libfreerdp: Fixed warnings, added assertions

libfreerdp/codec/bitmap.c

@@ -448,6 +448,7 @@ static INLINE UINT16 out_from_count_3(UINT16 in_count, wStream* in_s, const char
 	 ((!bicolor_spin && (pixel == bicolor1) && (last_pixel == bicolor2)) || \
 	  (bicolor_spin && (pixel == bicolor2) && (last_pixel == bicolor1))))
 #define RESET_COUNTS          \
+	do                        \
 	{                         \
 		bicolor_count = 0;    \
 		fill_count = 0;       \
@@ -456,7 +457,7 @@ static INLINE UINT16 out_from_count_3(UINT16 in_count, wStream* in_s, const char
 		fom_count = 0;        \
 		fom_mask_len = 0;     \
 		bicolor_spin = FALSE; \
-	}
+	} while (0)
 
 static SSIZE_T freerdp_bitmap_compress_24(const void* srcData, UINT32 width, UINT32 height,
                                           wStream* s, UINT32 byte_limit, UINT32 start_line,

libfreerdp/codec/nsc.c

@@ -303,9 +303,14 @@ static BOOL nsc_context_initialize(NSC_CONTEXT* context, wStream* s)
 }
 
 static void nsc_profiler_print(NSC_CONTEXT_PRIV* priv){
-	PROFILER_PRINT_HEADER PROFILER_PRINT(priv->prof_nsc_rle_decompress_data)
-	    PROFILER_PRINT(priv->prof_nsc_decode) PROFILER_PRINT(priv->prof_nsc_rle_compress_data)
-	        PROFILER_PRINT(priv->prof_nsc_encode) PROFILER_PRINT_FOOTER
+	WINPR_UNUSED(priv);
+
+	PROFILER_PRINT_HEADER
+	PROFILER_PRINT(priv->prof_nsc_rle_decompress_data)
+	PROFILER_PRINT(priv->prof_nsc_decode)
+	PROFILER_PRINT(priv->prof_nsc_rle_compress_data)
+	PROFILER_PRINT(priv->prof_nsc_encode)
+	PROFILER_PRINT_FOOTER
 }
 
 BOOL nsc_context_reset(NSC_CONTEXT* context, UINT32 width, UINT32 height)

libfreerdp/codec/nsc_sse2.c

@@ -385,6 +385,6 @@ void nsc_init_sse2(NSC_CONTEXT* context)
 	if (!IsProcessorFeaturePresent(PF_XMMI64_INSTRUCTIONS_AVAILABLE))
 		return;
 
-	PROFILER_RENAME(context->priv->prof_nsc_encode, "nsc_encode_sse2");
+	PROFILER_RENAME(context->priv->prof_nsc_encode, "nsc_encode_sse2")
 	context->encode = nsc_encode_sse2;
 }

libfreerdp/codec/rfx_rlgr.c

@@ -50,6 +50,7 @@
 
 /* Returns the least number of bits required to represent a given value */
 #define GetMinBits(_val, _nbits) \
+	do                           \
 	{                            \
 		UINT32 _v = _val;        \
 		_nbits = 0;              \
@@ -58,13 +59,14 @@
 			_v >>= 1;            \
 			_nbits++;            \
 		}                        \
-	}
+	} while (0)
 
 /*
  * Update the passed parameter and clamp it to the range [0, KPMAX]
  * Return the value of parameter right-shifted by LSGR
  */
 #define UpdateParam(_param, _deltaP, _k) \
+	do                                   \
 	{                                    \
 		_param += _deltaP;               \
 		if (_param > KPMAX)              \
@@ -72,7 +74,7 @@
 		if (_param < 0)                  \
 			_param = 0;                  \
 		_k = (_param >> LSGR);           \
-	}
+	} while (0)
 
 static BOOL g_LZCNT = FALSE;
 
@@ -558,6 +560,7 @@ int rfx_rlgr_decode(RLGR_MODE mode, const BYTE* pSrcData, UINT32 SrcSize, INT16*
 
 /* Returns the next coefficient (a signed int) to encode, from the input stream */
 #define GetNextInput(_n)   \
+	do                     \
 	{                      \
 		if (data_size > 0) \
 		{                  \
@@ -568,19 +571,20 @@ int rfx_rlgr_decode(RLGR_MODE mode, const BYTE* pSrcData, UINT32 SrcSize, INT16*
 		{                  \
 			_n = 0;        \
 		}                  \
-	}
+	} while (0)
 
