From 09111c9270f9a12427a4da6cf60e9143a6472ca5 Mon Sep 17 00:00:00 2001
From: Armin Novak <armin.novak@thincast.com>
Date: Fri, 18 Jun 2021 09:58:46 +0200
Subject: [PATCH] libfreerdp: Fixed warnings, added assertions

---
 libfreerdp/codec/bitmap.c       |  3 ++-
 libfreerdp/codec/nsc.c          | 11 ++++++++---
 libfreerdp/codec/nsc_sse2.c     |  2 +-
 libfreerdp/codec/rfx_rlgr.c     | 12 ++++++++----
 libfreerdp/codec/rfx_sse2.c     |  8 ++++----
 libfreerdp/core/gateway/rdg.c   |  7 ++++++-
 libfreerdp/core/gcc.c           | 11 +++++++----
 libfreerdp/core/rdp.h           |  2 +-
 libfreerdp/core/security.c      |  6 +++---
 libfreerdp/crypto/certificate.c |  4 ++--
 libfreerdp/gdi/gfx.c            |  2 +-
 11 files changed, 43 insertions(+), 25 deletions(-)

diff --git a/libfreerdp/codec/bitmap.c b/libfreerdp/codec/bitmap.c
index 546da6dc7..43979d720 100644
--- a/libfreerdp/codec/bitmap.c
+++ b/libfreerdp/codec/bitmap.c
@@ -448,6 +448,7 @@ static INLINE UINT16 out_from_count_3(UINT16 in_count, wStream* in_s, const char
 	 ((!bicolor_spin && (pixel == bicolor1) && (last_pixel == bicolor2)) || \
 	  (bicolor_spin && (pixel == bicolor2) && (last_pixel == bicolor1))))
 #define RESET_COUNTS          \
+	do                        \
 	{                         \
 		bicolor_count = 0;    \
 		fill_count = 0;       \
@@ -456,7 +457,7 @@ static INLINE UINT16 out_from_count_3(UINT16 in_count, wStream* in_s, const char
 		fom_count = 0;        \
 		fom_mask_len = 0;     \
 		bicolor_spin = FALSE; \
-	}
+	} while (0)
 
 static SSIZE_T freerdp_bitmap_compress_24(const void* srcData, UINT32 width, UINT32 height,
                                           wStream* s, UINT32 byte_limit, UINT32 start_line,
diff --git a/libfreerdp/codec/nsc.c b/libfreerdp/codec/nsc.c
index dc3a978ed..d570c0a88 100644
--- a/libfreerdp/codec/nsc.c
+++ b/libfreerdp/codec/nsc.c
@@ -303,9 +303,14 @@ static BOOL nsc_context_initialize(NSC_CONTEXT* context, wStream* s)
 }
 
 static void nsc_profiler_print(NSC_CONTEXT_PRIV* priv){
-	PROFILER_PRINT_HEADER PROFILER_PRINT(priv->prof_nsc_rle_decompress_data)
-	    PROFILER_PRINT(priv->prof_nsc_decode) PROFILER_PRINT(priv->prof_nsc_rle_compress_data)
-	        PROFILER_PRINT(priv->prof_nsc_encode) PROFILER_PRINT_FOOTER
+	WINPR_UNUSED(priv);
+
+	PROFILER_PRINT_HEADER
+	PROFILER_PRINT(priv->prof_nsc_rle_decompress_data)
+	PROFILER_PRINT(priv->prof_nsc_decode)
+	PROFILER_PRINT(priv->prof_nsc_rle_compress_data)
+	PROFILER_PRINT(priv->prof_nsc_encode)
+	PROFILER_PRINT_FOOTER
 }
 
 BOOL nsc_context_reset(NSC_CONTEXT* context, UINT32 width, UINT32 height)
diff --git a/libfreerdp/codec/nsc_sse2.c b/libfreerdp/codec/nsc_sse2.c
index 7f101652d..bbf1cfb5e 100644
--- a/libfreerdp/codec/nsc_sse2.c
+++ b/libfreerdp/codec/nsc_sse2.c
@@ -385,6 +385,6 @@ void nsc_init_sse2(NSC_CONTEXT* context)
 	if (!IsProcessorFeaturePresent(PF_XMMI64_INSTRUCTIONS_AVAILABLE))
 		return;
 
