Merge pull request #911 from hardening/hardening10
Verbose message when processing fails
This commit is contained in:
commit
3f3d30cd4d
@ -123,6 +123,29 @@
|
|||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
static const char *certificate_read_errors[] = {
|
||||||
|
"Certificate tag",
|
||||||
|
"TBSCertificate",
|
||||||
|
"Explicit Contextual Tag [0]",
|
||||||
|
"version",
|
||||||
|
"CertificateSerialNumber",
|
||||||
|
"AlgorithmIdentifier",
|
||||||
|
"Issuer Name",
|
||||||
|
"Validity",
|
||||||
|
"Subject Name",
|
||||||
|
"SubjectPublicKeyInfo Tag",
|
||||||
|
"subjectPublicKeyInfo::AlgorithmIdentifier",
|
||||||
|
"subjectPublicKeyInfo::subjectPublicKey",
|
||||||
|
"RSAPublicKey Tag",
|
||||||
|
"modulusLength",
|
||||||
|
"zero padding",
|
||||||
|
"modulusLength",
|
||||||
|
"modulus",
|
||||||
|
"publicExponent length",
|
||||||
|
"publicExponent"
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Read X.509 Certificate
|
* Read X.509 Certificate
|
||||||
* @param certificate certificate module
|
* @param certificate certificate module
|
||||||
@ -137,6 +160,7 @@ BOOL certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info)
|
|||||||
UINT32 version;
|
UINT32 version;
|
||||||
int modulus_length;
|
int modulus_length;
|
||||||
int exponent_length;
|
int exponent_length;
|
||||||
|
int error = 0;
|
||||||
|
|
||||||
s = stream_new(0);
|
s = stream_new(0);
|
||||||
stream_attach(s, cert->data, cert->length);
|
stream_attach(s, cert->data, cert->length);
|
||||||
@ -144,55 +168,68 @@ BOOL certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info)
|
|||||||
|
|
||||||
if(!ber_read_sequence_tag(s, &length)) /* Certificate (SEQUENCE) */
|
if(!ber_read_sequence_tag(s, &length)) /* Certificate (SEQUENCE) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
if(!ber_read_sequence_tag(s, &length)) /* TBSCertificate (SEQUENCE) */
|
if(!ber_read_sequence_tag(s, &length)) /* TBSCertificate (SEQUENCE) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* Explicit Contextual Tag [0] */
|
if(!ber_read_contextual_tag(s, 0, &length, TRUE)) /* Explicit Contextual Tag [0] */
|
||||||
if(!ber_read_contextual_tag(s, 0, &length, TRUE))
|
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
if(!ber_read_integer(s, &version)) /* version (INTEGER) */
|
if(!ber_read_integer(s, &version)) /* version (INTEGER) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
version++;
|
version++;
|
||||||
|
|
||||||
/* serialNumber */
|
/* serialNumber */
|
||||||
if(!ber_read_integer(s, NULL)) /* CertificateSerialNumber (INTEGER) */
|
if(!ber_read_integer(s, NULL)) /* CertificateSerialNumber (INTEGER) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* signature */
|
/* signature */
|
||||||
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
|
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* issuer */
|
/* issuer */
|
||||||
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Name (SEQUENCE) */
|
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Name (SEQUENCE) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* validity */
|
/* validity */
|
||||||
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Validity (SEQUENCE) */
|
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Validity (SEQUENCE) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* subject */
|
/* subject */
|
||||||
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Name (SEQUENCE) */
|
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Name (SEQUENCE) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* subjectPublicKeyInfo */
|
/* subjectPublicKeyInfo */
|
||||||
if(!ber_read_sequence_tag(s, &length)) /* SubjectPublicKeyInfo (SEQUENCE) */
|
if(!ber_read_sequence_tag(s, &length)) /* SubjectPublicKeyInfo (SEQUENCE) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* subjectPublicKeyInfo::AlgorithmIdentifier */
|
/* subjectPublicKeyInfo::AlgorithmIdentifier */
|
||||||
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
|
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* subjectPublicKeyInfo::subjectPublicKey */
|
/* subjectPublicKeyInfo::subjectPublicKey */
|
||||||
if(!ber_read_bit_string(s, &length, &padding)) /* BIT_STRING */
|
if(!ber_read_bit_string(s, &length, &padding)) /* BIT_STRING */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* RSAPublicKey (SEQUENCE) */
|
/* RSAPublicKey (SEQUENCE) */
|
||||||
if(!ber_read_sequence_tag(s, &length)) /* SEQUENCE */
|
