto_reconnect_cookie(STREAM* s, rdpSettings* settings)
{
ARC_SC_PRIVATE_PACKET* autoReconnectCookie;
autoReconnectCookie = settings->ServerAutoReconnectCookie;
if(stream_get_left(s) < 4+4+4+16)
return FALSE;
stream_read_UINT32(s, autoReconnectCookie->cbLen); /* cbLen (4 bytes) */
stream_read_UINT32(s, autoReconnectCookie->version); /* version (4 bytes) */
stream_read_UINT32(s, autoReconnectCookie->logonId); /* LogonId (4 bytes) */
stream_read(s, autoReconnectCookie->arcRandomBits, 16); /* arcRandomBits (16 bytes) */
return TRUE;
}
/**
@ -115,6 +118,8 @@ BOOL rdp_read_extended_info_packet(STREAM* s, rdpSettings* settings)
UINT16 cbClientDir;
UINT16 cbAutoReconnectLen;
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT16(s, clientAddressFamily); /* clientAddressFamily */
stream_read_UINT16(s, cbClientAddress); /* cbClientAddress */
@ -126,6 +131,8 @@ BOOL rdp_read_extended_info_packet(STREAM* s, rdpSettings* settings)
ConvertFromUnicode(CP_UTF8, 0, (WCHAR*) stream_get_tail(s), cbClientAddress / 2, &settings->ClientAddress, 0, NULL, NULL);
stream_seek(s, cbClientAddress);
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, cbClientDir); /* cbClientDir */
if (stream_get_left(s) < cbClientDir)
@ -140,6 +147,8 @@ BOOL rdp_read_extended_info_packet(STREAM* s, rdpSettings* settings)
if (!rdp_read_client_time_zone(s, settings))
return FALSE;
if(stream_get_left(s) < 10)
return FALSE;
stream_seek_UINT32(s); /* clientSessionId, should be set to 0 */
stream_read_UINT32(s, settings->PerformanceFlags); /* performanceFlags */
@ -164,9 +173,9 @@ BOOL rdp_read_extended_info_packet(STREAM* s, rdpSettings* settings)
void rdp_write_extended_info_packet(STREAM* s, rdpSettings* settings)
{
int clientAddressFamily;
WCHAR* clientAddress;
WCHAR* clientAddress = NULL;
int cbClientAddress;
WCHAR* clientDir;
WCHAR* clientDir = NULL;
int cbClientDir;
int cbAutoReconnectLen;
@ -225,6 +234,9 @@ BOOL rdp_read_info_packet(STREAM* s, rdpSettings* settings)
UINT16 cbAlternateShell;
UINT16 cbWorkingDir;
if(stream_get_left(s) < 18) // invalid packet
return FALSE;
stream_seek_UINT32(s); /* CodePage */
stream_read_UINT32(s, flags); /* flags */
@ -468,53 +480,71 @@ BOOL rdp_send_client_info(rdpRdp* rdp)
return rdp_send(rdp, s, MCS_GLOBAL_CHANNEL_ID);
}
void rdp_recv_logon_info_v1(rdpRdp* rdp, STREAM* s)
BOOL rdp_recv_logon_info_v1(rdpRdp* rdp, STREAM* s)
{
UINT32 cbDomain;
UINT32 cbUserName;
if(stream_get_left(s) < 4+52+4+512+4)
return FALSE;
stream_read_UINT32(s, cbDomain); /* cbDomain (4 bytes) */
stream_seek(s, 52); /* domain (52 bytes) */
stream_read_UINT32(s, cbUserName); /* cbUserName (4 bytes) */
stream_seek(s, 512); /* userName (512 bytes) */
stream_seek_UINT32(s); /* sessionId (4 bytes) */
return TRUE;
}
void rdp_recv_logon_info_v2(rdpRdp* rdp, STREAM* s)
BOOL rdp_recv_logon_info_v2(rdpRdp* rdp, STREAM* s)
{
UINT32 cbDomain;
UINT32 cbUserName;
if(stream_get_left(s) < 2+4+4+4+4+558)
return FALSE;
stream_seek_UINT16(s); /* version (2 bytes) */
stream_seek_UINT32(s); /* size (4 bytes) */
stream_seek_UINT32(s); /* sessionId (4 bytes) */
stream_read_UINT32(s, cbDomain); /* cbDomain (4 bytes) */
stream_read_UINT32(s, cbUserName); /* cbUserName (4 bytes) */
stream_seek(s, 558); /* pad */
if(stream_get_left(s) < cbDomain+cbUserName)
return FALSE;
stream_seek(s, cbDomain); /* domain */
stream_seek(s, cbUserName); /* userName */
return TRUE;
}
void rdp_recv_logon_plain_notify(rdpRdp* rdp, STREAM* s)
BOOL rdp_recv_logon_plain_notify(rdpRdp* rdp, STREAM* s)
{
if(stream_get_left(s) < 576)
return FALSE;
stream_seek(s, 576); /* pad */
return TRUE;
}
void rdp_recv_logon_error_info(rdpRdp* rdp, STREAM* s)
BOOL rdp_recv_logon_error_info(rdpRdp* rdp, STREAM* s)
{
UINT32 errorNotificationType;
UINT32 errorNotificationData;
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, errorNotificationType); /* errorNotificationType (4 bytes) */
stream_read_UINT32(s, errorNotificationData); /* errorNotificationData (4 bytes) */
return TRUE;
}
void rdp_recv_logon_info_extended(rdpRdp* rdp, STREAM* s)
BOOL rdp_recv_logon_info_extended(rdpRdp* rdp, STREAM* s)
{
UINT32 cbFieldData;
UINT32 fieldsPresent;
UINT16 Length;
if(stream_get_left(s) < 6)
return FALSE;
stream_read_UINT16(s, Length); /* The total size in bytes of this structure */
stream_read_UINT32(s, fieldsPresent); /* fieldsPresent (4 bytes) */
@ -522,23 +552,34 @@ void rdp_recv_logon_info_extended(rdpRdp* rdp, STREAM* s)
if (fieldsPresent & LOGON_EX_AUTORECONNECTCOOKIE)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, cbFieldData); /* cbFieldData (4 bytes) */
rdp_read_server_auto_reconnect_cookie(s, rdp->settings);
if(rdp_read_server_auto_reconnect_cookie(s, rdp->settings) == FALSE)
return FALSE;
}
if (fieldsPresent & LOGON_EX_LOGONERRORS)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, cbFieldData); /* cbFieldData (4 bytes) */
rdp_recv_logon_error_info(rdp, s);
if(rdp_recv_logon_error_info(rdp, s) == FALSE)
return FALSE;
}
if(stream_get_left(s) < 570)
return FALSE;
stream_seek(s, 570); /* pad */
return TRUE;
}
BOOL rdp_recv_save_session_info(rdpRdp* rdp, STREAM* s)
{
UINT32 infoType;
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, infoType); /* infoType (4 bytes) */
//printf("%s\n", INFO_TYPE_LOGON_STRINGS[infoType]);
@ -546,20 +587,16 @@ BOOL rdp_recv_save_session_info(rdpRdp* rdp, STREAM* s)
switch (infoType)
{
case INFO_TYPE_LOGON:
rdp_recv_logon_info_v1(rdp, s);
break;
return rdp_recv_logon_info_v1(rdp, s);
case INFO_TYPE_LOGON_LONG:
rdp_recv_logon_info_v2(rdp, s);
break;
return rdp_recv_logon_info_v2(rdp, s);
case INFO_TYPE_LOGON_PLAIN_NOTIFY:
rdp_recv_logon_plain_notify(rdp, s);
break;
return rdp_recv_logon_plain_notify(rdp, s);
case INFO_TYPE_LOGON_EXTENDED_INF:
rdp_recv_logon_info_extended(rdp, s);
break;
return rdp_recv_logon_info_extended(rdp, s);
default:
break;

2
libfreerdp/core/info.h
View File

@ -75,7 +75,7 @@ void rdp_write_system_time(STREAM* s, SYSTEM_TIME* system_time);
void rdp_get_client_time_zone(STREAM* s, rdpSettings* settings);
BOOL rdp_read_client_time_zone(STREAM* s, rdpSettings* settings);
void rdp_write_client_time_zone(STREAM* s, rdpSettings* settings);
void rdp_read_server_auto_reconnect_cookie(STREAM* s, rdpSettings* settings);
BOOL rdp_read_server_auto_reconnect_cookie(STREAM* s, rdpSettings* settings);
BOOL rdp_read_client_auto_reconnect_cookie(STREAM* s, rdpSettings* settings);
void rdp_write_client_auto_reconnect_cookie(STREAM* s, rdpSettings* settings);
void rdp_write_auto_reconnect_cookie(STREAM* s, rdpSettings* settings);

2
libfreerdp/core/input.c
View File

@ -300,7 +300,7 @@ static BOOL input_recv_event(rdpInput* input, STREAM* s)
{
UINT16 messageType;
if (stream_get_left(s) < 4)
if (stream_get_left(s) < 6)
return FALSE;
stream_seek(s, 4); /* eventTime (4 bytes), ignored by the server */

94
libfreerdp/core/license.c
View File

@ -81,14 +81,18 @@ static const char* const state_transitions[] =
* @param bMsgType license message type
* @param flags message flags
* @param wMsgSize message size
* @return if the operation completed successfully
*/
void license_read_preamble(STREAM* s, BYTE* bMsgType, BYTE* flags, UINT16* wMsgSize)
BOOL license_read_preamble(STREAM* s, BYTE* bMsgType, BYTE* flags, UINT16* wMsgSize)
{
/* preamble (4 bytes) */
if(stream_get_left(s) < 4)
return FALSE;
stream_read_BYTE(s, *bMsgType); /* bMsgType (1 byte) */
stream_read_BYTE(s, *flags); /* flags (1 byte) */
stream_read_UINT16(s, *wMsgSize); /* wMsgSize (2 bytes) */
return TRUE;
}
/**
@ -170,6 +174,7 @@ BOOL license_send(rdpLicense* license, STREAM* s, BYTE type)
* @msdn{cc240479}
* @param license license module
* @param s stream
* @return if the operation completed successfully
*/
BOOL license_recv(rdpLicense* license, STREAM* s)
@ -187,7 +192,8 @@ BOOL license_recv(rdpLicense* license, STREAM* s)
return FALSE;
}
rdp_read_security_header(s, &sec_flags);
if(!rdp_read_security_header(s, &sec_flags))
return FALSE;
if (!(sec_flags & SEC_LICENSE_PKT))
{
stream_rewind(s, RDP_SECURITY_HEADER_LENGTH);
@ -199,19 +205,22 @@ BOOL license_recv(rdpLicense* license, STREAM* s)
return TRUE;
}
license_read_preamble(s, &bMsgType, &flags, &wMsgSize); /* preamble (4 bytes) */
if(!license_read_preamble(s, &bMsgType, &flags, &wMsgSize)) /* preamble (4 bytes) */
return FALSE;
DEBUG_LICENSE("Receiving %s Packet", LICENSE_MESSAGE_STRINGS[bMsgType & 0x1F]);
switch (bMsgType)
{
case LICENSE_REQUEST:
license_read_license_request_packet(license, s);
if (!license_read_license_request_packet(license, s))
return FALSE;
license_send_new_license_request_packet(license);
break;
case PLATFORM_CHALLENGE:
license_read_platform_challenge_packet(license, s);
if (!license_read_platform_challenge_packet(license, s))
return FALSE;
license_send_platform_challenge_response_packet(license);
break;
@ -224,7 +233,8 @@ BOOL license_recv(rdpLicense* license, STREAM* s)
break;
case ERROR_ALERT:
license_read_error_alert_packet(license, s);
if (!license_read_error_alert_packet(license, s))
return FALSE;
break;
default:
@ -386,19 +396,30 @@ void license_decrypt_platform_challenge(rdpLicense* license)
* @param productInfo product information
*/
void license_read_product_info(STREAM* s, PRODUCT_INFO* productInfo)
BOOL license_read_product_info(STREAM* s, PRODUCT_INFO* productInfo)
{
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, productInfo->dwVersion); /* dwVersion (4 bytes) */
stream_read_UINT32(s, productInfo->cbCompanyName); /* cbCompanyName (4 bytes) */
if(stream_get_left(s) < productInfo->cbCompanyName + 4)
return FALSE;
productInfo->pbCompanyName = (BYTE*) malloc(productInfo->cbCompanyName);
stream_read(s, productInfo->pbCompanyName, productInfo->cbCompanyName);
stream_read_UINT32(s, productInfo->cbProductId); /* cbProductId (4 bytes) */
if(stream_get_left(s) < productInfo->cbProductId)
{
free(productInfo->pbCompanyName);
productInfo->pbCompanyName = NULL;
return FALSE;
}
productInfo->pbProductId = (BYTE*) malloc(productInfo->cbProductId);
stream_read(s, productInfo->pbProductId, productInfo->cbProductId);
return TRUE;
}
/**
@ -446,19 +467,24 @@ void license_free_product_info(PRODUCT_INFO* productInfo)
* @param blob license binary blob
*/
void license_read_binary_blob(STREAM* s, LICENSE_BLOB* blob)
BOOL license_read_binary_blob(STREAM* s, LICENSE_BLOB* blob)
{
UINT16 wBlobType;
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT16(s, wBlobType); /* wBlobType (2 bytes) */
stream_read_UINT16(s, blob->length); /* wBlobLen (2 bytes) */
if(stream_get_left(s) < blob->length)
return FALSE;
/*
* Server can choose to not send data by setting len to 0.
* If so, it may not bother to set the type, so shortcut the warning
*/
if (blob->type != BB_ANY_BLOB && blob->length == 0)
return;
return TRUE;
if (blob->type != wBlobType && blob->type != BB_ANY_BLOB)
{
@ -469,6 +495,7 @@ void license_read_binary_blob(STREAM* s, LICENSE_BLOB* blob)
blob->data = (BYTE*) malloc(blob->length);
stream_read(s, blob->data, blob->length); /* blobData */
return TRUE;
}
/**
@ -540,11 +567,13 @@ void license_free_binary_blob(LICENSE_BLOB* blob)
* @param scopeList scope list
*/
void license_read_scope_list(STREAM* s, SCOPE_LIST* scopeList)
BOOL license_read_scope_list(STREAM* s, SCOPE_LIST* scopeList)
{
UINT32 i;
UINT32 scopeCount;
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, scopeCount); /* ScopeCount (4 bytes) */
scopeList->count = scopeCount;
@ -554,8 +583,10 @@ void license_read_scope_list(STREAM* s, SCOPE_LIST* scopeList)
for (i = 0; i < scopeCount; i++)
{
scopeList->array[i].type = BB_SCOPE_BLOB;
license_read_binary_blob(s, &scopeList->array[i]);
if(!license_read_binary_blob(s, &scopeList->array[i]))
return FALSE;
}
return TRUE;
}
/**
@ -608,30 +639,38 @@ void license_free_scope_list(SCOPE_LIST* scopeList)
* @param s stream
*/
void license_read_license_request_packet(rdpLicense* license, STREAM* s)
BOOL license_read_license_request_packet(rdpLicense* license, STREAM* s)
{
/* ServerRandom (32 bytes) */
if(stream_get_left(s) < 32)
return FALSE;
stream_read(s, license->server_random, 32);
/* ProductInfo */
license_read_product_info(s, license->product_info);
if (!license_read_product_info(s, license->product_info))
return FALSE;
/* KeyExchangeList */
license_read_binary_blob(s, license->key_exchange_list);
if (!license_read_binary_blob(s, license->key_exchange_list))
return FALSE;
/* ServerCertificate */
license_read_binary_blob(s, license->server_certificate);
if (!license_read_binary_blob(s, license->server_certificate))
return FALSE;
/* ScopeList */
license_read_scope_list(s, license->scope_list);
if (!license_read_scope_list(s, license->scope_list))
return FALSE;
/* Parse Server Certificate */
certificate_read_server_certificate(license->certificate,
license->server_certificate->data, license->server_certificate->length);
if (!certificate_read_server_certificate(license->certificate,
license->server_certificate->data, license->server_certificate->length))
return FALSE;
license_generate_keys(license);
license_generate_hwid(license);
license_encrypt_premaster_secret(license);
return TRUE;
}
/**
@ -641,10 +680,11 @@ void license_read_license_request_packet(rdpLicense* license, STREAM* s)
* @param s stream
*/
void license_read_platform_challenge_packet(rdpLicense* license, STREAM* s)
BOOL license_read_platform_challenge_packet(rdpLicense* license, STREAM* s)
{
DEBUG_LICENSE("Receiving Platform Challenge Packet");
if(stream_get_left(s) < 4)
return FALSE;
stream_seek(s, 4); /* ConnectFlags, Reserved (4 bytes) */
/* EncryptedPlatformChallenge */
@ -653,9 +693,11 @@ void license_read_platform_challenge_packet(rdpLicense* license, STREAM* s)
license->encrypted_platform_challenge->type = BB_ENCRYPTED_DATA_BLOB;
/* MACData (16 bytes) */
stream_seek(s, 16);
if(!stream_skip(s, 16))
return FALSE;
license_decrypt_platform_challenge(license);
return TRUE;
}
/**
@ -691,14 +733,17 @@ void license_read_upgrade_license_packet(rdpLicense* license, STREAM* s)
* @param s stream
*/
void license_read_error_alert_packet(rdpLicense* license, STREAM* s)
BOOL license_read_error_alert_packet(rdpLicense* license, STREAM* s)
{
UINT32 dwErrorCode;
UINT32 dwStateTransition;
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, dwErrorCode); /* dwErrorCode (4 bytes) */
stream_read_UINT32(s, dwStateTransition); /* dwStateTransition (4 bytes) */
license_read_binary_blob(s, license->error_info); /* bbErrorInfo */
if(!license_read_binary_blob(s, license->error_info)) /* bbErrorInfo */
return FALSE;
#ifdef WITH_DEBUG_LICENSE
printf("dwErrorCode: %s, dwStateTransition: %s\n",
@ -708,7 +753,7 @@ void license_read_error_alert_packet(rdpLicense* license, STREAM* s)
if (dwErrorCode == STATUS_VALID_CLIENT)
{
license->state = LICENSE_STATE_COMPLETED;
return;
return TRUE;
}
switch (dwStateTransition)
@ -731,6 +776,7 @@ void license_read_error_alert_packet(rdpLicense* license, STREAM* s)
default:
break;
}
return TRUE;
}
/**

