From 3c908de5a41e93df78dcf6069ec56ebe17918211 Mon Sep 17 00:00:00 2001 From: akallabeth Date: Tue, 25 May 2021 08:03:19 +0200 Subject: [PATCH] Added rdg_read_http_unicode_string error messages Added log entries in case something in the packet is wrong (cherry picked from commit 7c2855b4a8c71a994b4ccc245d3faec4a39bed15) --- libfreerdp/core/gateway/rdg.c | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/libfreerdp/core/gateway/rdg.c b/libfreerdp/core/gateway/rdg.c index ff2d06aa5..f9ed72501 100644 --- a/libfreerdp/core/gateway/rdg.c +++ b/libfreerdp/core/gateway/rdg.c @@ -308,10 +308,14 @@ static BOOL rdg_read_http_unicode_string(wStream* s, const WCHAR** string, UINT1 { WCHAR* str; UINT16 strLenBytes; + size_t rem = Stream_GetRemainingLength(s); /* Read length of the string */ - if (Stream_GetRemainingLength(s) < 4) + if (rem < 4) + { + WLog_ERR(TAG, "[%s]: Could not read stream length, only have % " PRIuz " bytes", rem); return FALSE; + } Stream_Read_UINT16(s, strLenBytes); /* Remember position of our string */ @@ -319,7 +323,12 @@ static BOOL rdg_read_http_unicode_string(wStream* s, const WCHAR** string, UINT1 /* seek past the string - if this fails something is wrong */ if (!Stream_SafeSeek(s, strLenBytes)) + { + WLog_ERR(TAG, + "[%s]: Could not read stream data, only have % " PRIuz " bytes, expected %" PRIu16, + rem - 4, strLenBytes); return FALSE; + } /* return the string data (if wanted) */ if (string) @@ -1295,7 +1304,7 @@ static BOOL rdg_process_tunnel_response_optional(rdpRdg* rdg, wStream* s, UINT16 /* Seek over tunnelId (4 bytes) */ if (!Stream_SafeSeek(s, 4)) { - WLog_ERR(TAG, "[%s] Short packet %" PRIuz ", expected 4", __FUNCTION__, + WLog_ERR(TAG, "[%s] Short tunnelId, got %" PRIuz ", expected 4", __FUNCTION__, Stream_GetRemainingLength(s)); return FALSE; } @@ -1306,7 +1315,7 @@ static BOOL rdg_process_tunnel_response_optional(rdpRdg* rdg, wStream* s, UINT16 UINT32 caps; if (Stream_GetRemainingLength(s) < 4) { - WLog_ERR(TAG, "[%s] Short packet %" PRIuz ", expected 4", __FUNCTION__, + WLog_ERR(TAG, "[%s] Short capsFlags, got %" PRIuz ", expected 4", __FUNCTION__, Stream_GetRemainingLength(s)); return FALSE; } @@ -1320,7 +1329,7 @@ static BOOL rdg_process_tunnel_response_optional(rdpRdg* rdg, wStream* s, UINT16 /* Seek over nonce (20 bytes) */ if (!Stream_SafeSeek(s, 20)) { - WLog_ERR(TAG, "[%s] Short packet %" PRIuz ", expected 20", __FUNCTION__, + WLog_ERR(TAG, "[%s] Short nonce, got %" PRIuz ", expected 20", __FUNCTION__, Stream_GetRemainingLength(s)); return FALSE; } @@ -1328,7 +1337,7 @@ static BOOL rdg_process_tunnel_response_optional(rdpRdg* rdg, wStream* s, UINT16 /* Read serverCert */ if (!rdg_read_http_unicode_string(s, NULL, NULL)) { - WLog_ERR(TAG, "[%s] Failed to read string", __FUNCTION__); + WLog_ERR(TAG, "[%s] Failed to read server certificate", __FUNCTION__); return FALSE; } } @@ -1345,7 +1354,7 @@ static BOOL rdg_process_tunnel_response_optional(rdpRdg* rdg, wStream* s, UINT16 /* Read message string and invoke callback */ if (!rdg_read_http_unicode_string(s, &msg, &msgLenBytes)) { - WLog_ERR(TAG, "[%s] Failed to read string", __FUNCTION__); + WLog_ERR(TAG, "[%s] Failed to read consent message", __FUNCTION__); return FALSE; }