-	PROFILER_RENAME(context->priv->prof_nsc_encode, "nsc_encode_sse2");
+	PROFILER_RENAME(context->priv->prof_nsc_encode, "nsc_encode_sse2")
 	context->encode = nsc_encode_sse2;
 }
diff --git a/libfreerdp/codec/rfx_rlgr.c b/libfreerdp/codec/rfx_rlgr.c
index a0d2c95a7..d3c8398bf 100644
--- a/libfreerdp/codec/rfx_rlgr.c
+++ b/libfreerdp/codec/rfx_rlgr.c
@@ -50,6 +50,7 @@
 
 /* Returns the least number of bits required to represent a given value */
 #define GetMinBits(_val, _nbits) \
+	do                           \
 	{                            \
 		UINT32 _v = _val;        \
 		_nbits = 0;              \
@@ -58,13 +59,14 @@
 			_v >>= 1;            \
 			_nbits++;            \
 		}                        \
-	}
+	} while (0)
 
 /*
  * Update the passed parameter and clamp it to the range [0, KPMAX]
  * Return the value of parameter right-shifted by LSGR
  */
 #define UpdateParam(_param, _deltaP, _k) \
+	do                                   \
 	{                                    \
 		_param += _deltaP;               \
 		if (_param > KPMAX)              \
@@ -72,7 +74,7 @@
 		if (_param < 0)                  \
 			_param = 0;                  \
 		_k = (_param >> LSGR);           \
-	}
+	} while (0)
 
 static BOOL g_LZCNT = FALSE;
 
@@ -558,6 +560,7 @@ int rfx_rlgr_decode(RLGR_MODE mode, const BYTE* pSrcData, UINT32 SrcSize, INT16*
 
 /* Returns the next coefficient (a signed int) to encode, from the input stream */
 #define GetNextInput(_n)   \
+	do                     \
 	{                      \
 		if (data_size > 0) \
 		{                  \
@@ -568,19 +571,20 @@ int rfx_rlgr_decode(RLGR_MODE mode, const BYTE* pSrcData, UINT32 SrcSize, INT16*
 		{                  \
 			_n = 0;        \
 		}                  \
-	}
+	} while (0)
 
 /* Emit bitPattern to the output bitstream */
 #define OutputBits(numBits, bitPattern) rfx_bitstream_put_bits(bs, bitPattern, numBits)
 
 /* Emit a bit (0 or 1), count number of times, to the output bitstream */
 #define OutputBit(count, bit)                                    \
+	do                                                           \
 	{                                                            \
 		UINT16 _b = (bit ? 0xFFFF : 0);                          \
 		int _c = (count);                                        \
 		for (; _c > 0; _c -= 16)                                 \
 			rfx_bitstream_put_bits(bs, _b, (_c > 16 ? 16 : _c)); \
-	}
+	} while (0)
 
 /* Converts the input value to (2 * abs(input) - sign(input)), where sign(input) = (input < 0 ? 1 :
  * 0) and returns it */
diff --git a/libfreerdp/codec/rfx_sse2.c b/libfreerdp/codec/rfx_sse2.c
index b9dbf9177..0536004bf 100644
--- a/libfreerdp/codec/rfx_sse2.c
+++ b/libfreerdp/codec/rfx_sse2.c
@@ -460,10 +460,10 @@ void rfx_init_sse2(RFX_CONTEXT* context)
 	if (!IsProcessorFeaturePresent(PF_XMMI64_INSTRUCTIONS_AVAILABLE))
 		return;
 