12
libfreerdp/core/license.h
View File

@ -168,22 +168,22 @@ void license_decrypt_platform_challenge(rdpLicense* license);
PRODUCT_INFO* license_new_product_info();
void license_free_product_info(PRODUCT_INFO* productInfo);
void license_read_product_info(STREAM* s, PRODUCT_INFO* productInfo);
BOOL license_read_product_info(STREAM* s, PRODUCT_INFO* productInfo);
LICENSE_BLOB* license_new_binary_blob(UINT16 type);
void license_free_binary_blob(LICENSE_BLOB* blob);
void license_read_binary_blob(STREAM* s, LICENSE_BLOB* blob);
BOOL license_read_binary_blob(STREAM* s, LICENSE_BLOB* blob);
void license_write_binary_blob(STREAM* s, LICENSE_BLOB* blob);
SCOPE_LIST* license_new_scope_list();
void license_free_scope_list(SCOPE_LIST* scopeList);
void license_read_scope_list(STREAM* s, SCOPE_LIST* scopeList);
BOOL license_read_scope_list(STREAM* s, SCOPE_LIST* scopeList);
void license_read_license_request_packet(rdpLicense* license, STREAM* s);
void license_read_platform_challenge_packet(rdpLicense* license, STREAM* s);
BOOL license_read_license_request_packet(rdpLicense* license, STREAM* s);
BOOL license_read_platform_challenge_packet(rdpLicense* license, STREAM* s);
void license_read_new_license_packet(rdpLicense* license, STREAM* s);
void license_read_upgrade_license_packet(rdpLicense* license, STREAM* s);
void license_read_error_alert_packet(rdpLicense* license, STREAM* s);
BOOL license_read_error_alert_packet(rdpLicense* license, STREAM* s);
void license_write_new_license_request_packet(rdpLicense* license, STREAM* s);
void license_send_new_license_request_packet(rdpLicense* license);

114
libfreerdp/core/mcs.c
View File

@ -195,14 +195,16 @@ BOOL mcs_read_domain_mcspdu_header(STREAM* s, enum DomainMCSPDU* domainMCSPDU, U
{
BYTE choice;
enum DomainMCSPDU MCSPDU;
UINT16 li;
*length = tpkt_read_header(s);
if (tpdu_read_data(s) == 0)
if (!tpdu_read_data(s, &li))
return FALSE;
MCSPDU = *domainMCSPDU;
per_read_choice(s, &choice);
if(!per_read_choice(s, &choice))
return FALSE;
*domainMCSPDU = (choice >> 2);
if (*domainMCSPDU != MCSPDU)
@ -257,17 +259,16 @@ static void mcs_init_domain_parameters(DomainParameters* domainParameters,
BOOL mcs_read_domain_parameters(STREAM* s, DomainParameters* domainParameters)
{
int length;
ber_read_sequence_tag(s, &length);
ber_read_integer(s, &(domainParameters->maxChannelIds));
ber_read_integer(s, &(domainParameters->maxUserIds));
ber_read_integer(s, &(domainParameters->maxTokenIds));
ber_read_integer(s, &(domainParameters->numPriorities));
ber_read_integer(s, &(domainParameters->minThroughput));
ber_read_integer(s, &(domainParameters->maxHeight));
ber_read_integer(s, &(domainParameters->maxMCSPDUsize));
ber_read_integer(s, &(domainParameters->protocolVersion));
return TRUE;
return
ber_read_sequence_tag(s, &length) &&
ber_read_integer(s, &(domainParameters->maxChannelIds)) &&
ber_read_integer(s, &(domainParameters->maxUserIds)) &&
ber_read_integer(s, &(domainParameters->maxTokenIds)) &&
ber_read_integer(s, &(domainParameters->numPriorities)) &&
ber_read_integer(s, &(domainParameters->minThroughput)) &&
ber_read_integer(s, &(domainParameters->maxHeight)) &&
ber_read_integer(s, &(domainParameters->maxMCSPDUsize)) &&
ber_read_integer(s, &(domainParameters->protocolVersion));
}
/**
@ -325,24 +326,25 @@ void mcs_print_domain_parameters(DomainParameters* domainParameters)
BOOL mcs_recv_connect_initial(rdpMcs* mcs, STREAM* s)
{
UINT16 li;
int length;
BOOL upwardFlag;
tpkt_read_header(s);
if (tpdu_read_data(s) == 0)
if (!tpdu_read_data(s, &li))
return FALSE;
if (!ber_read_application_tag(s, MCS_TYPE_CONNECT_INITIAL, &length))
return FALSE;
/* callingDomainSelector (OCTET_STRING) */
if (!ber_read_octet_string_tag(s, &length))
if (!ber_read_octet_string_tag(s, &length) || stream_get_left(s) < length)
return FALSE;
stream_seek(s, length);
/* calledDomainSelector (OCTET_STRING) */
if (!ber_read_octet_string_tag(s, &length))
if (!ber_read_octet_string_tag(s, &length) || stream_get_left(s) < length)
return FALSE;
stream_seek(s, length);
@ -351,15 +353,18 @@ BOOL mcs_recv_connect_initial(rdpMcs* mcs, STREAM* s)
return FALSE;
/* targetParameters (DomainParameters) */
mcs_read_domain_parameters(s, &mcs->targetParameters);
if(!mcs_read_domain_parameters(s, &mcs->targetParameters))
return FALSE;
/* minimumParameters (DomainParameters) */
mcs_read_domain_parameters(s, &mcs->minimumParameters);
if(!mcs_read_domain_parameters(s, &mcs->minimumParameters))
return FALSE;
/* maximumParameters (DomainParameters) */
mcs_read_domain_parameters(s, &mcs->maximumParameters);
if(!mcs_read_domain_parameters(s, &mcs->maximumParameters))
return FALSE;
if (!ber_read_octet_string_tag(s, &length))
if (!ber_read_octet_string_tag(s, &length) || stream_get_left(s) < length)
return FALSE;
if (!gcc_read_conference_create_request(s, mcs->transport->settings))
@ -491,21 +496,22 @@ BOOL mcs_recv_connect_response(rdpMcs* mcs, STREAM* s)
{
int length;
BYTE result;
UINT16 li;
UINT32 calledConnectId;
tpkt_read_header(s);
if (tpdu_read_data(s) == 0)
if (!tpdu_read_data(s, &li))
return FALSE;
ber_read_application_tag(s, MCS_TYPE_CONNECT_RESPONSE, &length);
ber_read_enumerated(s, &result, MCS_Result_enum_length);
ber_read_integer(s, &calledConnectId);
if (!mcs_read_domain_parameters(s, &(mcs->domainParameters)))
if(!ber_read_application_tag(s, MCS_TYPE_CONNECT_RESPONSE, &length) ||
!ber_read_enumerated(s, &result, MCS_Result_enum_length) ||
!ber_read_integer(s, &calledConnectId) ||
!mcs_read_domain_parameters(s, &(mcs->domainParameters)) ||
!ber_read_octet_string_tag(s, &length))
{
return FALSE;
ber_read_octet_string_tag(s, &length);
}
if (!gcc_read_conference_create_response(s, mcs->transport->settings))
{
@ -571,10 +577,7 @@ BOOL mcs_recv_erect_domain_request(rdpMcs* mcs, STREAM* s)
enum DomainMCSPDU MCSPDU;
MCSPDU = DomainMCSPDU_ErectDomainRequest;
if (!mcs_read_domain_mcspdu_header(s, &MCSPDU, &length))
return FALSE;
return TRUE;
return mcs_read_domain_mcspdu_header(s, &MCSPDU, &length);
}
/**
@ -613,10 +616,7 @@ BOOL mcs_recv_attach_user_request(rdpMcs* mcs, STREAM* s)
enum DomainMCSPDU MCSPDU;
MCSPDU = DomainMCSPDU_AttachUserRequest;
if (!mcs_read_domain_mcspdu_header(s, &MCSPDU, &length))
return FALSE;
return TRUE;
return mcs_read_domain_mcspdu_header(s, &MCSPDU, &length);
}
/**
@ -652,13 +652,10 @@ BOOL mcs_recv_attach_user_confirm(rdpMcs* mcs, STREAM* s)
enum DomainMCSPDU MCSPDU;
MCSPDU = DomainMCSPDU_AttachUserConfirm;
if (!mcs_read_domain_mcspdu_header(s, &MCSPDU, &length))
return FALSE;
per_read_enumerated(s, &result, MCS_Result_enum_length); /* result */
per_read_integer16(s, &(mcs->user_id), MCS_BASE_CHANNEL_ID); /* initiator (UserId) */
return TRUE;
return
mcs_read_domain_mcspdu_header(s, &MCSPDU, &length) &&
per_read_enumerated(s, &result, MCS_Result_enum_length) && /* result */
per_read_integer16(s, &(mcs->user_id), MCS_BASE_CHANNEL_ID); /* initiator (UserId) */
}
/**
@ -699,17 +696,11 @@ BOOL mcs_recv_channel_join_request(rdpMcs* mcs, STREAM* s, UINT16* channel_id)
UINT16 user_id;
MCSPDU = DomainMCSPDU_ChannelJoinRequest;
if (!mcs_read_domain_mcspdu_header(s, &MCSPDU, &length))
return FALSE;
if (!per_read_integer16(s, &user_id, MCS_BASE_CHANNEL_ID))
return FALSE;
if (user_id != mcs->user_id)
return FALSE;
if (!per_read_integer16(s, channel_id, 0))
return FALSE;
return TRUE;
return
mcs_read_domain_mcspdu_header(s, &MCSPDU, &length) &&
per_read_integer16(s, &user_id, MCS_BASE_CHANNEL_ID) &&
(user_id == mcs->user_id) &&
per_read_integer16(s, channel_id, 0);
}
/**
@ -751,15 +742,12 @@ BOOL mcs_recv_channel_join_confirm(rdpMcs* mcs, STREAM* s, UINT16* channel_id)
enum DomainMCSPDU MCSPDU;
MCSPDU = DomainMCSPDU_ChannelJoinConfirm;
if (!mcs_read_domain_mcspdu_header(s, &MCSPDU, &length))
return FALSE;
per_read_enumerated(s, &result, MCS_Result_enum_length); /* result */
per_read_integer16(s, &initiator, MCS_BASE_CHANNEL_ID); /* initiator (UserId) */
per_read_integer16(s, &requested, 0); /* requested (ChannelId) */
per_read_integer16(s, channel_id, 0); /* channelId */
return TRUE;
return
mcs_read_domain_mcspdu_header(s, &MCSPDU, &length) &&
per_read_enumerated(s, &result, MCS_Result_enum_length) && /* result */
per_read_integer16(s, &initiator, MCS_BASE_CHANNEL_ID) && /* initiator (UserId) */
per_read_integer16(s, &requested, 0) && /* requested (ChannelId) */
per_read_integer16(s, channel_id, 0); /* channelId */
}
/**

15
libfreerdp/core/nego.c
View File

@ -465,7 +465,7 @@ BOOL nego_recv_response(rdpNego* nego)
STREAM* s = transport_recv_stream_init(nego->transport, 1024);
if (transport_read(nego->transport, s) < 0)
return -1;
return FALSE;
return ((nego_recv(nego->transport, s, nego) < 0) ? FALSE : TRUE);
}
@ -490,7 +490,8 @@ int nego_recv(rdpTransport* transport, STREAM* s, void* extra)
if (length == 0)
return -1;
li = tpdu_read_connection_confirm(s);
if(!tpdu_read_connection_confirm(s, &li))
return -1;
if (li > 6)
{
@ -562,7 +563,8 @@ BOOL nego_read_request(rdpNego* nego, STREAM* s)
BYTE type;
tpkt_read_header(s);
li = tpdu_read_connection_request(s);
if(!tpdu_read_connection_request(s, &li))
return FALSE;
if (li != stream_get_left(s) + 6)
{
@ -723,6 +725,13 @@ void nego_process_negotiation_response(rdpNego* nego, STREAM* s)
DEBUG_NEGO("RDP_NEG_RSP");
if (stream_get_left(s) < 7)
{
DEBUG_NEGO("RDP_INVALID_NEG_RSP");
nego->state = NEGO_STATE_FAIL;
return;
}
stream_read_BYTE(s, nego->flags);
stream_read_UINT16(s, length);
stream_read_UINT32(s, nego->selected_protocol);