 /* Emit bitPattern to the output bitstream */
 #define OutputBits(numBits, bitPattern) rfx_bitstream_put_bits(bs, bitPattern, numBits)
 
 /* Emit a bit (0 or 1), count number of times, to the output bitstream */
 #define OutputBit(count, bit)                                    \
+	do                                                           \
 	{                                                            \
 		UINT16 _b = (bit ? 0xFFFF : 0);                          \
 		int _c = (count);                                        \
 		for (; _c > 0; _c -= 16)                                 \
 			rfx_bitstream_put_bits(bs, _b, (_c > 16 ? 16 : _c)); \
-	}
+	} while (0)
 
 /* Converts the input value to (2 * abs(input) - sign(input)), where sign(input) = (input < 0 ? 1 :
  * 0) and returns it */

libfreerdp/codec/rfx_sse2.c

@@ -460,10 +460,10 @@ void rfx_init_sse2(RFX_CONTEXT* context)
 	if (!IsProcessorFeaturePresent(PF_XMMI64_INSTRUCTIONS_AVAILABLE))
 		return;
 
-	PROFILER_RENAME(context->priv->prof_rfx_quantization_decode, "rfx_quantization_decode_sse2");
-	PROFILER_RENAME(context->priv->prof_rfx_quantization_encode, "rfx_quantization_encode_sse2");
-	PROFILER_RENAME(context->priv->prof_rfx_dwt_2d_decode, "rfx_dwt_2d_decode_sse2");
-	PROFILER_RENAME(context->priv->prof_rfx_dwt_2d_encode, "rfx_dwt_2d_encode_sse2");
+	PROFILER_RENAME(context->priv->prof_rfx_quantization_decode, "rfx_quantization_decode_sse2")
+	PROFILER_RENAME(context->priv->prof_rfx_quantization_encode, "rfx_quantization_encode_sse2")
+	PROFILER_RENAME(context->priv->prof_rfx_dwt_2d_decode, "rfx_dwt_2d_decode_sse2")
+	PROFILER_RENAME(context->priv->prof_rfx_dwt_2d_encode, "rfx_dwt_2d_encode_sse2")
 	context->quantization_decode = rfx_quantization_decode_sse2;
 	context->quantization_encode = rfx_quantization_encode_sse2;
 	context->dwt_2d_decode = rfx_dwt_2d_decode_sse2;

libfreerdp/core/gateway/rdg.c

@@ -1128,7 +1128,12 @@ static BOOL rdg_set_ntlm_auth_header(rdpNtlm* ntlm, HttpRequest* request)
 	char* base64NtlmToken = NULL;
 
 	if (ntlmToken)
-		base64NtlmToken = crypto_base64_encode(ntlmToken->pvBuffer, ntlmToken->cbBuffer);
+	{
+		if (ntlmToken->cbBuffer > INT_MAX)
+			return FALSE;
+
+		base64NtlmToken = crypto_base64_encode(ntlmToken->pvBuffer, (int)ntlmToken->cbBuffer);
+	}
 
 	if (base64NtlmToken)
 	{

libfreerdp/core/gcc.c

@@ -25,6 +25,7 @@
 
 #include <winpr/crt.h>
 #include <winpr/crypto.h>
+#include <winpr/assert.h>
 
 #include <freerdp/log.h>
 
@@ -1329,7 +1330,7 @@ const BYTE tssk_exponent[] = { 0x5b, 0x7b, 0x88, 0xc0 };
 BOOL gcc_write_server_security_data(wStream* s, rdpMcs* mcs)
 {
 	BYTE* sigData;
-	int expLen, keyLen, sigDataLen;
+	size_t expLen, keyLen, sigDataLen;
 	BYTE encryptedSignature[TSSK_KEY_LENGTH];
 	BYTE signature[sizeof(initial_signature)];
 	UINT32 headerLen, serverRandomLen, serverCertLen, wPublicKeyBlobLen;
@@ -1529,9 +1530,11 @@ BOOL gcc_write_server_security_data(wStream* s, rdpMcs* mcs)
 	Stream_Write_UINT16(s, BB_RSA_KEY_BLOB);      /* wPublicKeyBlobType */
 	Stream_Write_UINT16(s, wPublicKeyBlobLen);    /* wPublicKeyBlobLen */
 	Stream_Write(s, "RSA1", 4);                   /* magic */
-	Stream_Write_UINT32(s, keyLen + 8);           /* keylen */
-	Stream_Write_UINT32(s, keyLen * 8);           /* bitlen */
-	Stream_Write_UINT32(s, keyLen - 1);           /* datalen */
+	WINPR_ASSERT(keyLen > 0);
+	WINPR_ASSERT(keyLen <= UINT32_MAX / 8);
+	Stream_Write_UINT32(s, (UINT32)keyLen + 8); /* keylen */
+	Stream_Write_UINT32(s, (UINT32)keyLen * 8); /* bitlen */
+	Stream_Write_UINT32(s, (UINT32)keyLen - 1); /* datalen */
 	Stream_Write(s, settings->RdpServerRsaKey->exponent, expLen);
 	Stream_Write(s, settings->RdpServerRsaKey->Modulus, keyLen);
 	Stream_Zero(s, 8);