-	PROFILER_RENAME(context->priv->prof_rfx_quantization_decode, "rfx_quantization_decode_sse2");
-	PROFILER_RENAME(context->priv->prof_rfx_quantization_encode, "rfx_quantization_encode_sse2");
-	PROFILER_RENAME(context->priv->prof_rfx_dwt_2d_decode, "rfx_dwt_2d_decode_sse2");
-	PROFILER_RENAME(context->priv->prof_rfx_dwt_2d_encode, "rfx_dwt_2d_encode_sse2");
+	PROFILER_RENAME(context->priv->prof_rfx_quantization_decode, "rfx_quantization_decode_sse2")
+	PROFILER_RENAME(context->priv->prof_rfx_quantization_encode, "rfx_quantization_encode_sse2")
+	PROFILER_RENAME(context->priv->prof_rfx_dwt_2d_decode, "rfx_dwt_2d_decode_sse2")
+	PROFILER_RENAME(context->priv->prof_rfx_dwt_2d_encode, "rfx_dwt_2d_encode_sse2")
 	context->quantization_decode = rfx_quantization_decode_sse2;
 	context->quantization_encode = rfx_quantization_encode_sse2;
 	context->dwt_2d_decode = rfx_dwt_2d_decode_sse2;
diff --git a/libfreerdp/core/gateway/rdg.c b/libfreerdp/core/gateway/rdg.c
index abbc07a03..e62b123fc 100644
--- a/libfreerdp/core/gateway/rdg.c
+++ b/libfreerdp/core/gateway/rdg.c
@@ -1128,7 +1128,12 @@ static BOOL rdg_set_ntlm_auth_header(rdpNtlm* ntlm, HttpRequest* request)
 	char* base64NtlmToken = NULL;
 
 	if (ntlmToken)
-		base64NtlmToken = crypto_base64_encode(ntlmToken->pvBuffer, ntlmToken->cbBuffer);
+	{
+		if (ntlmToken->cbBuffer > INT_MAX)
+			return FALSE;
+
+		base64NtlmToken = crypto_base64_encode(ntlmToken->pvBuffer, (int)ntlmToken->cbBuffer);
+	}
 
 	if (base64NtlmToken)
 	{
diff --git a/libfreerdp/core/gcc.c b/libfreerdp/core/gcc.c
index 887fe4c30..670e3edc0 100644
--- a/libfreerdp/core/gcc.c
+++ b/libfreerdp/core/gcc.c
@@ -25,6 +25,7 @@
 
 #include <winpr/crt.h>
 #include <winpr/crypto.h>
+#include <winpr/assert.h>
 
 #include <freerdp/log.h>
 
@@ -1329,7 +1330,7 @@ const BYTE tssk_exponent[] = { 0x5b, 0x7b, 0x88, 0xc0 };
 BOOL gcc_write_server_security_data(wStream* s, rdpMcs* mcs)
 {
 	BYTE* sigData;
-	int expLen, keyLen, sigDataLen;
+	size_t expLen, keyLen, sigDataLen;
 	BYTE encryptedSignature[TSSK_KEY_LENGTH];
 	BYTE signature[sizeof(initial_signature)];
 	UINT32 headerLen, serverRandomLen, serverCertLen, wPublicKeyBlobLen;
@@ -1529,9 +1530,11 @@ BOOL gcc_write_server_security_data(wStream* s, rdpMcs* mcs)
 	Stream_Write_UINT16(s, BB_RSA_KEY_BLOB);      /* wPublicKeyBlobType */
 	Stream_Write_UINT16(s, wPublicKeyBlobLen);    /* wPublicKeyBlobLen */
 	Stream_Write(s, "RSA1", 4);                   /* magic */
-	Stream_Write_UINT32(s, keyLen + 8);           /* keylen */
-	Stream_Write_UINT32(s, keyLen * 8);           /* bitlen */
-	Stream_Write_UINT32(s, keyLen - 1);           /* datalen */
+	WINPR_ASSERT(keyLen > 0);
+	WINPR_ASSERT(keyLen <= UINT32_MAX / 8);
+	Stream_Write_UINT32(s, (UINT32)keyLen + 8); /* keylen */
+	Stream_Write_UINT32(s, (UINT32)keyLen * 8); /* bitlen */
+	Stream_Write_UINT32(s, (UINT32)keyLen - 1); /* datalen */
 	Stream_Write(s, settings->RdpServerRsaKey->exponent, expLen);
 	Stream_Write(s, settings->RdpServerRsaKey->Modulus, keyLen);
 	Stream_Zero(s, 8);
diff --git a/libfreerdp/core/rdp.h b/libfreerdp/core/rdp.h
index 6693f02c6..67bfcd019 100644
--- a/libfreerdp/core/rdp.h
+++ b/libfreerdp/core/rdp.h
@@ -166,7 +166,7 @@ struct rdp_rdp
 	BYTE encrypt_key[16];
 	BYTE decrypt_update_key[16];
 	BYTE encrypt_update_key[16];
-	int rc4_key_len;
+	size_t rc4_key_len;
 	BYTE fips_sign_key[20];
 	BYTE fips_encrypt_key[24];
 	BYTE fips_decrypt_key[24];
diff --git a/libfreerdp/core/security.c b/libfreerdp/core/security.c
index 7caf5a842..6ada9d779 100644
--- a/libfreerdp/core/security.c
+++ b/libfreerdp/core/security.c
@@ -82,8 +82,8 @@ static const BYTE fips_oddparity_table[256] = {
 	0xf1, 0xf1, 0xf2, 0xf2, 0xf4, 0xf4, 0xf7, 0xf7, 0xf8, 0xf8, 0xfb, 0xfb, 0xfd, 0xfd, 0xfe, 0xfe
 };
 