25
libfreerdp/core/nla.c
View File

@ -1158,17 +1158,20 @@ int credssp_recv(rdpCredssp* credssp)
}
/* TSRequest */
ber_read_sequence_tag(s, &length);
ber_read_contextual_tag(s, 0, &length, TRUE);
ber_read_integer(s, &version);
if(!ber_read_sequence_tag(s, &length) ||
!ber_read_contextual_tag(s, 0, &length, TRUE) ||
!ber_read_integer(s, &version))
return -1;
/* [1] negoTokens (NegoData) */
if (ber_read_contextual_tag(s, 1, &length, TRUE) != FALSE)
{
ber_read_sequence_tag(s, &length); /* SEQUENCE OF NegoDataItem */
ber_read_sequence_tag(s, &length); /* NegoDataItem */
ber_read_contextual_tag(s, 0, &length, TRUE); /* [0] negoToken */
ber_read_octet_string_tag(s, &length); /* OCTET STRING */
if (!ber_read_sequence_tag(s, &length) || /* SEQUENCE OF NegoDataItem */
!ber_read_sequence_tag(s, &length) || /* NegoDataItem */
!ber_read_contextual_tag(s, 0, &length, TRUE) || /* [0] negoToken */
!ber_read_octet_string_tag(s, &length) || /* OCTET STRING */
stream_get_left(s) < length)
return -1;
sspi_SecBufferAlloc(&credssp->negoToken, length);
stream_read(s, credssp->negoToken.pvBuffer, length);
credssp->negoToken.cbBuffer = length;
@ -1177,7 +1180,9 @@ int credssp_recv(rdpCredssp* credssp)
/* [2] authInfo (OCTET STRING) */
if (ber_read_contextual_tag(s, 2, &length, TRUE) != FALSE)
{
ber_read_octet_string_tag(s, &length); /* OCTET STRING */
if(!ber_read_octet_string_tag(s, &length) || /* OCTET STRING */
stream_get_left(s) < length)
return -1;
sspi_SecBufferAlloc(&credssp->authInfo, length);
stream_read(s, credssp->authInfo.pvBuffer, length);
credssp->authInfo.cbBuffer = length;
@ -1186,7 +1191,9 @@ int credssp_recv(rdpCredssp* credssp)
/* [3] pubKeyAuth (OCTET STRING) */
if (ber_read_contextual_tag(s, 3, &length, TRUE) != FALSE)
{
ber_read_octet_string_tag(s, &length); /* OCTET STRING */
if(!ber_read_octet_string_tag(s, &length) || /* OCTET STRING */
stream_get_left(s) < length)
return -1;
sspi_SecBufferAlloc(&credssp->pubKeyAuth, length);
stream_read(s, credssp->pubKeyAuth.pvBuffer, length);
credssp->pubKeyAuth.cbBuffer = length;

1426
libfreerdp/core/orders.c
View File

File diff suppressed because it is too large Load Diff

82
libfreerdp/core/orders.h
View File

@ -186,48 +186,48 @@
BOOL update_recv_order(rdpUpdate* update, STREAM* s);
void update_read_dstblt_order(STREAM* s, ORDER_INFO* orderInfo, DSTBLT_ORDER* dstblt);
void update_read_patblt_order(STREAM* s, ORDER_INFO* orderInfo, PATBLT_ORDER* patblt);
void update_read_scrblt_order(STREAM* s, ORDER_INFO* orderInfo, SCRBLT_ORDER* scrblt);
void update_read_opaque_rect_order(STREAM* s, ORDER_INFO* orderInfo, OPAQUE_RECT_ORDER* opaque_rect);
void update_read_draw_nine_grid_order(STREAM* s, ORDER_INFO* orderInfo, DRAW_NINE_GRID_ORDER* draw_nine_grid);
void update_read_multi_dstblt_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_DSTBLT_ORDER* multi_dstblt);
void update_read_multi_patblt_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_PATBLT_ORDER* multi_patblt);
void update_read_multi_scrblt_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_SCRBLT_ORDER* multi_scrblt);
void update_read_multi_opaque_rect_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_OPAQUE_RECT_ORDER* multi_opaque_rect);
void update_read_multi_draw_nine_grid_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_DRAW_NINE_GRID_ORDER* multi_draw_nine_grid);
void update_read_line_to_order(STREAM* s, ORDER_INFO* orderInfo, LINE_TO_ORDER* line_to);
void update_read_polyline_order(STREAM* s, ORDER_INFO* orderInfo, POLYLINE_ORDER* polyline);
void update_read_memblt_order(STREAM* s, ORDER_INFO* orderInfo, MEMBLT_ORDER* memblt);
void update_read_mem3blt_order(STREAM* s, ORDER_INFO* orderInfo, MEM3BLT_ORDER* mem3blt);
void update_read_save_bitmap_order(STREAM* s, ORDER_INFO* orderInfo, SAVE_BITMAP_ORDER* save_bitmap);
void update_read_glyph_index_order(STREAM* s, ORDER_INFO* orderInfo, GLYPH_INDEX_ORDER* glyph_index);
void update_read_fast_index_order(STREAM* s, ORDER_INFO* orderInfo, FAST_INDEX_ORDER* fast_index);
void update_read_fast_glyph_order(STREAM* s, ORDER_INFO* orderInfo, FAST_GLYPH_ORDER* fast_glyph);
void update_read_polygon_sc_order(STREAM* s, ORDER_INFO* orderInfo, POLYGON_SC_ORDER* polygon_sc);
void update_read_polygon_cb_order(STREAM* s, ORDER_INFO* orderInfo, POLYGON_CB_ORDER* polygon_cb);
void update_read_ellipse_sc_order(STREAM* s, ORDER_INFO* orderInfo, ELLIPSE_SC_ORDER* ellipse_sc);
void update_read_ellipse_cb_order(STREAM* s, ORDER_INFO* orderInfo, ELLIPSE_CB_ORDER* ellipse_cb);
BOOL update_read_dstblt_order(STREAM* s, ORDER_INFO* orderInfo, DSTBLT_ORDER* dstblt);
BOOL update_read_patblt_order(STREAM* s, ORDER_INFO* orderInfo, PATBLT_ORDER* patblt);
BOOL update_read_scrblt_order(STREAM* s, ORDER_INFO* orderInfo, SCRBLT_ORDER* scrblt);
BOOL update_read_opaque_rect_order(STREAM* s, ORDER_INFO* orderInfo, OPAQUE_RECT_ORDER* opaque_rect);
BOOL update_read_draw_nine_grid_order(STREAM* s, ORDER_INFO* orderInfo, DRAW_NINE_GRID_ORDER* draw_nine_grid);
BOOL update_read_multi_dstblt_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_DSTBLT_ORDER* multi_dstblt);
BOOL update_read_multi_patblt_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_PATBLT_ORDER* multi_patblt);
BOOL update_read_multi_scrblt_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_SCRBLT_ORDER* multi_scrblt);
BOOL update_read_multi_opaque_rect_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_OPAQUE_RECT_ORDER* multi_opaque_rect);
BOOL update_read_multi_draw_nine_grid_order(STREAM* s, ORDER_INFO* orderInfo, MULTI_DRAW_NINE_GRID_ORDER* multi_draw_nine_grid);
BOOL update_read_line_to_order(STREAM* s, ORDER_INFO* orderInfo, LINE_TO_ORDER* line_to);
BOOL update_read_polyline_order(STREAM* s, ORDER_INFO* orderInfo, POLYLINE_ORDER* polyline);
BOOL update_read_memblt_order(STREAM* s, ORDER_INFO* orderInfo, MEMBLT_ORDER* memblt);
BOOL update_read_mem3blt_order(STREAM* s, ORDER_INFO* orderInfo, MEM3BLT_ORDER* mem3blt);
BOOL update_read_save_bitmap_order(STREAM* s, ORDER_INFO* orderInfo, SAVE_BITMAP_ORDER* save_bitmap);
BOOL update_read_glyph_index_order(STREAM* s, ORDER_INFO* orderInfo, GLYPH_INDEX_ORDER* glyph_index);
BOOL update_read_fast_index_order(STREAM* s, ORDER_INFO* orderInfo, FAST_INDEX_ORDER* fast_index);
BOOL update_read_fast_glyph_order(STREAM* s, ORDER_INFO* orderInfo, FAST_GLYPH_ORDER* fast_glyph);
BOOL update_read_polygon_sc_order(STREAM* s, ORDER_INFO* orderInfo, POLYGON_SC_ORDER* polygon_sc);
BOOL update_read_polygon_cb_order(STREAM* s, ORDER_INFO* orderInfo, POLYGON_CB_ORDER* polygon_cb);
BOOL update_read_ellipse_sc_order(STREAM* s, ORDER_INFO* orderInfo, ELLIPSE_SC_ORDER* ellipse_sc);
BOOL update_read_ellipse_cb_order(STREAM* s, ORDER_INFO* orderInfo, ELLIPSE_CB_ORDER* ellipse_cb);
void update_read_cache_bitmap_order(STREAM* s, CACHE_BITMAP_ORDER* cache_bitmap_order, BOOL compressed, UINT16 flags);
void update_read_cache_bitmap_v2_order(STREAM* s, CACHE_BITMAP_V2_ORDER* cache_bitmap_v2_order, BOOL compressed, UINT16 flags);
void update_read_cache_bitmap_v3_order(STREAM* s, CACHE_BITMAP_V3_ORDER* cache_bitmap_v3_order, BOOL compressed, UINT16 flags);
void update_read_cache_color_table_order(STREAM* s, CACHE_COLOR_TABLE_ORDER* cache_color_table_order, UINT16 flags);
void update_read_cache_glyph_order(STREAM* s, CACHE_GLYPH_ORDER* cache_glyph_order, UINT16 flags);
void update_read_cache_glyph_v2_order(STREAM* s, CACHE_GLYPH_V2_ORDER* cache_glyph_v2_order, UINT16 flags);
void update_read_cache_brush_order(STREAM* s, CACHE_BRUSH_ORDER* cache_brush_order, UINT16 flags);
BOOL update_read_cache_bitmap_order(STREAM* s, CACHE_BITMAP_ORDER* cache_bitmap_order, BOOL compressed, UINT16 flags);
BOOL update_read_cache_bitmap_v2_order(STREAM* s, CACHE_BITMAP_V2_ORDER* cache_bitmap_v2_order, BOOL compressed, UINT16 flags);
BOOL update_read_cache_bitmap_v3_order(STREAM* s, CACHE_BITMAP_V3_ORDER* cache_bitmap_v3_order, BOOL compressed, UINT16 flags);
BOOL update_read_cache_color_table_order(STREAM* s, CACHE_COLOR_TABLE_ORDER* cache_color_table_order, UINT16 flags);
BOOL update_read_cache_glyph_order(STREAM* s, CACHE_GLYPH_ORDER* cache_glyph_order, UINT16 flags);
BOOL update_read_cache_glyph_v2_order(STREAM* s, CACHE_GLYPH_V2_ORDER* cache_glyph_v2_order, UINT16 flags);
BOOL update_read_cache_brush_order(STREAM* s, CACHE_BRUSH_ORDER* cache_brush_order, UINT16 flags);
void update_read_create_offscreen_bitmap_order(STREAM* s, CREATE_OFFSCREEN_BITMAP_ORDER* create_offscreen_bitmap);
void update_read_switch_surface_order(STREAM* s, SWITCH_SURFACE_ORDER* switch_surface);
void update_read_create_nine_grid_bitmap_order(STREAM* s, CREATE_NINE_GRID_BITMAP_ORDER* create_nine_grid_bitmap);
void update_read_frame_marker_order(STREAM* s, FRAME_MARKER_ORDER* frame_marker);
void update_read_stream_bitmap_first_order(STREAM* s, STREAM_BITMAP_FIRST_ORDER* stream_bitmap_first);
void update_read_stream_bitmap_next_order(STREAM* s, STREAM_BITMAP_FIRST_ORDER* stream_bitmap_next);
void update_read_draw_gdiplus_first_order(STREAM* s, DRAW_GDIPLUS_FIRST_ORDER* draw_gdiplus_first);
void update_read_draw_gdiplus_next_order(STREAM* s, DRAW_GDIPLUS_NEXT_ORDER* draw_gdiplus_next);
void update_read_draw_gdiplus_end_order(STREAM* s, DRAW_GDIPLUS_END_ORDER* draw_gdiplus_end);
void update_read_draw_gdiplus_cache_first_order(STREAM* s, DRAW_GDIPLUS_CACHE_FIRST_ORDER* draw_gdiplus_cache_first);
void update_read_draw_gdiplus_cache_next_order(STREAM* s, DRAW_GDIPLUS_CACHE_NEXT_ORDER* draw_gdiplus_cache_next);
void update_read_draw_gdiplus_cache_end_order(STREAM* s, DRAW_GDIPLUS_CACHE_END_ORDER* draw_gdiplus_cache_end);
BOOL update_read_create_offscreen_bitmap_order(STREAM* s, CREATE_OFFSCREEN_BITMAP_ORDER* create_offscreen_bitmap);
BOOL update_read_switch_surface_order(STREAM* s, SWITCH_SURFACE_ORDER* switch_surface);
BOOL update_read_create_nine_grid_bitmap_order(STREAM* s, CREATE_NINE_GRID_BITMAP_ORDER* create_nine_grid_bitmap);
BOOL update_read_frame_marker_order(STREAM* s, FRAME_MARKER_ORDER* frame_marker);
BOOL update_read_stream_bitmap_first_order(STREAM* s, STREAM_BITMAP_FIRST_ORDER* stream_bitmap_first);
BOOL update_read_stream_bitmap_next_order(STREAM* s, STREAM_BITMAP_FIRST_ORDER* stream_bitmap_next);
BOOL update_read_draw_gdiplus_first_order(STREAM* s, DRAW_GDIPLUS_FIRST_ORDER* draw_gdiplus_first);
BOOL update_read_draw_gdiplus_next_order(STREAM* s, DRAW_GDIPLUS_NEXT_ORDER* draw_gdiplus_next);
BOOL update_read_draw_gdiplus_end_order(STREAM* s, DRAW_GDIPLUS_END_ORDER* draw_gdiplus_end);
BOOL update_read_draw_gdiplus_cache_first_order(STREAM* s, DRAW_GDIPLUS_CACHE_FIRST_ORDER* draw_gdiplus_cache_first);
BOOL update_read_draw_gdiplus_cache_next_order(STREAM* s, DRAW_GDIPLUS_CACHE_NEXT_ORDER* draw_gdiplus_cache_next);
BOOL update_read_draw_gdiplus_cache_end_order(STREAM* s, DRAW_GDIPLUS_CACHE_END_ORDER* draw_gdiplus_cache_end);
#endif /* __ORDERS_H */

9
libfreerdp/core/peer.c
View File

@ -190,7 +190,8 @@ static int peer_recv_tpkt_pdu(freerdp_peer* client, STREAM* s)
if (channelId != MCS_GLOBAL_CHANNEL_ID)
{
freerdp_channel_peer_process(client, s, channelId);
if(!freerdp_channel_peer_process(client, s, channelId))
return -1;
}
else
{
@ -223,7 +224,8 @@ static int peer_recv_fastpath_pdu(freerdp_peer* client, STREAM* s)
rdp = client->context->rdp;
fastpath = rdp->fastpath;
length = fastpath_read_header_rdp(fastpath, s);
if (!fastpath_read_header_rdp(fastpath, s, &length))
return -1;
if ((length == 0) || (length > stream_get_left(s)))
{
@ -233,7 +235,8 @@ static int peer_recv_fastpath_pdu(freerdp_peer* client, STREAM* s)
if (fastpath->encryptionFlags & FASTPATH_OUTPUT_ENCRYPTED)
{
rdp_decrypt(rdp, s, length, (fastpath->encryptionFlags & FASTPATH_OUTPUT_SECURE_CHECKSUM) ? SEC_SECURE_CHECKSUM : 0);
if(!rdp_decrypt(rdp, s, length, (fastpath->encryptionFlags & FASTPATH_OUTPUT_SECURE_CHECKSUM) ? SEC_SECURE_CHECKSUM : 0))
return -1;
}
return fastpath_recv_inputs(fastpath, s);