libfreerdp/core/rdp.h

@@ -166,7 +166,7 @@ struct rdp_rdp
 	BYTE encrypt_key[16];
 	BYTE decrypt_update_key[16];
 	BYTE encrypt_update_key[16];
-	int rc4_key_len;
+	size_t rc4_key_len;
 	BYTE fips_sign_key[20];
 	BYTE fips_encrypt_key[24];
 	BYTE fips_decrypt_key[24];

libfreerdp/core/security.c

@@ -82,8 +82,8 @@ static const BYTE fips_oddparity_table[256] = {
 	0xf1, 0xf1, 0xf2, 0xf2, 0xf4, 0xf4, 0xf7, 0xf7, 0xf8, 0xf8, 0xfb, 0xfb, 0xfd, 0xfd, 0xfe, 0xfe
 };
 
-static BOOL security_salted_hash(const BYTE* salt, const BYTE* input, int length, const BYTE* salt1,
-                                 const BYTE* salt2, BYTE* output)
+static BOOL security_salted_hash(const BYTE* salt, const BYTE* input, size_t length,
+                                 const BYTE* salt1, const BYTE* salt2, BYTE* output)
 {
 	WINPR_DIGEST_CTX* sha1 = NULL;
 	WINPR_DIGEST_CTX* md5 = NULL;
@@ -650,7 +650,7 @@ BOOL security_establish_keys(const BYTE* client_random, rdpRdp* rdp)
 	return TRUE;
 }
 
-static BOOL security_key_update(BYTE* key, BYTE* update_key, int key_len, rdpRdp* rdp)
+static BOOL security_key_update(BYTE* key, BYTE* update_key, size_t key_len, rdpRdp* rdp)
 {
 	BYTE sha1h[WINPR_SHA1_DIGEST_LENGTH];
 	WINPR_DIGEST_CTX* sha1 = NULL;

libfreerdp/crypto/certificate.c

@@ -325,7 +325,7 @@ static WCHAR* certificate_get_cert_file_name(rdpCertificateStore* store,
 	size_t x, offset = 0;
 	char* pem = NULL;
 	WCHAR* wpem = NULL;
-	WINPR_DIGEST_CTX* ctx;
+	WINPR_DIGEST_CTX* ctx = NULL;
 	BYTE hash[WINPR_SHA3_256_DIGEST_LENGTH] = { 0 };
 	char fname[WINPR_SHA3_256_DIGEST_LENGTH * 2 + 6] = { 0 };
 
@@ -339,7 +339,7 @@ static WCHAR* certificate_get_cert_file_name(rdpCertificateStore* store,
 		goto fail;
 	if (!winpr_Digest_Update(ctx, (const BYTE*)data->hostname, strlen(data->hostname)))
 		goto fail;
-	if (!winpr_Digest_Update(ctx, (BYTE*)&data->port, sizeof(data->port)))
+	if (!winpr_Digest_Update(ctx, (const BYTE*)&data->port, sizeof(data->port)))
 		goto fail;
 	if (!winpr_Digest_Final(ctx, hash, sizeof(hash)))
 		goto fail;

libfreerdp/gdi/gfx.c

@@ -1538,7 +1538,7 @@ BOOL gdi_graphics_pipeline_init_ex(rdpGdi* gdi, RdpgfxClientContext* gfx,
 	freerdp_client_codecs_prepare(gfx->codecs, FREERDP_CODEC_ALL, context->settings->DesktopWidth,
 	                              context->settings->DesktopHeight);
 	InitializeCriticalSection(&gfx->mux);
-	PROFILER_CREATE(gfx->SurfaceProfiler, "GFX-PROFILER");
+	PROFILER_CREATE(gfx->SurfaceProfiler, "GFX-PROFILER")
 
 	/**
 	 * gdi->graphicsReset will be removed in FreeRDP v3 from public headers,