-static BOOL security_salted_hash(const BYTE* salt, const BYTE* input, int length, const BYTE* salt1,
-                                 const BYTE* salt2, BYTE* output)
+static BOOL security_salted_hash(const BYTE* salt, const BYTE* input, size_t length,
+                                 const BYTE* salt1, const BYTE* salt2, BYTE* output)
 {
 	WINPR_DIGEST_CTX* sha1 = NULL;
 	WINPR_DIGEST_CTX* md5 = NULL;
@@ -650,7 +650,7 @@ BOOL security_establish_keys(const BYTE* client_random, rdpRdp* rdp)
 	return TRUE;
 }
 
-static BOOL security_key_update(BYTE* key, BYTE* update_key, int key_len, rdpRdp* rdp)
+static BOOL security_key_update(BYTE* key, BYTE* update_key, size_t key_len, rdpRdp* rdp)
 {
 	BYTE sha1h[WINPR_SHA1_DIGEST_LENGTH];
 	WINPR_DIGEST_CTX* sha1 = NULL;
diff --git a/libfreerdp/crypto/certificate.c b/libfreerdp/crypto/certificate.c
index c29425d4a..5f527caf4 100644
--- a/libfreerdp/crypto/certificate.c
+++ b/libfreerdp/crypto/certificate.c
@@ -325,7 +325,7 @@ static WCHAR* certificate_get_cert_file_name(rdpCertificateStore* store,
 	size_t x, offset = 0;
 	char* pem = NULL;
 	WCHAR* wpem = NULL;
-	WINPR_DIGEST_CTX* ctx;
+	WINPR_DIGEST_CTX* ctx = NULL;
 	BYTE hash[WINPR_SHA3_256_DIGEST_LENGTH] = { 0 };
 	char fname[WINPR_SHA3_256_DIGEST_LENGTH * 2 + 6] = { 0 };
 
@@ -339,7 +339,7 @@ static WCHAR* certificate_get_cert_file_name(rdpCertificateStore* store,
 		goto fail;
 	if (!winpr_Digest_Update(ctx, (const BYTE*)data->hostname, strlen(data->hostname)))
 		goto fail;
-	if (!winpr_Digest_Update(ctx, (BYTE*)&data->port, sizeof(data->port)))
+	if (!winpr_Digest_Update(ctx, (const BYTE*)&data->port, sizeof(data->port)))
 		goto fail;
 	if (!winpr_Digest_Final(ctx, hash, sizeof(hash)))
 		goto fail;
diff --git a/libfreerdp/gdi/gfx.c b/libfreerdp/gdi/gfx.c
index f68fb3b8b..1685578ec 100644
--- a/libfreerdp/gdi/gfx.c
+++ b/libfreerdp/gdi/gfx.c
@@ -1538,7 +1538,7 @@ BOOL gdi_graphics_pipeline_init_ex(rdpGdi* gdi, RdpgfxClientContext* gfx,
 	freerdp_client_codecs_prepare(gfx->codecs, FREERDP_CODEC_ALL, context->settings->DesktopWidth,
 	                              context->settings->DesktopHeight);
 	InitializeCriticalSection(&gfx->mux);
-	PROFILER_CREATE(gfx->SurfaceProfiler, "GFX-PROFILER");
+	PROFILER_CREATE(gfx->SurfaceProfiler, "GFX-PROFILER")
 
 	/**
 	 * gdi->graphicsReset will be removed in FreeRDP v3 from public headers,