77
libfreerdp/core/rdp.c
View File

@ -77,11 +77,14 @@ static const char* const DATA_PDU_TYPE_STRINGS[] =
* @param flags security flags
*/
void rdp_read_security_header(STREAM* s, UINT16* flags)
BOOL rdp_read_security_header(STREAM* s, UINT16* flags)
{
/* Basic Security Header */
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT16(s, *flags); /* flags */
stream_seek(s, 2); /* flagsHi (unused) */
return TRUE;
}
/**
@ -100,6 +103,9 @@ void rdp_write_security_header(STREAM* s, UINT16 flags)
BOOL rdp_read_share_control_header(STREAM* s, UINT16* length, UINT16* type, UINT16* channel_id)
{
if(stream_get_left(s) < 2)
return FALSE;
/* Share Control Header */
stream_read_UINT16(s, *length); /* totalLength */
@ -256,11 +262,14 @@ BOOL rdp_read_header(rdpRdp* rdp, STREAM* s, UINT16* length, UINT16* channel_id)
return TRUE;
}
if(stream_get_left(s) < 5)
return FALSE;
per_read_integer16(s, &initiator, MCS_BASE_CHANNEL_ID); /* initiator (UserId) */
per_read_integer16(s, channel_id, 0); /* channelId */
stream_seek(s, 1); /* dataPriority + Segmentation (0x70) */
per_read_length(s, length); /* userData (OCTET_STRING) */
if(!per_read_length(s, length)) /* userData (OCTET_STRING) */
return FALSE;
if (*length > stream_get_left(s))
return FALSE;
@ -472,12 +481,15 @@ BOOL rdp_send_data_pdu(rdpRdp* rdp, STREAM* s, BYTE type, UINT16 channel_id)
return TRUE;
}
void rdp_recv_set_error_info_data_pdu(rdpRdp* rdp, STREAM* s)
BOOL rdp_recv_set_error_info_data_pdu(rdpRdp* rdp, STREAM* s)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, rdp->errorInfo); /* errorInfo (4 bytes) */
if (rdp->errorInfo != ERRINFO_SUCCESS)
rdp_print_errinfo(rdp->errorInfo);
return TRUE;
}
int rdp_recv_data_pdu(rdpRdp* rdp, STREAM* s)
@ -491,7 +503,8 @@ int rdp_recv_data_pdu(rdpRdp* rdp, STREAM* s)
UINT32 rlen;
STREAM* comp_stream;
rdp_read_share_data_header(s, &length, &type, &share_id, &compressed_type, &compressed_len);
if(!rdp_read_share_data_header(s, &length, &type, &share_id, &compressed_type, &compressed_len))
return -1;
comp_stream = s;
@ -526,25 +539,29 @@ int rdp_recv_data_pdu(rdpRdp* rdp, STREAM* s)
break;
case DATA_PDU_TYPE_CONTROL:
rdp_recv_server_control_pdu(rdp, comp_stream);
if (!rdp_recv_server_control_pdu(rdp, comp_stream))
return -1;
break;
case DATA_PDU_TYPE_POINTER:
update_recv_pointer(rdp->update, comp_stream);
if (!update_recv_pointer(rdp->update, comp_stream))
return -1;
break;
case DATA_PDU_TYPE_INPUT:
break;
case DATA_PDU_TYPE_SYNCHRONIZE:
rdp_recv_synchronize_pdu(rdp, comp_stream);
if(!rdp_recv_synchronize_pdu(rdp, comp_stream))
return -1;
break;
case DATA_PDU_TYPE_REFRESH_RECT:
break;
case DATA_PDU_TYPE_PLAY_SOUND:
update_recv_play_sound(rdp->update, comp_stream);
if (!update_recv_play_sound(rdp->update, comp_stream))
return -1;
break;
case DATA_PDU_TYPE_SUPPRESS_OUTPUT:
@ -557,14 +574,16 @@ int rdp_recv_data_pdu(rdpRdp* rdp, STREAM* s)
break;
case DATA_PDU_TYPE_SAVE_SESSION_INFO:
rdp_recv_save_session_info(rdp, comp_stream);
if(!rdp_recv_save_session_info(rdp, comp_stream))
return FALSE;
break;
case DATA_PDU_TYPE_FONT_LIST:
break;
case DATA_PDU_TYPE_FONT_MAP:
rdp_recv_font_map_pdu(rdp, comp_stream);
if(!rdp_recv_font_map_pdu(rdp, comp_stream))
return -1;
break;
case DATA_PDU_TYPE_SET_KEYBOARD_INDICATORS:
@ -583,7 +602,8 @@ int rdp_recv_data_pdu(rdpRdp* rdp, STREAM* s)
break;
case DATA_PDU_TYPE_SET_ERROR_INFO:
rdp_recv_set_error_info_data_pdu(rdp, comp_stream);
if (!rdp_recv_set_error_info_data_pdu(rdp, comp_stream))
return -1;
break;
case DATA_PDU_TYPE_DRAW_NINEGRID_ERROR:
@ -620,7 +640,8 @@ BOOL rdp_recv_out_of_sequence_pdu(rdpRdp* rdp, STREAM* s)
UINT16 length;
UINT16 channelId;
rdp_read_share_control_header(s, &length, &type, &channelId);
if(!rdp_read_share_control_header(s, &length, &type, &channelId))
return FALSE;
if (type == PDU_TYPE_DATA)
{
@ -628,8 +649,7 @@ BOOL rdp_recv_out_of_sequence_pdu(rdpRdp* rdp, STREAM* s)
}
else if (type == PDU_TYPE_SERVER_REDIRECTION)
{
rdp_recv_enhanced_security_redirection_packet(rdp, s);
return TRUE;
return rdp_recv_enhanced_security_redirection_packet(rdp, s);
}
else
{
@ -655,6 +675,9 @@ BOOL rdp_decrypt(rdpRdp* rdp, STREAM* s, int length, UINT16 securityFlags)
BYTE version, pad;
BYTE* sig;
if (stream_get_left(s) < 12)
return FALSE;
stream_read_UINT16(s, len); /* 0x10 */
stream_read_BYTE(s, version); /* 0x1 */
stream_read_BYTE(s, pad);
@ -681,6 +704,9 @@ BOOL rdp_decrypt(rdpRdp* rdp, STREAM* s, int length, UINT16 securityFlags)
return TRUE;
}
if (stream_get_left(s) < 8)
return FALSE;
stream_read(s, wmac, sizeof(wmac));
length -= sizeof(wmac);
security_decrypt(s->p, length, rdp);
@ -730,7 +756,8 @@ static int rdp_recv_tpkt_pdu(rdpRdp* rdp, STREAM* s)
if (rdp->settings->DisableEncryption)
{
rdp_read_security_header(s, &securityFlags);
if (!rdp_read_security_header(s, &securityFlags))
return -1;
if (securityFlags & (SEC_ENCRYPT | SEC_REDIRECTION_PKT))
{
@ -755,14 +782,18 @@ static int rdp_recv_tpkt_pdu(rdpRdp* rdp, STREAM* s)
if (channelId != MCS_GLOBAL_CHANNEL_ID)
{
freerdp_channel_process(rdp->instance, s, channelId);
if (!freerdp_channel_process(rdp->instance, s, channelId))
return -1;
}
else
{
while (stream_get_left(s) > 3)
{
stream_get_mark(s, nextp);
rdp_read_share_control_header(s, &pduLength, &pduType, &pduSource);
if (!rdp_read_share_control_header(s, &pduLength, &pduType, &pduSource))
return -1;
nextp += pduLength;
rdp->settings->PduSource = pduSource;
@ -783,7 +814,8 @@ static int rdp_recv_tpkt_pdu(rdpRdp* rdp, STREAM* s)
break;
case PDU_TYPE_SERVER_REDIRECTION:
rdp_recv_enhanced_security_redirection_packet(rdp, s);
if (!rdp_recv_enhanced_security_redirection_packet(rdp, s))
return -1;
break;
default:
@ -803,7 +835,9 @@ static int rdp_recv_fastpath_pdu(rdpRdp* rdp, STREAM* s)
rdpFastPath* fastpath;
fastpath = rdp->fastpath;
length = fastpath_read_header_rdp(fastpath, s);
if (!fastpath_read_header_rdp(fastpath, s, &length))
return -1;
if ((length == 0) || (length > stream_get_left(s)))
{
@ -813,7 +847,10 @@ static int rdp_recv_fastpath_pdu(rdpRdp* rdp, STREAM* s)
if (fastpath->encryptionFlags & FASTPATH_OUTPUT_ENCRYPTED)
{
rdp_decrypt(rdp, s, length, (fastpath->encryptionFlags & FASTPATH_OUTPUT_SECURE_CHECKSUM) ? SEC_SECURE_CHECKSUM : 0);
UINT16 flags = (fastpath->encryptionFlags & FASTPATH_OUTPUT_SECURE_CHECKSUM) ? SEC_SECURE_CHECKSUM : 0;
if (!rdp_decrypt(rdp, s, length, flags))
return -1;
}
return fastpath_recv_updates(rdp->fastpath, s);

2
libfreerdp/core/rdp.h
View File

@ -157,7 +157,7 @@ struct rdp_rdp
BOOL disconnect;
};
void rdp_read_security_header(STREAM* s, UINT16* flags);
BOOL rdp_read_security_header(STREAM* s, UINT16* flags);
void rdp_write_security_header(STREAM* s, UINT16 flags);
BOOL rdp_read_share_control_header(STREAM* s, UINT16* length, UINT16* type, UINT16* channel_id);

45
libfreerdp/core/redirection.c
View File

@ -67,6 +67,8 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s)
UINT16 length;
rdpRedirection* redirection = rdp->redirection;
if(stream_get_left(s) < 12)
return FALSE;
stream_read_UINT16(s, flags); /* flags (2 bytes) */
stream_read_UINT16(s, length); /* length (2 bytes) */
stream_read_UINT32(s, redirection->sessionID); /* sessionID (4 bytes) */
@ -80,13 +82,19 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s)
if (redirection->flags & LB_TARGET_NET_ADDRESS)
{
freerdp_string_read_length32(s, &redirection->targetNetAddress);
if(!freerdp_string_read_length32(s, &redirection->targetNetAddress))
return FALSE;
DEBUG_REDIR("targetNetAddress: %s", redirection->targetNetAddress.ascii);
}
if (redirection->flags & LB_LOAD_BALANCE_INFO)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, redirection->LoadBalanceInfoLength);
if(stream_get_left(s) < redirection->LoadBalanceInfoLength)
return FALSE;
redirection->LoadBalanceInfo = (BYTE*) malloc(redirection->LoadBalanceInfoLength);
stream_read(s, redirection->LoadBalanceInfo, redirection->LoadBalanceInfoLength);
#ifdef WITH_DEBUG_REDIR
@ -97,19 +105,23 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s)
if (redirection->flags & LB_USERNAME)
{
freerdp_string_read_length32(s, &redirection->username);
if(!freerdp_string_read_length32(s, &redirection->username))
return FALSE;
DEBUG_REDIR("username: %s", redirection->username.ascii);
}
if (redirection->flags & LB_DOMAIN)
{
freerdp_string_read_length32(s, &redirection->domain);
if(!freerdp_string_read_length32(s, &redirection->domain))
return FALSE;
DEBUG_REDIR("domain: %s", redirection->domain.ascii);
}
if (redirection->flags & LB_PASSWORD)
{
/* Note: length (hopefully) includes double zero termination */
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, redirection->PasswordCookieLength);
redirection->PasswordCookie = (BYTE*) malloc(redirection->PasswordCookieLength);
stream_read(s, redirection->PasswordCookie, redirection->PasswordCookieLength);
@ -122,19 +134,22 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s)
if (redirection->flags & LB_TARGET_FQDN)
{
freerdp_string_read_length32(s, &redirection->targetFQDN);
if(!freerdp_string_read_length32(s, &redirection->targetFQDN))
return FALSE;
DEBUG_REDIR("targetFQDN: %s", redirection->targetFQDN.ascii);
}
if (redirection->flags & LB_TARGET_NETBIOS_NAME)
{
freerdp_string_read_length32(s, &redirection->targetNetBiosName);
if(!freerdp_string_read_length32(s, &redirection->targetNetBiosName))
return FALSE;
DEBUG_REDIR("targetNetBiosName: %s", redirection->targetNetBiosName.ascii);
}
if (redirection->flags & LB_CLIENT_TSV_URL)
{
freerdp_string_read_length32(s, &redirection->tsvUrl);
if(!freerdp_string_read_length32(s, &redirection->tsvUrl))
return FALSE;
DEBUG_REDIR("tsvUrl: %s", redirection->tsvUrl.ascii);
}
@ -144,6 +159,8 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s)
UINT32 count;
UINT32 targetNetAddressesLength;
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, targetNetAddressesLength);
stream_read_UINT32(s, redirection->targetNetAddressesCount);
@ -154,12 +171,14 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s)
for (i = 0; i < (int) count; i++)
{
freerdp_string_read_length32(s, &redirection->targetNetAddresses[i]);
if(!freerdp_string_read_length32(s, &redirection->targetNetAddresses[i]))
return FALSE;
DEBUG_REDIR("targetNetAddresses: %s", (&redirection->targetNetAddresses[i])->ascii);
}
}
stream_seek(s, 8); /* pad (8 bytes) */
if (!stream_skip(s, 8)) /* pad (8 bytes) */
return FALSE;
if (redirection->flags & LB_NOREDIRECT)
return TRUE;
@ -169,16 +188,14 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s)
BOOL rdp_recv_redirection_packet(rdpRdp* rdp, STREAM* s)
{
rdp_recv_server_redirection_pdu(rdp, s);
return TRUE;
return rdp_recv_server_redirection_pdu(rdp, s);
}
BOOL rdp_recv_enhanced_security_redirection_packet(rdpRdp* rdp, STREAM* s)
{
stream_seek_UINT16(s); /* pad2Octets (2 bytes) */
rdp_recv_server_redirection_pdu(rdp, s);
stream_seek_BYTE(s); /* pad2Octets (1 byte) */
return TRUE;
return stream_skip(s, 2) && /* pad2Octets (2 bytes) */
rdp_recv_server_redirection_pdu(rdp, s) &&
stream_skip(s, 1); /* pad2Octets (1 byte) */
}
rdpRedirection* redirection_new()

