libfreerdp-core: fix leaks and potential use after free
This commit is contained in:
Marc-André Moreau
parent
cdb8551dd0
commit
3bc47a2bf8
@ -750,13 +750,41 @@ BOOL xf_pre_connect(freerdp* instance)
|
||||
rdpSettings* settings;
|
||||
xfContext* xfc = (xfContext*) instance->context;
|
||||
|
||||
xfc->mutex = CreateMutex(NULL, FALSE, NULL);
|
||||
xfc->settings = instance->settings;
|
||||
xfc->instance = instance;
|
||||
|
||||
settings = instance->settings;
|
||||
channels = instance->context->channels;
|
||||
|
||||
xfc->UseXThreads = TRUE;
|
||||
|
||||
if (xfc->UseXThreads)
|
||||
{
|
||||
if (!XInitThreads())
|
||||
{
|
||||
fprintf(stderr, "warning: XInitThreads() failure\n");
|
||||
xfc->UseXThreads = FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
xfc->display = XOpenDisplay(NULL);
|
||||
|
||||
if (!xfc->display)
|
||||
{
|
||||
fprintf(stderr, "xf_pre_connect: failed to open display: %s\n", XDisplayName(NULL));
|
||||
fprintf(stderr, "Please check that the $DISPLAY environment variable is properly set.\n");
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (xfc->debug)
|
||||
{
|
||||
fprintf(stderr, "Enabling X11 debug mode.\n");
|
||||
XSynchronize(xfc->display, TRUE);
|
||||
_def_error_handler = XSetErrorHandler(_xf_error_handler);
|
||||
}
|
||||
|
||||
xfc->mutex = CreateMutex(NULL, FALSE, NULL);
|
||||
|
||||
PubSub_SubscribeChannelConnected(instance->context->pubSub,
|
||||
(pChannelConnectedEventHandler) xf_OnChannelConnectedEventHandler);
|
||||
|
||||
@ -785,33 +813,6 @@ BOOL xf_pre_connect(freerdp* instance)
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
xfc->UseXThreads = TRUE;
|
||||
|
||||
if (xfc->UseXThreads)
|
||||
{
|
||||
if (!XInitThreads())
|
||||
{
|
||||
fprintf(stderr, "warning: XInitThreads() failure\n");
|
||||
xfc->UseXThreads = FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
xfc->display = XOpenDisplay(NULL);
|
||||
|
||||
if (!xfc->display)
|
||||
{
|
||||
fprintf(stderr, "xf_pre_connect: failed to open display: %s\n", XDisplayName(NULL));
|
||||
fprintf(stderr, "Please check that the $DISPLAY environment variable is properly set.\n");
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (xfc->debug)
|
||||
{
|
||||
fprintf(stderr, "Enabling X11 debug mode.\n");
|
||||
XSynchronize(xfc->display, TRUE);
|
||||
_def_error_handler = XSetErrorHandler(_xf_error_handler);
|
||||
}
|
||||
|
||||
xfc->_NET_WM_ICON = XInternAtom(xfc->display, "_NET_WM_ICON", False);
|
||||
xfc->_MOTIF_WM_HINTS = XInternAtom(xfc->display, "_MOTIF_WM_HINTS", False);
|
||||
xfc->_NET_CURRENT_DESKTOP = XInternAtom(xfc->display, "_NET_CURRENT_DESKTOP", False);
|
||||
@ -1754,6 +1755,7 @@ static int xfreerdp_client_stop(rdpContext* context)
|
||||
xfContext* xfc = (xfContext*) context;
|
||||
|
||||
assert(NULL != context);
|
||||
|
||||
if (context->settings->AsyncInput)
|
||||
{
|
||||
wMessageQueue* queue;
|
||||
|
||||
@ -70,12 +70,12 @@ rdpContext* freerdp_client_context_new(RDP_CLIENT_ENTRY_POINTS* pEntryPoints)
|
||||
void freerdp_client_context_free(rdpContext* context)
|
||||
{
|
||||
freerdp* instance = context->instance;
|
||||
|
||||
if (instance)
|
||||
{
|
||||
freerdp_context_free(instance);
|
||||
free(instance->pClientEntryPoints);
|
||||
freerdp_free(instance);
|
||||
context->instance = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -321,10 +321,15 @@ int freerdp_detect_old_command_line_syntax(int argc, char** argv, int* count)
|
||||
ZeroMemory(settings, sizeof(rdpSettings));
|
||||
|
||||
CommandLineClearArgumentsA(old_args);
|
||||
|
||||
status = CommandLineParseArgumentsA(argc, (const char**) argv, old_args, flags, settings,
|
||||
freerdp_client_old_command_line_pre_filter, NULL);
|
||||
|
||||
if (status < 0)
|
||||
{
|
||||
free(settings);
|
||||
return status;
|
||||
}
|
||||
|
||||
arg = old_args;
|
||||
|
||||
|
||||
@ -428,6 +428,9 @@ int freerdp_context_new(freerdp* instance)
|
||||
*/
|
||||
void freerdp_context_free(freerdp* instance)
|
||||
{
|
||||
if (!instance)
|
||||
return;
|
||||
|
||||
if (!instance->context)
|
||||
return;
|
||||
|
||||
|
||||
@ -350,23 +350,29 @@ BOOL TsProxyCreateTunnelReadResponse(rdpTsg* tsg, RPC_PDU* pdu)
|
||||
offset += 4;
|
||||
Pointer = *((UINT32*) &buffer[offset]);
|
||||
offset += 4;
|
||||
if(Pointer) {
|
||||
|
||||
if (Pointer)
|
||||
{
|
||||
offset += 4; // MaxCount
|
||||
offset += 8; // UnicodeString Offset, Length
|
||||
}
|
||||
if(MsgBytes > TSG_MESSAGING_MAX_MESSAGE_LENGTH) {
|
||||
fprintf(stderr, "Out of Spec Message Length %d");
|
||||
|
||||
if (MsgBytes > TSG_MESSAGING_MAX_MESSAGE_LENGTH)
|
||||
{
|
||||
fprintf(stderr, "Out of Spec Message Length %d", MsgBytes);
|
||||
return FALSE;
|
||||
}
|
||||
offset += MsgBytes;
|
||||
break;
|
||||
|
||||
case TSG_ASYNC_MESSAGE_REAUTH:
|
||||
rpc_offset_align(&offset, 8);
|
||||
offset += 8; // UINT64 TunnelContext, not to be confused with
|
||||
// the ContextHandle TunnelContext below.
|
||||
break;
|
||||
|
||||
default:
|
||||
fprintf(stderr, "Unexpected Message Type: 0x%X\n", MessageSwitchValue);
|
||||
fprintf(stderr, "Unexpected Message Type: 0x%X\n", (int) MessageSwitchValue);
|
||||
return FALSE;
|
||||
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user