From 131c19fea6d9845450bb284e010e39acca8d898c Mon Sep 17 00:00:00 2001 From: Jay Sorg Date: Thu, 8 Mar 2012 17:47:01 -0800 Subject: [PATCH] libfreerdp-core: fix for mppc decompression without fastpath and multi data PDUs in one packet --- libfreerdp-core/rdp.c | 54 +++++++++++++++++++++++++--------------- libfreerdp-core/update.c | 15 ----------- 2 files changed, 34 insertions(+), 35 deletions(-) diff --git a/libfreerdp-core/rdp.c b/libfreerdp-core/rdp.c index f527d5572..d10939c6a 100644 --- a/libfreerdp-core/rdp.c +++ b/libfreerdp-core/rdp.c @@ -492,6 +492,7 @@ boolean rdp_recv_data_pdu(rdpRdp* rdp, STREAM* s) printf("decompress_rdp() failed\n"); return false; } + stream_seek(s, compressed_len - 18); } #ifdef WITH_DEBUG_RDP @@ -588,7 +589,10 @@ boolean rdp_recv_data_pdu(rdpRdp* rdp, STREAM* s) } if (comp_stream != s) - xfree(comp_stream); + { + stream_detach(comp_stream); + stream_free(comp_stream); + } return true; } @@ -695,6 +699,7 @@ static boolean rdp_recv_tpkt_pdu(rdpRdp* rdp, STREAM* s) uint16 pduSource; uint16 channelId; uint16 securityFlags; + uint8* nextp; if (!rdp_read_header(rdp, s, &length, &channelId)) { @@ -731,29 +736,38 @@ static boolean rdp_recv_tpkt_pdu(rdpRdp* rdp, STREAM* s) } else { - rdp_read_share_control_header(s, &pduLength, &pduType, &pduSource); - - rdp->settings->pdu_source = pduSource; - - switch (pduType) + while (stream_get_left(s) > 3) { - case PDU_TYPE_DATA: - if (!rdp_recv_data_pdu(rdp, s)) - return false; - break; + stream_get_mark(s, nextp); + rdp_read_share_control_header(s, &pduLength, &pduType, &pduSource); + nextp += pduLength; - case PDU_TYPE_DEACTIVATE_ALL: - if (!rdp_recv_deactivate_all(rdp, s)) - return false; - break; + rdp->settings->pdu_source = pduSource; - case PDU_TYPE_SERVER_REDIRECTION: - rdp_recv_enhanced_security_redirection_packet(rdp, s); - break; + switch (pduType) + { + case PDU_TYPE_DATA: + if (!rdp_recv_data_pdu(rdp, s)) + { + printf("rdp_recv_data_pdu failed\n"); + return false; + } + break; - default: - printf("incorrect PDU type: 0x%04X\n", pduType); - break; + case PDU_TYPE_DEACTIVATE_ALL: + if (!rdp_recv_deactivate_all(rdp, s)) + return false; + break; + + case PDU_TYPE_SERVER_REDIRECTION: + rdp_recv_enhanced_security_redirection_packet(rdp, s); + break; + + default: + printf("incorrect PDU type: 0x%04X\n", pduType); + break; + } + stream_set_mark(s, nextp); } } diff --git a/libfreerdp-core/update.c b/libfreerdp-core/update.c index ab108f1d9..391e2730b 100644 --- a/libfreerdp-core/update.c +++ b/libfreerdp-core/update.c @@ -285,21 +285,6 @@ boolean update_recv(rdpUpdate* update, STREAM* s) IFCALL(update->EndPaint, context); - if (stream_get_left(s) > RDP_SHARE_DATA_HEADER_LENGTH) - { - uint16 pduType; - uint16 length; - uint16 source; - - rdp_read_share_control_header(s, &length, &pduType, &source); - - if (pduType != PDU_TYPE_DATA) - return false; - - if (!rdp_recv_data_pdu(update->context->rdp, s)) - return false; - } - return true; }