44
libfreerdp/core/security.c
View File

@ -118,7 +118,8 @@ fips_oddparity_table[256] =
0xf8, 0xf8, 0xfb, 0xfb, 0xfd, 0xfd, 0xfe, 0xfe
};
static void security_salted_hash(BYTE* salt, BYTE* input, int length, BYTE* salt1, BYTE* salt2, BYTE* output)
static void security_salted_hash(const BYTE* salt, const BYTE* input, int length,
const BYTE* salt1, const BYTE* salt2, BYTE* output)
{
CryptoMd5 md5;
CryptoSha1 sha1;
@ -141,13 +142,14 @@ static void security_salted_hash(BYTE* salt, BYTE* input, int length, BYTE* salt
crypto_md5_final(md5, output);
}
static void security_premaster_hash(char* input, int length, BYTE* premaster_secret, BYTE* client_random, BYTE* server_random, BYTE* output)
static void security_premaster_hash(const char* input, int length, const BYTE* premaster_secret, const BYTE* client_random, const BYTE* server_random, BYTE* output)
{
/* PremasterHash(Input) = SaltedHash(PremasterSecret, Input, ClientRandom, ServerRandom) */
security_salted_hash(premaster_secret, (BYTE*)input, length, client_random, server_random, output);
}
void security_master_secret(BYTE* premaster_secret, BYTE* client_random, BYTE* server_random, BYTE* output)
void security_master_secret(const BYTE* premaster_secret, const BYTE* client_random,
const BYTE* server_random, BYTE* output)
{
/* MasterSecret = PremasterHash('A') + PremasterHash('BB') + PremasterHash('CCC') */
security_premaster_hash("A", 1, premaster_secret, client_random, server_random, &output[0]);
@ -155,13 +157,15 @@ void security_master_secret(BYTE* premaster_secret, BYTE* client_random, BYTE* s
security_premaster_hash("CCC", 3, premaster_secret, client_random, server_random, &output[32]);
}
static void security_master_hash(char* input, int length, BYTE* master_secret, BYTE* client_random, BYTE* server_random, BYTE* output)
static void security_master_hash(const char* input, int length, const BYTE* master_secret,
const BYTE* client_random, const BYTE* server_random, BYTE* output)
{
/* MasterHash(Input) = SaltedHash(MasterSecret, Input, ServerRandom, ClientRandom) */
security_salted_hash(master_secret, (BYTE*)input, length, server_random, client_random, output);
security_salted_hash(master_secret, (const BYTE*)input, length, server_random, client_random, output);
}
void security_session_key_blob(BYTE* master_secret, BYTE* client_random, BYTE* server_random, BYTE* output)
void security_session_key_blob(const BYTE* master_secret, const BYTE* client_random,
const BYTE* server_random, BYTE* output)
{
/* MasterHash = MasterHash('A') + MasterHash('BB') + MasterHash('CCC') */
security_master_hash("A", 1, master_secret, client_random, server_random, &output[0]);
@ -169,13 +173,14 @@ void security_session_key_blob(BYTE* master_secret, BYTE* client_random, BYTE* s
security_master_hash("CCC", 3, master_secret, client_random, server_random, &output[32]);
}
void security_mac_salt_key(BYTE* session_key_blob, BYTE* client_random, BYTE* server_random, BYTE* output)
void security_mac_salt_key(const BYTE* session_key_blob, const BYTE* client_random,
const BYTE* server_random, BYTE* output)
{
/* MacSaltKey = First128Bits(SessionKeyBlob) */
memcpy(output, session_key_blob, 16);
}
void security_md5_16_32_32(BYTE* in0, BYTE* in1, BYTE* in2, BYTE* output)
void security_md5_16_32_32(const BYTE* in0, const BYTE* in1, const BYTE* in2, BYTE* output)
{
CryptoMd5 md5;
@ -186,7 +191,8 @@ void security_md5_16_32_32(BYTE* in0, BYTE* in1, BYTE* in2, BYTE* output)
crypto_md5_final(md5, output);
}
void security_licensing_encryption_key(BYTE* session_key_blob, BYTE* client_random, BYTE* server_random, BYTE* output)
void security_licensing_encryption_key(const BYTE* session_key_blob, const BYTE* client_random,
const BYTE* server_random, BYTE* output)
{
/* LicensingEncryptionKey = MD5(Second128Bits(SessionKeyBlob) + ClientRandom + ServerRandom)) */
security_md5_16_32_32(&session_key_blob[16], client_random, server_random, output);
@ -200,7 +206,8 @@ void security_UINT32_le(BYTE* output, UINT32 value)
output[3] = (value >> 24) & 0xFF;
}
void security_mac_data(BYTE* mac_salt_key, BYTE* data, UINT32 length, BYTE* output)
void security_mac_data(const BYTE* mac_salt_key, const BYTE* data, UINT32 length,
BYTE* output)
{
CryptoMd5 md5;
CryptoSha1 sha1;
@ -227,7 +234,7 @@ void security_mac_data(BYTE* mac_salt_key, BYTE* data, UINT32 length, BYTE* outp
crypto_md5_final(md5, output);
}
void security_mac_signature(rdpRdp *rdp, BYTE* data, UINT32 length, BYTE* output)
void security_mac_signature(rdpRdp *rdp, const BYTE* data, UINT32 length, BYTE* output)
{
CryptoMd5 md5;
CryptoSha1 sha1;
@ -255,7 +262,8 @@ void security_mac_signature(rdpRdp *rdp, BYTE* data, UINT32 length, BYTE* output
memcpy(output, md5_digest, 8);
}
void security_salted_mac_signature(rdpRdp *rdp, BYTE* data, UINT32 length, BOOL encryption, BYTE* output)
void security_salted_mac_signature(rdpRdp *rdp, const BYTE* data, UINT32 length,
BOOL encryption, BYTE* output)
{
CryptoMd5 md5;
CryptoSha1 sha1;
@ -298,14 +306,16 @@ void security_salted_mac_signature(rdpRdp *rdp, BYTE* data, UINT32 length, BOOL
memcpy(output, md5_digest, 8);
}
static void security_A(BYTE* master_secret, BYTE* client_random, BYTE* server_random, BYTE* output)
static void security_A(BYTE* master_secret, const BYTE* client_random, BYTE* server_random,
BYTE* output)
{
security_premaster_hash("A", 1, master_secret, client_random, server_random, &output[0]);
security_premaster_hash("BB", 2, master_secret, client_random, server_random, &output[16]);
security_premaster_hash("CCC", 3, master_secret, client_random, server_random, &output[32]);
}
static void security_X(BYTE* master_secret, BYTE* client_random, BYTE* server_random, BYTE* output)
static void security_X(BYTE* master_secret, const BYTE* client_random, BYTE* server_random,
BYTE* output)
{
security_premaster_hash("X", 1, master_secret, client_random, server_random, &output[0]);
security_premaster_hash("YY", 2, master_secret, client_random, server_random, &output[16]);
@ -345,7 +355,7 @@ static void fips_expand_key_bits(BYTE* in, BYTE* out)
out[i] = fips_oddparity_table[fips_reverse_table[out[i]]];
}
BOOL security_establish_keys(BYTE* client_random, rdpRdp* rdp)
BOOL security_establish_keys(const BYTE* client_random, rdpRdp* rdp)
{
BYTE pre_master_secret[48];
BYTE master_secret[48];
@ -495,7 +505,7 @@ BOOL security_decrypt(BYTE* data, int length, rdpRdp* rdp)
return TRUE;
}
void security_hmac_signature(BYTE* data, int length, BYTE* output, rdpRdp* rdp)
void security_hmac_signature(const BYTE* data, int length, BYTE* output, rdpRdp* rdp)
{
BYTE buf[20];
BYTE use_count_le[4];
@ -523,7 +533,7 @@ BOOL security_fips_decrypt(BYTE* data, int length, rdpRdp* rdp)
return TRUE;
}
BOOL security_fips_check_signature(BYTE* data, int length, BYTE* sig, rdpRdp* rdp)
BOOL security_fips_check_signature(const BYTE* data, int length, const BYTE* sig, rdpRdp* rdp)
{
BYTE buf[20];
BYTE use_count_le[4];

20
libfreerdp/core/security.h
View File

@ -26,22 +26,22 @@
#include <freerdp/freerdp.h>
#include <freerdp/utils/stream.h>
void security_master_secret(BYTE* premaster_secret, BYTE* client_random, BYTE* server_random, BYTE* output);
void security_session_key_blob(BYTE* master_secret, BYTE* client_random, BYTE* server_random, BYTE* output);
void security_mac_salt_key(BYTE* session_key_blob, BYTE* client_random, BYTE* server_random, BYTE* output);
void security_licensing_encryption_key(BYTE* session_key_blob, BYTE* client_random, BYTE* server_random, BYTE* output);
void security_mac_data(BYTE* mac_salt_key, BYTE* data, UINT32 length, BYTE* output);
void security_master_secret(const BYTE* premaster_secret, const BYTE* client_random, const BYTE* server_random, BYTE* output);
void security_session_key_blob(const BYTE* master_secret, const BYTE* client_random, const BYTE* server_random, BYTE* output);
void security_mac_salt_key(const BYTE* session_key_blob, const BYTE* client_random, const BYTE* server_random, BYTE* output);
void security_licensing_encryption_key(const BYTE* session_key_blob, const BYTE* client_random, const BYTE* server_random, BYTE* output);
void security_mac_data(const BYTE* mac_salt_key, const BYTE* data, UINT32 length, BYTE* output);
void security_mac_signature(rdpRdp *rdp, BYTE* data, UINT32 length, BYTE* output);
void security_salted_mac_signature(rdpRdp *rdp, BYTE* data, UINT32 length, BOOL encryption, BYTE* output);
BOOL security_establish_keys(BYTE* client_random, rdpRdp* rdp);
void security_mac_signature(rdpRdp *rdp, const BYTE* data, UINT32 length, BYTE* output);
void security_salted_mac_signature(rdpRdp *rdp, const BYTE* data, UINT32 length, BOOL encryption, BYTE* output);
BOOL security_establish_keys(const BYTE* client_random, rdpRdp* rdp);
BOOL security_encrypt(BYTE* data, int length, rdpRdp* rdp);
BOOL security_decrypt(BYTE* data, int length, rdpRdp* rdp);
void security_hmac_signature(BYTE* data, int length, BYTE* output, rdpRdp* rdp);
void security_hmac_signature(const BYTE* data, int length, BYTE* output, rdpRdp* rdp);
BOOL security_fips_encrypt(BYTE* data, int length, rdpRdp* rdp);
BOOL security_fips_decrypt(BYTE* data, int length, rdpRdp* rdp);
BOOL security_fips_check_signature(BYTE* data, int length, BYTE* sig, rdpRdp* rdp);
BOOL security_fips_check_signature(const BYTE* data, int length, const BYTE* sig, rdpRdp* rdp);
#endif /* __SECURITY_H */

31
libfreerdp/core/surface.c
View File

@ -25,11 +25,14 @@
#include "surface.h"
static int update_recv_surfcmd_surface_bits(rdpUpdate* update, STREAM* s)
static int update_recv_surfcmd_surface_bits(rdpUpdate* update, STREAM* s, UINT32 *length)
{
int pos;
SURFACE_BITS_COMMAND* cmd = &update->surface_bits_command;
if (stream_get_left(s) < 20)
return -1;
stream_read_UINT16(s, cmd->destLeft);
stream_read_UINT16(s, cmd->destTop);
stream_read_UINT16(s, cmd->destRight);
@ -40,14 +43,19 @@ static int update_recv_surfcmd_surface_bits(rdpUpdate* update, STREAM* s)
stream_read_UINT16(s, cmd->width);
stream_read_UINT16(s, cmd->height);
stream_read_UINT32(s, cmd->bitmapDataLength);
if (stream_get_left(s) < cmd->bitmapDataLength)
return -1;
pos = stream_get_pos(s) + cmd->bitmapDataLength;
cmd->bitmapData = stream_get_tail(s);
IFCALL(update->SurfaceBits, update->context, cmd);
stream_set_pos(s, pos);
*length = 20 + cmd->bitmapDataLength;
return 20 + cmd->bitmapDataLength;
return 0;
}
static void update_send_frame_acknowledge(rdpRdp* rdp, UINT32 frameId)
@ -59,21 +67,28 @@ static void update_send_frame_acknowledge(rdpRdp* rdp, UINT32 frameId)
rdp_send_data_pdu(rdp, s, DATA_PDU_TYPE_FRAME_ACKNOWLEDGE, rdp->mcs->user_id);
}
static int update_recv_surfcmd_frame_marker(rdpUpdate* update, STREAM* s)
static int update_recv_surfcmd_frame_marker(rdpUpdate* update, STREAM* s, UINT32 *length)
{
SURFACE_FRAME_MARKER* marker = &update->surface_frame_marker;
if (stream_get_left(s) < 6)
return -1;
stream_read_UINT16(s, marker->frameAction);
stream_read_UINT32(s, marker->frameId);
IFCALL(update->SurfaceFrameMarker, update->context, marker);
if (update->context->rdp->settings->ReceivedCapabilities[CAPSET_TYPE_FRAME_ACKNOWLEDGE] && update->context->rdp->settings->FrameAcknowledge > 0 && marker->frameAction == SURFACECMD_FRAMEACTION_END)
if (update->context->rdp->settings->ReceivedCapabilities[CAPSET_TYPE_FRAME_ACKNOWLEDGE] &&
(update->context->rdp->settings->FrameAcknowledge > 0) &&
(marker->frameAction == SURFACECMD_FRAMEACTION_END))
{
update_send_frame_acknowledge(update->context->rdp, marker->frameId);
}
return 6;
*length = 6;
return 0;
}
int update_recv_surfcmds(rdpUpdate* update, UINT32 size, STREAM* s)
@ -93,11 +108,13 @@ int update_recv_surfcmds(rdpUpdate* update, UINT32 size, STREAM* s)
{
case CMDTYPE_SET_SURFACE_BITS:
case CMDTYPE_STREAM_SURFACE_BITS:
cmdLength = update_recv_surfcmd_surface_bits(update, s);
if (update_recv_surfcmd_surface_bits(update, s, &cmdLength) < 0)
return -1;
break;
case CMDTYPE_FRAME_MARKER:
cmdLength = update_recv_surfcmd_frame_marker(update, s);
if (update_recv_surfcmd_frame_marker(update, s, &cmdLength) < 0)
return -1;
break;
default:

4
libfreerdp/core/timezone.c
View File

@ -119,8 +119,8 @@ void rdp_write_client_time_zone(STREAM* s, rdpSettings* settings)
UINT32 bias;
INT32 sbias;
UINT32 bias2c;
WCHAR* standardName;
WCHAR* daylightName;
WCHAR* standardName = NULL;
WCHAR* daylightName = NULL;
int standardNameLength;
int daylightNameLength;
TIME_ZONE_INFO* clientTimeZone;

45
libfreerdp/core/tpdu.c
View File

@ -66,11 +66,12 @@
* @return TPDU length indicator (LI)
*/
BYTE tpdu_read_header(STREAM* s, BYTE* code)
BOOL tpdu_read_header(STREAM* s, BYTE* code, BYTE *li)
{
BYTE li;
if(stream_get_left(s) < 3)
return FALSE;
stream_read_BYTE(s, li); /* LI */
stream_read_BYTE(s, *li); /* LI */
stream_read_BYTE(s, *code); /* Code */
if (*code == X224_TPDU_DATA)
@ -83,10 +84,9 @@ BYTE tpdu_read_header(STREAM* s, BYTE* code)
/* DST-REF (2 bytes) */
/* SRC-REF (2 bytes) */
/* Class 0 (1 byte) */
stream_seek(s, 5);
return stream_skip(s, 5);
}
return li;
return TRUE;
}
/**
@ -119,20 +119,20 @@ void tpdu_write_header(STREAM* s, UINT16 length, BYTE code)
* @return length indicator (LI)
*/
BYTE tpdu_read_connection_request(STREAM* s)
BOOL tpdu_read_connection_request(STREAM* s, BYTE *li)
{
BYTE li;
BYTE code;
li = tpdu_read_header(s, &code);
if(!tpdu_read_header(s, &code, li))
return FALSE;
if (code != X224_TPDU_CONNECTION_REQUEST)
{
printf("Error: expected X224_TPDU_CONNECTION_REQUEST\n");
return 0;
return FALSE;
}
return li;
return TRUE;
}
/**
@ -152,20 +152,20 @@ void tpdu_write_connection_request(STREAM* s, UINT16 length)
* @return length indicator (LI)
*/
BYTE tpdu_read_connection_confirm(STREAM* s)
BOOL tpdu_read_connection_confirm(STREAM* s, BYTE *li)
{
BYTE li;
BYTE code;
li = tpdu_read_header(s, &code);
if(!tpdu_read_header(s, &code, li))
return FALSE;
if (code != X224_TPDU_CONNECTION_CONFIRM)
{
printf("Error: expected X224_TPDU_CONNECTION_CONFIRM\n");
return 0;
return FALSE;
}
return li;
return (stream_get_left(s) >= *li);
}
/**
@ -205,15 +205,16 @@ void tpdu_write_data(STREAM* s)
* @param s stream
*/
UINT16 tpdu_read_data(STREAM* s)
BOOL tpdu_read_data(STREAM* s, UINT16 *LI)
{
BYTE code;
UINT16 li;
BYTE li;
li = tpdu_read_header(s, &code);
if(!tpdu_read_header(s, &code, &li))
return FALSE;
if (code != X224_TPDU_DATA)
return 0;
return li;
return FALSE;
*LI = li;
return TRUE;
}

8
libfreerdp/core/tpdu.h
View File

@ -41,14 +41,14 @@ enum X224_TPDU_TYPE
#define TPDU_CONNECTION_CONFIRM_LENGTH (TPKT_HEADER_LENGTH + TPDU_CONNECTION_CONFIRM_HEADER_LENGTH)
#define TPDU_DISCONNECT_REQUEST_LENGTH (TPKT_HEADER_LENGTH + TPDU_DISCONNECT_REQUEST_HEADER_LENGTH)
BYTE tpdu_read_header(STREAM* s, BYTE* code);
BOOL tpdu_read_header(STREAM* s, BYTE* code, BYTE *li);
void tpdu_write_header(STREAM* s, UINT16 length, BYTE code);
BYTE tpdu_read_connection_request(STREAM* s);
BOOL tpdu_read_connection_request(STREAM* s, BYTE *li);
void tpdu_write_connection_request(STREAM* s, UINT16 length);
BYTE tpdu_read_connection_confirm(STREAM* s);
BOOL tpdu_read_connection_confirm(STREAM* s, BYTE *li);
void tpdu_write_connection_confirm(STREAM* s, UINT16 length);
void tpdu_write_disconnect_request(STREAM* s, UINT16 length);
UINT16 tpdu_read_data(STREAM* s);
BOOL tpdu_read_data(STREAM* s, UINT16 *li);
void tpdu_write_data(STREAM* s);
#endif /* __TPDU_H */

98
libfreerdp/core/update.c
View File

@ -44,6 +44,8 @@ BOOL update_recv_orders(rdpUpdate* update, STREAM* s)
{
UINT16 numberOrders;
if(stream_get_left(s) < 6)
return FALSE;
stream_seek_UINT16(s); /* pad2OctetsA (2 bytes) */
stream_read_UINT16(s, numberOrders); /* numberOrders (2 bytes) */
stream_seek_UINT16(s); /* pad2OctetsB (2 bytes) */
@ -58,8 +60,10 @@ BOOL update_recv_orders(rdpUpdate* update, STREAM* s)
return TRUE;
}
void update_read_bitmap_data(STREAM* s, BITMAP_DATA* bitmap_data)
BOOL update_read_bitmap_data(STREAM* s, BITMAP_DATA* bitmap_data)
{
if(stream_get_left(s) < 18)
return FALSE;
stream_read_UINT16(s, bitmap_data->destLeft);
stream_read_UINT16(s, bitmap_data->destTop);
stream_read_UINT16(s, bitmap_data->destRight);
@ -87,16 +91,20 @@ void update_read_bitmap_data(STREAM* s, BITMAP_DATA* bitmap_data)
}
else
{
if(stream_get_left(s) < bitmap_data->bitmapLength)
return FALSE;
bitmap_data->compressed = FALSE;
stream_get_mark(s, bitmap_data->bitmapDataStream);
stream_seek(s, bitmap_data->bitmapLength);
}
return TRUE;
}
void update_read_bitmap(rdpUpdate* update, STREAM* s, BITMAP_UPDATE* bitmap_update)
BOOL update_read_bitmap(rdpUpdate* update, STREAM* s, BITMAP_UPDATE* bitmap_update)
{
int i;
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, bitmap_update->number); /* numberRectangles (2 bytes) */
if (bitmap_update->number > bitmap_update->count)
@ -117,21 +125,28 @@ void update_read_bitmap(rdpUpdate* update, STREAM* s, BITMAP_UPDATE* bitmap_upda
/* rectangles */
for (i = 0; i < (int) bitmap_update->number; i++)
{
update_read_bitmap_data(s, &bitmap_update->rectangles[i]);
if (!update_read_bitmap_data(s, &bitmap_update->rectangles[i]))
return FALSE;
}
return TRUE;
}
void update_read_palette(rdpUpdate* update, STREAM* s, PALETTE_UPDATE* palette_update)
BOOL update_read_palette(rdpUpdate* update, STREAM* s, PALETTE_UPDATE* palette_update)
{
int i;
PALETTE_ENTRY* entry;
if(stream_get_left(s) < 6)
return FALSE;
stream_seek_UINT16(s); /* pad2Octets (2 bytes) */
stream_read_UINT32(s, palette_update->number); /* numberColors (4 bytes), must be set to 256 */
if (palette_update->number > 256)
palette_update->number = 256;
if(stream_get_left(s) < palette_update->number * 3)
return FALSE;
/* paletteEntries */
for (i = 0; i < (int) palette_update->number; i++)
{
@ -141,6 +156,7 @@ void update_read_palette(rdpUpdate* update, STREAM* s, PALETTE_UPDATE* palette_u
stream_read_BYTE(s, entry->green);
stream_read_BYTE(s, entry->red);
}
return TRUE;
}
void update_read_synchronize(rdpUpdate* update, STREAM* s)
@ -153,31 +169,45 @@ void update_read_synchronize(rdpUpdate* update, STREAM* s)
*/
}
void update_read_play_sound(STREAM* s, PLAY_SOUND_UPDATE* play_sound)
BOOL update_read_play_sound(STREAM* s, PLAY_SOUND_UPDATE* play_sound)
{
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, play_sound->duration); /* duration (4 bytes) */
stream_read_UINT32(s, play_sound->frequency); /* frequency (4 bytes) */
return TRUE;
}
void update_recv_play_sound(rdpUpdate* update, STREAM* s)
BOOL update_recv_play_sound(rdpUpdate* update, STREAM* s)
{
update_read_play_sound(s, &update->play_sound);
if(!update_read_play_sound(s, &update->play_sound))
return FALSE;
IFCALL(update->PlaySound, update->context, &update->play_sound);
return TRUE;
}
void update_read_pointer_position(STREAM* s, POINTER_POSITION_UPDATE* pointer_position)
BOOL update_read_pointer_position(STREAM* s, POINTER_POSITION_UPDATE* pointer_position)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT16(s, pointer_position->xPos); /* xPos (2 bytes) */
stream_read_UINT16(s, pointer_position->yPos); /* yPos (2 bytes) */
return TRUE;
}
void update_read_pointer_system(STREAM* s, POINTER_SYSTEM_UPDATE* pointer_system)
BOOL update_read_pointer_system(STREAM* s, POINTER_SYSTEM_UPDATE* pointer_system)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, pointer_system->type); /* systemPointerType (4 bytes) */
return TRUE;
}
void update_read_pointer_color(STREAM* s, POINTER_COLOR_UPDATE* pointer_color)
BOOL update_read_pointer_color(STREAM* s, POINTER_COLOR_UPDATE* pointer_color)
{
if(stream_get_left(s) < 14)
return FALSE;
stream_read_UINT16(s, pointer_color->cacheIndex); /* cacheIndex (2 bytes) */
stream_read_UINT16(s, pointer_color->xPos); /* xPos (2 bytes) */
stream_read_UINT16(s, pointer_color->yPos); /* yPos (2 bytes) */
@ -199,70 +229,88 @@ void update_read_pointer_color(STREAM* s, POINTER_COLOR_UPDATE* pointer_color)
if (pointer_color->lengthXorMask > 0)
{
if(stream_get_left(s) < pointer_color->lengthXorMask)
return FALSE;
pointer_color->xorMaskData = (BYTE*) malloc(pointer_color->lengthXorMask);
stream_read(s, pointer_color->xorMaskData, pointer_color->lengthXorMask);
}
if (pointer_color->lengthAndMask > 0)
{
if(stream_get_left(s) < pointer_color->lengthAndMask)
return FALSE;
pointer_color->andMaskData = (BYTE*) malloc(pointer_color->lengthAndMask);
stream_read(s, pointer_color->andMaskData, pointer_color->lengthAndMask);
}
if (stream_get_left(s) > 0)
stream_seek_BYTE(s); /* pad (1 byte) */
return TRUE;
}
void update_read_pointer_new(STREAM* s, POINTER_NEW_UPDATE* pointer_new)
BOOL update_read_pointer_new(STREAM* s, POINTER_NEW_UPDATE* pointer_new)
{
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, pointer_new->xorBpp); /* xorBpp (2 bytes) */
update_read_pointer_color(s, &pointer_new->colorPtrAttr); /* colorPtrAttr */
return update_read_pointer_color(s, &pointer_new->colorPtrAttr); /* colorPtrAttr */
}
void update_read_pointer_cached(STREAM* s, POINTER_CACHED_UPDATE* pointer_cached)
BOOL update_read_pointer_cached(STREAM* s, POINTER_CACHED_UPDATE* pointer_cached)
{
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, pointer_cached->cacheIndex); /* cacheIndex (2 bytes) */
return TRUE;
}
void update_recv_pointer(rdpUpdate* update, STREAM* s)
BOOL update_recv_pointer(rdpUpdate* update, STREAM* s)
{
UINT16 messageType;
rdpContext* context = update->context;
rdpPointerUpdate* pointer = update->pointer;
if(stream_get_left(s) < 2+2)
return FALSE;
stream_read_UINT16(s, messageType); /* messageType (2 bytes) */
stream_seek_UINT16(s); /* pad2Octets (2 bytes) */
switch (messageType)
{
case PTR_MSG_TYPE_POSITION:
update_read_pointer_position(s, &pointer->pointer_position);
if (!update_read_pointer_position(s, &pointer->pointer_position))
return FALSE;
IFCALL(pointer->PointerPosition, context, &pointer->pointer_position);
break;
case PTR_MSG_TYPE_SYSTEM:
update_read_pointer_system(s, &pointer->pointer_system);
if (!update_read_pointer_system(s, &pointer->pointer_system))
return FALSE;
IFCALL(pointer->PointerSystem, context, &pointer->pointer_system);
break;
case PTR_MSG_TYPE_COLOR:
update_read_pointer_color(s, &pointer->pointer_color);
if (!update_read_pointer_color(s, &pointer->pointer_color))
return FALSE;
IFCALL(pointer->PointerColor, context, &pointer->pointer_color);
break;
case PTR_MSG_TYPE_POINTER:
update_read_pointer_new(s, &pointer->pointer_new);
if (!update_read_pointer_new(s, &pointer->pointer_new))
return FALSE;
IFCALL(pointer->PointerNew, context, &pointer->pointer_new);
break;
case PTR_MSG_TYPE_CACHED:
update_read_pointer_cached(s, &pointer->pointer_cached);
if (!update_read_pointer_cached(s, &pointer->pointer_cached))
return FALSE;
IFCALL(pointer->PointerCached, context, &pointer->pointer_cached);
break;
default:
break;
}
return TRUE;
}
BOOL update_recv(rdpUpdate* update, STREAM* s)
@ -270,6 +318,8 @@ BOOL update_recv(rdpUpdate* update, STREAM* s)
UINT16 updateType;
rdpContext* context = update->context;
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, updateType); /* updateType (2 bytes) */
//printf("%s Update Data PDU\n", UPDATE_TYPE_STRINGS[updateType]);
@ -287,12 +337,14 @@ BOOL update_recv(rdpUpdate* update, STREAM* s)
break;
case UPDATE_TYPE_BITMAP:
update_read_bitmap(update, s, &update->bitmap_update);
if (!update_read_bitmap(update, s, &update->bitmap_update))
return FALSE;
IFCALL(update->BitmapUpdate, context, &update->bitmap_update);
break;
case UPDATE_TYPE_PALETTE:
update_read_palette(update, s, &update->palette_update);
if (!update_read_palette(update, s, &update->palette_update))
return FALSE;
IFCALL(update->Palette, context, &update->palette_update);
break;
@ -563,6 +615,8 @@ BOOL update_read_refresh_rect(rdpUpdate* update, STREAM* s)
stream_read_BYTE(s, numberOfAreas);
stream_seek(s, 3); /* pad3Octects */
if(stream_get_left(s) < numberOfAreas * 4 * 2)
return FALSE;
areas = (RECTANGLE_16*) malloc(sizeof(RECTANGLE_16) * numberOfAreas);
for (index = 0; index < numberOfAreas; index++)

18
libfreerdp/core/update.h
View File

@ -40,17 +40,17 @@ void update_free(rdpUpdate* update);
void update_free_bitmap(BITMAP_UPDATE* bitmap_update);
void update_reset_state(rdpUpdate* update);
void update_read_bitmap(rdpUpdate* update, STREAM* s, BITMAP_UPDATE* bitmap_update);
void update_read_palette(rdpUpdate* update, STREAM* s, PALETTE_UPDATE* palette_update);
void update_recv_play_sound(rdpUpdate* update, STREAM* s);
void update_recv_pointer(rdpUpdate* update, STREAM* s);
BOOL update_read_bitmap(rdpUpdate* update, STREAM* s, BITMAP_UPDATE* bitmap_update);
BOOL update_read_palette(rdpUpdate* update, STREAM* s, PALETTE_UPDATE* palette_update);
BOOL update_recv_play_sound(rdpUpdate* update, STREAM* s);
BOOL update_recv_pointer(rdpUpdate* update, STREAM* s);
BOOL update_recv(rdpUpdate* update, STREAM* s);
void update_read_pointer_position(STREAM* s, POINTER_POSITION_UPDATE* pointer_position);
void update_read_pointer_system(STREAM* s, POINTER_SYSTEM_UPDATE* pointer_system);
void update_read_pointer_color(STREAM* s, POINTER_COLOR_UPDATE* pointer_color);
void update_read_pointer_new(STREAM* s, POINTER_NEW_UPDATE* pointer_new);
void update_read_pointer_cached(STREAM* s, POINTER_CACHED_UPDATE* pointer_cached);
BOOL update_read_pointer_position(STREAM* s, POINTER_POSITION_UPDATE* pointer_position);
BOOL update_read_pointer_system(STREAM* s, POINTER_SYSTEM_UPDATE* pointer_system);
BOOL update_read_pointer_color(STREAM* s, POINTER_COLOR_UPDATE* pointer_color);
BOOL update_read_pointer_new(STREAM* s, POINTER_NEW_UPDATE* pointer_new);
BOOL update_read_pointer_cached(STREAM* s, POINTER_CACHED_UPDATE* pointer_cached);
BOOL update_read_refresh_rect(rdpUpdate* update, STREAM* s);
BOOL update_read_suppress_output(rdpUpdate* update, STREAM* s);

180
libfreerdp/core/window.c
View File

@ -28,8 +28,10 @@
#include "window.h"
void update_read_icon_info(STREAM* s, ICON_INFO* icon_info)
BOOL update_read_icon_info(STREAM* s, ICON_INFO* icon_info)
{
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT16(s, icon_info->cacheEntry); /* cacheEntry (2 bytes) */
stream_read_BYTE(s, icon_info->cacheId); /* cacheId (1 byte) */
stream_read_BYTE(s, icon_info->bpp); /* bpp (1 byte) */
@ -37,14 +39,22 @@ void update_read_icon_info(STREAM* s, ICON_INFO* icon_info)
stream_read_UINT16(s, icon_info->height); /* height (2 bytes) */
/* cbColorTable is only present when bpp is 1, 2 or 4 */
if (icon_info->bpp == 1 || icon_info->bpp == 2 || icon_info->bpp == 4)
if (icon_info->bpp == 1 || icon_info->bpp == 2 || icon_info->bpp == 4) {
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, icon_info->cbColorTable); /* cbColorTable (2 bytes) */
else
} else {
icon_info->cbColorTable = 0;
}
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT16(s, icon_info->cbBitsMask); /* cbBitsMask (2 bytes) */
stream_read_UINT16(s, icon_info->cbBitsColor); /* cbBitsColor (2 bytes) */
if(stream_get_left(s) < icon_info->cbBitsMask + icon_info->cbBitsColor)
return FALSE;
/* bitsMask */
if (icon_info->bitsMask == NULL)
icon_info->bitsMask = (BYTE*) malloc(icon_info->cbBitsMask);
@ -65,85 +75,122 @@ void update_read_icon_info(STREAM* s, ICON_INFO* icon_info)
else
icon_info->bitsColor = (BYTE*) realloc(icon_info->bitsColor, icon_info->cbBitsColor);
stream_read(s, icon_info->bitsColor, icon_info->cbBitsColor);
return TRUE;
}
void update_read_cached_icon_info(STREAM* s, CACHED_ICON_INFO* cached_icon_info)
BOOL update_read_cached_icon_info(STREAM* s, CACHED_ICON_INFO* cached_icon_info)
{
if(stream_get_left(s) < 3)
return FALSE;
stream_read_UINT16(s, cached_icon_info->cacheEntry); /* cacheEntry (2 bytes) */
stream_read_BYTE(s, cached_icon_info->cacheId); /* cacheId (1 byte) */
return TRUE;
}
void update_read_notify_icon_infotip(STREAM* s, NOTIFY_ICON_INFOTIP* notify_icon_infotip)
BOOL update_read_notify_icon_infotip(STREAM* s, NOTIFY_ICON_INFOTIP* notify_icon_infotip)
{
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, notify_icon_infotip->timeout); /* timeout (4 bytes) */
stream_read_UINT32(s, notify_icon_infotip->flags); /* infoFlags (4 bytes) */
rail_read_unicode_string(s, &notify_icon_infotip->text); /* infoTipText */
rail_read_unicode_string(s, &notify_icon_infotip->title); /* title */
return rail_read_unicode_string(s, &notify_icon_infotip->text) && /* infoTipText */
rail_read_unicode_string(s, &notify_icon_infotip->title); /* title */
}
void update_read_window_state_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, WINDOW_STATE_ORDER* window_state)
BOOL update_read_window_state_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, WINDOW_STATE_ORDER* window_state)
{
int i;
int size;
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_OWNER)
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_OWNER) {
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, window_state->ownerWindowId); /* ownerWindowId (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_STYLE)
{
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, window_state->style); /* style (4 bytes) */
stream_read_UINT32(s, window_state->extendedStyle); /* extendedStyle (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_SHOW)
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_SHOW) {
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, window_state->showState); /* showState (1 byte) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_TITLE)
rail_read_unicode_string(s, &window_state->titleInfo); /* titleInfo */
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_TITLE) {
if(!rail_read_unicode_string(s, &window_state->titleInfo)) /* titleInfo */
return FALSE;
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_CLIENT_AREA_OFFSET)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, window_state->clientOffsetX); /* clientOffsetX (4 bytes) */
stream_read_UINT32(s, window_state->clientOffsetY); /* clientOffsetY (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_CLIENT_AREA_SIZE)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, window_state->clientAreaWidth); /* clientAreaWidth (4 bytes) */
stream_read_UINT32(s, window_state->clientAreaHeight); /* clientAreaHeight (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_RP_CONTENT)
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_RP_CONTENT) {
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, window_state->RPContent); /* RPContent (1 byte) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_ROOT_PARENT)
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_ROOT_PARENT) {
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, window_state->rootParentHandle);/* rootParentHandle (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_WND_OFFSET)
{
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, window_state->windowOffsetX); /* windowOffsetX (4 bytes) */
stream_read_UINT32(s, window_state->windowOffsetY); /* windowOffsetY (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_WND_CLIENT_DELTA)
{
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, window_state->windowClientDeltaX); /* windowClientDeltaX (4 bytes) */
stream_read_UINT32(s, window_state->windowClientDeltaY); /* windowClientDeltaY (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_WND_SIZE)
{
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, window_state->windowWidth); /* windowWidth (4 bytes) */
stream_read_UINT32(s, window_state->windowHeight); /* windowHeight (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_WND_RECTS)
{
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, window_state->numWindowRects); /* numWindowRects (2 bytes) */
size = sizeof(RECTANGLE_16) * window_state->numWindowRects;
window_state->windowRects = (RECTANGLE_16*) malloc(size);
if(stream_get_left(s) < 8 * window_state->numWindowRects)
return FALSE;
/* windowRects */
for (i = 0; i < (int) window_state->numWindowRects; i++)
{
@ -156,17 +203,24 @@ void update_read_window_state_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, WIN
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_VIS_OFFSET)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, window_state->visibleOffsetX); /* visibleOffsetX (4 bytes) */
stream_read_UINT32(s, window_state->visibleOffsetY); /* visibleOffsetY (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_VISIBILITY)
{
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, window_state->numVisibilityRects); /* numVisibilityRects (2 bytes) */
size = sizeof(RECTANGLE_16) * window_state->numVisibilityRects;
window_state->visibilityRects = (RECTANGLE_16*) malloc(size);
if(stream_get_left(s) < window_state->numVisibilityRects * 8)
return FALSE;
/* visibilityRects */
for (i = 0; i < (int) window_state->numVisibilityRects; i++)
{
@ -176,19 +230,20 @@ void update_read_window_state_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, WIN
stream_read_UINT16(s, window_state->visibilityRects[i].bottom); /* bottom (2 bytes) */
}
}
return TRUE;
}
void update_read_window_icon_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, WINDOW_ICON_ORDER* window_icon)
BOOL update_read_window_icon_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, WINDOW_ICON_ORDER* window_icon)
{
window_icon->iconInfo = (ICON_INFO*) malloc(sizeof(ICON_INFO));
ZeroMemory(window_icon->iconInfo, sizeof(ICON_INFO));
update_read_icon_info(s, window_icon->iconInfo); /* iconInfo (ICON_INFO) */
return update_read_icon_info(s, window_icon->iconInfo); /* iconInfo (ICON_INFO) */
}
void update_read_window_cached_icon_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, WINDOW_CACHED_ICON_ORDER* window_cached_icon)
BOOL update_read_window_cached_icon_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, WINDOW_CACHED_ICON_ORDER* window_cached_icon)
{
update_read_cached_icon_info(s, &window_cached_icon->cachedIcon); /* cachedIcon (CACHED_ICON_INFO) */
return update_read_cached_icon_info(s, &window_cached_icon->cachedIcon); /* cachedIcon (CACHED_ICON_INFO) */
}
void update_read_window_delete_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo)
@ -196,23 +251,27 @@ void update_read_window_delete_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo)
/* window deletion event */
}
void update_recv_window_info_order(rdpUpdate* update, STREAM* s, WINDOW_ORDER_INFO* orderInfo)
BOOL update_recv_window_info_order(rdpUpdate* update, STREAM* s, WINDOW_ORDER_INFO* orderInfo)
{
rdpContext* context = update->context;
rdpWindowUpdate* window = update->window;
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, orderInfo->windowId); /* windowId (4 bytes) */
if (orderInfo->fieldFlags & WINDOW_ORDER_ICON)
{
DEBUG_WND("Window Icon Order");
update_read_window_icon_order(s, orderInfo, &window->window_icon);
if(!update_read_window_icon_order(s, orderInfo, &window->window_icon))
return FALSE;
IFCALL(window->WindowIcon, context, orderInfo, &window->window_icon);
}
else if (orderInfo->fieldFlags & WINDOW_ORDER_CACHED_ICON)
{
DEBUG_WND("Window Cached Icon Order");
update_read_window_cached_icon_order(s, orderInfo, &window->window_cached_icon);
if(!update_read_window_cached_icon_order(s, orderInfo, &window->window_cached_icon))
return FALSE;
IFCALL(window->WindowCachedIcon, context, orderInfo, &window->window_cached_icon);
}
else if (orderInfo->fieldFlags & WINDOW_ORDER_STATE_DELETED)
@ -224,34 +283,51 @@ void update_recv_window_info_order(rdpUpdate* update, STREAM* s, WINDOW_ORDER_IN
else
{
DEBUG_WND("Window State Order");
update_read_window_state_order(s, orderInfo, &window->window_state);
if(!update_read_window_state_order(s, orderInfo, &window->window_state))
return FALSE;
if (orderInfo->fieldFlags & WINDOW_ORDER_STATE_NEW)
IFCALL(window->WindowCreate, context, orderInfo, &window->window_state);
else
IFCALL(window->WindowUpdate, context, orderInfo, &window->window_state);
}
return TRUE;
}
void update_read_notification_icon_state_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, NOTIFY_ICON_STATE_ORDER* notify_icon_state)
BOOL update_read_notification_icon_state_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, NOTIFY_ICON_STATE_ORDER* notify_icon_state)
{
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_NOTIFY_VERSION)
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_NOTIFY_VERSION) {
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, notify_icon_state->version); /* version (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_NOTIFY_TIP)
rail_read_unicode_string(s, &notify_icon_state->toolTip); /* toolTip (UNICODE_STRING) */
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_NOTIFY_TIP) {
if(!rail_read_unicode_string(s, &notify_icon_state->toolTip)) /* toolTip (UNICODE_STRING) */
return FALSE;
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_NOTIFY_INFO_TIP)
update_read_notify_icon_infotip(s, &notify_icon_state->infoTip); /* infoTip (NOTIFY_ICON_INFOTIP) */
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_NOTIFY_INFO_TIP) {
if(!update_read_notify_icon_infotip(s, &notify_icon_state->infoTip)) /* infoTip (NOTIFY_ICON_INFOTIP) */
return FALSE;
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_NOTIFY_STATE)
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_NOTIFY_STATE) {
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, notify_icon_state->state); /* state (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_ICON)
update_read_icon_info(s, &notify_icon_state->icon); /* icon (ICON_INFO) */
if (orderInfo->fieldFlags & WINDOW_ORDER_ICON) {
if(!update_read_icon_info(s, &notify_icon_state->icon)) /* icon (ICON_INFO) */
return FALSE;
}
if (orderInfo->fieldFlags & WINDOW_ORDER_CACHED_ICON)
update_read_cached_icon_info(s, &notify_icon_state->cachedIcon); /* cachedIcon (CACHED_ICON_INFO) */
if (orderInfo->fieldFlags & WINDOW_ORDER_CACHED_ICON) {
if(!update_read_cached_icon_info(s, &notify_icon_state->cachedIcon)) /* cachedIcon (CACHED_ICON_INFO) */
return FALSE;
}
return TRUE;
}
void update_read_notification_icon_delete_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo)
@ -259,11 +335,13 @@ void update_read_notification_icon_delete_order(STREAM* s, WINDOW_ORDER_INFO* or
/* notification icon deletion event */
}
void update_recv_notification_icon_info_order(rdpUpdate* update, STREAM* s, WINDOW_ORDER_INFO* orderInfo)
BOOL update_recv_notification_icon_info_order(rdpUpdate* update, STREAM* s, WINDOW_ORDER_INFO* orderInfo)
{
rdpContext* context = update->context;
rdpWindowUpdate* window = update->window;
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, orderInfo->windowId); /* windowId (4 bytes) */
stream_read_UINT32(s, orderInfo->notifyIconId); /* notifyIconId (4 bytes) */
@ -276,27 +354,37 @@ void update_recv_notification_icon_info_order(rdpUpdate* update, STREAM* s, WIND
else
{
DEBUG_WND("Notification Icon State Order");
update_read_notification_icon_state_order(s, orderInfo, &window->notify_icon_state);
if(!update_read_notification_icon_state_order(s, orderInfo, &window->notify_icon_state))
return FALSE;
if (orderInfo->fieldFlags & WINDOW_ORDER_STATE_NEW)
IFCALL(window->NotifyIconCreate, context, orderInfo, &window->notify_icon_state);
else
IFCALL(window->NotifyIconUpdate, context, orderInfo, &window->notify_icon_state);
}
return TRUE;
}
void update_read_desktop_actively_monitored_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, MONITORED_DESKTOP_ORDER* monitored_desktop)
BOOL update_read_desktop_actively_monitored_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo, MONITORED_DESKTOP_ORDER* monitored_desktop)
{
int i;
int size;
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_DESKTOP_ACTIVE_WND)
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_DESKTOP_ACTIVE_WND) {
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, monitored_desktop->activeWindowId); /* activeWindowId (4 bytes) */
}
if (orderInfo->fieldFlags & WINDOW_ORDER_FIELD_DESKTOP_ZORDER)
{
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, monitored_desktop->numWindowIds); /* numWindowIds (1 byte) */
if(stream_get_left(s) < 4 * monitored_desktop->numWindowIds)
return FALSE;
size = sizeof(UINT32) * monitored_desktop->numWindowIds;
if (monitored_desktop->windowIds == NULL)
@ -310,6 +398,7 @@ void update_read_desktop_actively_monitored_order(STREAM* s, WINDOW_ORDER_INFO*
stream_read_UINT32(s, monitored_desktop->windowIds[i]);
}
}
return TRUE;
}
void update_read_desktop_non_monitored_order(STREAM* s, WINDOW_ORDER_INFO* orderInfo)
@ -317,7 +406,7 @@ void update_read_desktop_non_monitored_order(STREAM* s, WINDOW_ORDER_INFO* order
/* non-monitored desktop notification event */
}
void update_recv_desktop_info_order(rdpUpdate* update, STREAM* s, WINDOW_ORDER_INFO* orderInfo)
BOOL update_recv_desktop_info_order(rdpUpdate* update, STREAM* s, WINDOW_ORDER_INFO* orderInfo)
{
rdpContext* context = update->context;
rdpWindowUpdate* window = update->window;
@ -331,24 +420,29 @@ void update_recv_desktop_info_order(rdpUpdate* update, STREAM* s, WINDOW_ORDER_I
else
{
DEBUG_WND("Actively Monitored Desktop Order");
update_read_desktop_actively_monitored_order(s, orderInfo, &window->monitored_desktop);
if(!update_read_desktop_actively_monitored_order(s, orderInfo, &window->monitored_desktop))
return FALSE;
IFCALL(window->MonitoredDesktop, context, orderInfo, &window->monitored_desktop);
}
return TRUE;
}
void update_recv_altsec_window_order(rdpUpdate* update, STREAM* s)
BOOL update_recv_altsec_window_order(rdpUpdate* update, STREAM* s)
{
UINT16 orderSize;
rdpWindowUpdate* window = update->window;
if(stream_get_left(s) < 6)
return FALSE;
stream_read_UINT16(s, orderSize); /* orderSize (2 bytes) */
stream_read_UINT32(s, window->orderInfo.fieldFlags); /* FieldsPresentFlags (4 bytes) */
if (window->orderInfo.fieldFlags & WINDOW_ORDER_TYPE_WINDOW)
update_recv_window_info_order(update, s, &window->orderInfo);
return update_recv_window_info_order(update, s, &window->orderInfo);
else if (window->orderInfo.fieldFlags & WINDOW_ORDER_TYPE_NOTIFY)
update_recv_notification_icon_info_order(update, s, &window->orderInfo);
return update_recv_notification_icon_info_order(update, s, &window->orderInfo);
else if (window->orderInfo.fieldFlags & WINDOW_ORDER_TYPE_DESKTOP)
update_recv_desktop_info_order(update, s, &window->orderInfo);
return update_recv_desktop_info_order(update, s, &window->orderInfo);
return TRUE;
}

2
libfreerdp/core/window.h
View File

@ -25,7 +25,7 @@
#include <freerdp/utils/stream.h>
void update_recv_altsec_window_order(rdpUpdate* update, STREAM* s);
BOOL update_recv_altsec_window_order(rdpUpdate* update, STREAM* s);
#ifdef WITH_DEBUG_WND
#define DEBUG_WND(fmt, ...) DEBUG_CLASS(WND, fmt, ## __VA_ARGS__)

87
libfreerdp/crypto/ber.c
View File

@ -23,25 +23,33 @@
#include <freerdp/crypto/ber.h>
void ber_read_length(STREAM* s, int* length)
BOOL ber_read_length(STREAM* s, int* length)
{
BYTE byte;
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, byte);
if (byte & 0x80)
{
byte &= ~(0x80);
if(stream_get_left(s) < byte)
return FALSE;
if (byte == 1)
stream_read_BYTE(s, *length);
if (byte == 2)
else if (byte == 2)
stream_read_UINT16_be(s, *length);
else
return FALSE;
}
else
{
*length = byte;
}
return TRUE;
}
/**
@ -92,6 +100,8 @@ BOOL ber_read_universal_tag(STREAM* s, BYTE tag, BOOL pc)
{
BYTE byte;
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, byte);
if (byte != (BER_CLASS_UNIV | BER_PC(pc) | (BER_TAG_MASK & tag)))
@ -125,26 +135,32 @@ BOOL ber_read_application_tag(STREAM* s, BYTE tag, int* length)
if (tag > 30)
{
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, byte);
if (byte != ((BER_CLASS_APPL | BER_CONSTRUCT) | BER_TAG_MASK))
return FALSE;
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, byte);
if (byte != tag)
return FALSE;
ber_read_length(s, length);
return ber_read_length(s, length);
}
else
{
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, byte);
if (byte != ((BER_CLASS_APPL | BER_CONSTRUCT) | (BER_TAG_MASK & tag)))
return FALSE;
ber_read_length(s, length);
return ber_read_length(s, length);
}
return TRUE;
@ -176,6 +192,8 @@ BOOL ber_read_contextual_tag(STREAM* s, BYTE tag, int* length, BOOL pc)
{
BYTE byte;
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, byte);
if (byte != ((BER_CLASS_CTXT | BER_PC(pc)) | (BER_TAG_MASK & tag)))
@ -184,9 +202,7 @@ BOOL ber_read_contextual_tag(STREAM* s, BYTE tag, int* length, BOOL pc)
return FALSE;
}
ber_read_length(s, length);
return TRUE;
return ber_read_length(s, length);
}
int ber_write_contextual_tag(STREAM* s, BYTE tag, int length, BOOL pc)
@ -204,14 +220,14 @@ BOOL ber_read_sequence_tag(STREAM* s, int* length)
{
BYTE byte;
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, byte);
if (byte != ((BER_CLASS_UNIV | BER_CONSTRUCT) | (BER_TAG_SEQUENCE_OF)))
return FALSE;
ber_read_length(s, length);
return TRUE;
return ber_read_length(s, length);
}
/**
@ -240,14 +256,15 @@ BOOL ber_read_enumerated(STREAM* s, BYTE* enumerated, BYTE count)
{
int length;
ber_read_universal_tag(s, BER_TAG_ENUMERATED, FALSE);
ber_read_length(s, &length);
if (length == 1)
stream_read_BYTE(s, *enumerated);
else
if(!ber_read_universal_tag(s, BER_TAG_ENUMERATED, FALSE) ||
!ber_read_length(s, &length))
return FALSE;
if (length != 1 || stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, *enumerated);
/* check that enumerated value falls within expected range */
if (*enumerated + 1 > count)
return FALSE;
@ -264,10 +281,13 @@ void ber_write_enumerated(STREAM* s, BYTE enumerated, BYTE count)
BOOL ber_read_bit_string(STREAM* s, int* length, BYTE* padding)
{
ber_read_universal_tag(s, BER_TAG_BIT_STRING, FALSE);
ber_read_length(s, length);
stream_read_BYTE(s, *padding);
if(!ber_read_universal_tag(s, BER_TAG_BIT_STRING, FALSE) ||
!ber_read_length(s, length))
return FALSE;
if(stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, *padding);
return TRUE;
}
@ -287,9 +307,9 @@ void ber_write_octet_string(STREAM* s, const BYTE* oct_str, int length)
BOOL ber_read_octet_string_tag(STREAM* s, int* length)
{
ber_read_universal_tag(s, BER_TAG_OCTET_STRING, FALSE);
ber_read_length(s, length);
return TRUE;
return
ber_read_universal_tag(s, BER_TAG_OCTET_STRING, FALSE) &&
ber_read_length(s, length);
}
int ber_write_octet_string_tag(STREAM* s, int length)
@ -315,11 +335,13 @@ BOOL ber_read_BOOL(STREAM* s, BOOL* value)
int length;
BYTE v;
if (!ber_read_universal_tag(s, BER_TAG_BOOLEAN, FALSE))
if (!ber_read_universal_tag(s, BER_TAG_BOOLEAN, FALSE) ||
!ber_read_length(s, &length))
return FALSE;
ber_read_length(s, &length);
if (length != 1)
if (length != 1 || stream_get_left(s) < 1)
return FALSE;
stream_read_BYTE(s, v);
*value = (v ? TRUE : FALSE);
return TRUE;
@ -342,11 +364,16 @@ BOOL ber_read_integer(STREAM* s, UINT32* value)
{
int length;
ber_read_universal_tag(s, BER_TAG_INTEGER, FALSE);
ber_read_length(s, &length);
if(!ber_read_universal_tag(s, BER_TAG_INTEGER, FALSE) ||
!ber_read_length(s, &length) ||
stream_get_left(s) < length)
return FALSE;
if (value == NULL)
{
// even if we don't care the integer value, check the announced size
if(length < 1 || length > 4)
return FALSE;
stream_seek(s, length);
return TRUE;
}
@ -429,7 +456,7 @@ int ber_skip_integer(UINT32 value)
BOOL ber_read_integer_length(STREAM* s, int* length)
{
ber_read_universal_tag(s, BER_TAG_INTEGER, FALSE);
ber_read_length(s, length);
return TRUE;
return
ber_read_universal_tag(s, BER_TAG_INTEGER, FALSE) &&
ber_read_length(s, length);
}

6
libfreerdp/gdi/gdi.c
View File

@ -708,7 +708,7 @@ void gdi_surface_bits(rdpContext* context, SURFACE_BITS_COMMAND* surface_bits_co
tile_bitmap = (char*) malloc(32);
ZeroMemory(tile_bitmap, 32);
if (surface_bits_command->codecID == CODEC_ID_REMOTEFX)
if (surface_bits_command->codecID == RDP_CODEC_ID_REMOTEFX)
{
message = rfx_process_message(rfx_context,
surface_bits_command->bitmapData, surface_bits_command->bitmapDataLength);
@ -742,7 +742,7 @@ void gdi_surface_bits(rdpContext* context, SURFACE_BITS_COMMAND* surface_bits_co
gdi_SetNullClipRgn(gdi->primary->hdc);
rfx_message_free(rfx_context, message);
}
else if (surface_bits_command->codecID == CODEC_ID_NSCODEC)
else if (surface_bits_command->codecID == RDP_CODEC_ID_NSCODEC)
{
nsc_process_message(nsc_context, surface_bits_command->bpp, surface_bits_command->width, surface_bits_command->height,
surface_bits_command->bitmapData, surface_bits_command->bitmapDataLength);
@ -754,7 +754,7 @@ void gdi_surface_bits(rdpContext* context, SURFACE_BITS_COMMAND* surface_bits_co
freerdp_image_flip(nsc_context->bmpdata, gdi->image->bitmap->data, gdi->image->bitmap->width, gdi->image->bitmap->height, 32);
gdi_BitBlt(gdi->primary->hdc, surface_bits_command->destLeft, surface_bits_command->destTop, surface_bits_command->width, surface_bits_command->height, gdi->image->hdc, 0, 0, GDI_SRCCOPY);
}
else if (surface_bits_command->codecID == CODEC_ID_NONE)
else if (surface_bits_command->codecID == RDP_CODEC_ID_NONE)
{
gdi->image->bitmap->width = surface_bits_command->width;
gdi->image->bitmap->height = surface_bits_command->height;

6
libfreerdp/gdi/graphics.c
View File

@ -115,10 +115,10 @@ void gdi_Bitmap_Decompress(rdpContext* context, rdpBitmap* bitmap,
switch (codec_id)
{
case CODEC_ID_NSCODEC:
case RDP_CODEC_ID_NSCODEC:
printf("gdi_Bitmap_Decompress: nsc not done\n");
break;
case CODEC_ID_REMOTEFX:
case RDP_CODEC_ID_REMOTEFX:
gdi = context->gdi;
rfx_context_set_pixel_format(gdi->rfx_context, RDP_PIXEL_FORMAT_B8G8R8A8);
msg = rfx_process_message(gdi->rfx_context, data, length);
@ -143,7 +143,7 @@ void gdi_Bitmap_Decompress(rdpContext* context, rdpBitmap* bitmap,
rfx_message_free(gdi->rfx_context, msg);
}
break;
case CODEC_ID_JPEG:
case RDP_CODEC_ID_JPEG:
#ifdef WITH_JPEG
if (!jpeg_decompress(data, bitmap->data, width, height, length, bpp))
{

2
libfreerdp/utils/msusb.c
View File

@ -285,7 +285,7 @@ MSUSB_CONFIG_DESCRIPTOR* msusb_msconfig_read(BYTE* data, UINT32 data_size, UINT3
if (lenConfiguration != 0x9 || typeConfiguration != 0x2)
{
DEBUG("%s: len and type must be 0x9 and 0x2 , but it is 0x%x and 0x%x",
DEBUG_MSG("%s: len and type must be 0x9 and 0x2 , but it is 0x%x and 0x%x",
lenConfiguration, typeConfiguration);
}

7
libfreerdp/utils/rail.c
View File

@ -46,9 +46,13 @@ void rail_unicode_string_free(RAIL_UNICODE_STRING* unicode_string)
free(unicode_string->string);
}
void rail_read_unicode_string(STREAM* s, RAIL_UNICODE_STRING* unicode_string)
BOOL rail_read_unicode_string(STREAM* s, RAIL_UNICODE_STRING* unicode_string)
{
if(stream_get_left(s) < 2)
return FALSE;
stream_read_UINT16(s, unicode_string->length); /* cbString (2 bytes) */
if(stream_get_left(s) < unicode_string->length)
return FALSE;
if (unicode_string->string == NULL)
unicode_string->string = (BYTE*) malloc(unicode_string->length);
@ -56,6 +60,7 @@ void rail_read_unicode_string(STREAM* s, RAIL_UNICODE_STRING* unicode_string)
unicode_string->string = (BYTE*) realloc(unicode_string->string, unicode_string->length);
stream_read(s, unicode_string->string, unicode_string->length);
return TRUE;
}
void rail_write_unicode_string(STREAM* s, RAIL_UNICODE_STRING* unicode_string)

7
libfreerdp/utils/string.c
View File

@ -29,13 +29,18 @@
#include <freerdp/utils/string.h>
void freerdp_string_read_length32(STREAM* s, rdpString* string)
BOOL freerdp_string_read_length32(STREAM* s, rdpString* string)
{
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, string->length);
if(stream_get_left(s) < string->length)
return FALSE;
string->unicode = (char*) malloc(string->length);
stream_read(s, string->unicode, string->length);
ConvertFromUnicode(CP_UTF8, 0, (WCHAR*) string->unicode, string->length / 2, &string->ascii, 0, NULL, NULL);
return TRUE;
}
void freerdp_string_free(rdpString* string)

15
libfreerdp/utils/tcp.c
View File

@ -182,10 +182,14 @@ int freerdp_tcp_write(int sockfd, BYTE* data, int length)
int freerdp_tcp_wait_read(int sockfd)
{
fd_set fds;
if(sockfd<1)
{
printf("Invalid socket to watch: %d\n",sockfd);
return 0 ;
}
FD_ZERO(&fds);
FD_SET(sockfd, &fds);
select(1, &fds, NULL, NULL, NULL);
select(sockfd+1, &fds, NULL, NULL, NULL);
return 0;
}
@ -193,10 +197,15 @@ int freerdp_tcp_wait_read(int sockfd)
int freerdp_tcp_wait_write(int sockfd)
{
fd_set fds;
if(sockfd<1)
{
printf("Invalid socket to watch: %d\n",sockfd);
return 0;
}
FD_ZERO(&fds);
FD_SET(sockfd, &fds);
select(1, NULL, &fds, NULL, NULL);
select(sockfd+1, NULL, &fds, NULL, NULL);
return 0;
}

7
winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
View File

@ -309,9 +309,16 @@ void ntlm_construct_challenge_target_info(NTLM_CONTEXT* context)
UNICODE_STRING DnsDomainName;
UNICODE_STRING DnsComputerName;
NbDomainName.Buffer = NULL;
ntlm_get_target_computer_name(&NbDomainName, ComputerNameNetBIOS);
NbComputerName.Buffer = NULL;
ntlm_get_target_computer_name(&NbComputerName, ComputerNameNetBIOS);
DnsDomainName.Buffer = NULL;
ntlm_get_target_computer_name(&DnsDomainName, ComputerNameDnsDomain);
DnsComputerName.Buffer = NULL;
ntlm_get_target_computer_name(&DnsComputerName, ComputerNameDnsHostname);
AvPairsCount = 5;

2
winpr/libwinpr/sspi/sspi.c
View File

@ -457,7 +457,7 @@ SecurityFunctionTableW* sspi_GetSecurityFunctionTableWByNameW(const SEC_WCHAR* N
SecurityFunctionTableW* sspi_GetSecurityFunctionTableWByNameA(const SEC_CHAR* Name)
{
SEC_WCHAR* NameW;
SEC_WCHAR* NameW = NULL;
SecurityFunctionTableW* table;
ConvertToUnicode(CP_UTF8, 0, Name, -1, &NameW, 0);