if(!ber_read_sequence_tag(s, &length)) /* SEQUENCE */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
if(!ber_read_integer_length(s, &modulus_length)) /* modulus (INTEGER) */
|
if(!ber_read_integer_length(s, &modulus_length)) /* modulus (INTEGER) */
|
||||||
goto error1;
|
goto error1;
|
||||||
|
error++;
|
||||||
|
|
||||||
/* skip zero padding, if any */
|
/* skip zero padding, if any */
|
||||||
do
|
do
|
||||||
@ -209,16 +246,19 @@ BOOL certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
while (padding == 0);
|
while (padding == 0);
|
||||||
|
error++;
|
||||||
|
|
||||||
if(stream_get_left(s) < modulus_length)
|
if(stream_get_left(s) < modulus_length)
|
||||||
goto error1;
|
goto error1;
|
||||||
info->ModulusLength = modulus_length;
|
info->ModulusLength = modulus_length;
|
||||||
info->Modulus = (BYTE*) malloc(info->ModulusLength);
|
info->Modulus = (BYTE*) malloc(info->ModulusLength);
|
||||||
stream_read(s, info->Modulus, info->ModulusLength);
|
stream_read(s, info->Modulus, info->ModulusLength);
|
||||||
|
error++;
|
||||||
|
|
||||||
if(!ber_read_integer_length(s, &exponent_length)) /* publicExponent (INTEGER) */
|
if(!ber_read_integer_length(s, &exponent_length)) /* publicExponent (INTEGER) */
|
||||||
goto error2;
|
goto error2;
|
||||||
if(stream_get_left(s) < exponent_length)
|
error++;
|
||||||
|
if(stream_get_left(s) < exponent_length || exponent_length > 4)
|
||||||
goto error2;
|
goto error2;
|
||||||
stream_read(s, &info->exponent[4 - exponent_length], exponent_length);
|
stream_read(s, &info->exponent[4 - exponent_length], exponent_length);
|
||||||
crypto_reverse(info->Modulus, info->ModulusLength);
|
crypto_reverse(info->Modulus, info->ModulusLength);
|
||||||
@ -232,6 +272,7 @@ error2:
|
|||||||
free(info->Modulus);
|
free(info->Modulus);
|
||||||
info->Modulus = 0;
|
info->Modulus = 0;
|
||||||
error1:
|
error1:
|
||||||
|
printf("error reading when reading certificate: part=%s error=%d\n", certificate_read_errors[error], error);
|
||||||
stream_detach(s);
|
stream_detach(s);
|
||||||
stream_free(s);
|
stream_free(s);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
@ -501,8 +501,10 @@ static INLINE BOOL update_read_delta_points(STREAM* s, DELTA_POINT* points, int
|
|||||||
do {\
|
do {\
|
||||||
if (orderInfo->fieldFlags & (1 << (NO-1))) \
|
if (orderInfo->fieldFlags & (1 << (NO-1))) \
|
||||||
{ \
|
{ \
|
||||||
if(stream_get_left(s) < 1) \
|
if(stream_get_left(s) < 1) {\
|
||||||
|
printf("%s: error reading %s\n", __func__, #TARGET); \
|
||||||
return FALSE; \
|
return FALSE; \
|
||||||
|
} \
|
||||||
stream_read_BYTE(s, TARGET); \
|
stream_read_BYTE(s, TARGET); \
|
||||||
} \
|
} \
|
||||||
} while(0)
|
} while(0)
|
||||||
@ -511,8 +513,10 @@ static INLINE BOOL update_read_delta_points(STREAM* s, DELTA_POINT* points, int
|
|||||||
do {\
|
do {\
|
||||||
if (orderInfo->fieldFlags & (1 << (NO-1))) \
|
if (orderInfo->fieldFlags & (1 << (NO-1))) \
|
||||||
{ \
|
{ \
|
||||||
if(stream_get_left(s) < 2) \
|
if(stream_get_left(s) < 2) { \
|
||||||
|
printf("%s: error reading %s or %s\n", __func__, #TARGET1, #TARGET2); \
|
||||||
return FALSE; \
|
return FALSE; \
|
||||||
|
} \
|
||||||
stream_read_BYTE(s, TARGET1); \
|
stream_read_BYTE(s, TARGET1); \
|
||||||
stream_read_BYTE(s, TARGET2); \
|
stream_read_BYTE(s, TARGET2); \
|
||||||
} \
|
} \
|
||||||
@ -522,8 +526,10 @@ static INLINE BOOL update_read_delta_points(STREAM* s, DELTA_POINT* points, int
|
|||||||
do {\
|
do {\
|
||||||
if (orderInfo->fieldFlags & (1 << (NO-1))) \
|
if (orderInfo->fieldFlags & (1 << (NO-1))) \
|
||||||
{ \
|
{ \
|
||||||
if(stream_get_left(s) < 2) \
|
if(stream_get_left(s) < 2) { \
|
||||||
|
printf("%s: error reading %s\n", __func__, #TARGET); \
|
||||||
return FALSE; \
|
return FALSE; \
|
||||||
|
} \
|
||||||
stream_read_UINT16(s, TARGET); \
|
stream_read_UINT16(s, TARGET); \
|
||||||
} \
|
} \
|
||||||
} while(0)
|
} while(0)
|
||||||
@ -531,25 +537,42 @@ static INLINE BOOL update_read_delta_points(STREAM* s, DELTA_POINT* points, int
|
|||||||
do {\
|
do {\
|
||||||
if (orderInfo->fieldFlags & (1 << (NO-1))) \
|
if (orderInfo->fieldFlags & (1 << (NO-1))) \
|
||||||
{ \
|
{ \
|
||||||
if(stream_get_left(s) < 4) \
|
if(stream_get_left(s) < 4) { \
|
||||||
|
printf("%s: error reading %s\n", __func__, #TARGET); \
|
||||||
return FALSE; \
|
return FALSE; \
|
||||||
|
} \
|
||||||
stream_read_UINT32(s, TARGET); \
|
stream_read_UINT32(s, TARGET); \
|
||||||
} \
|
} \
|
||||||
} while(0)
|
} while(0)
|
||||||
|
|
||||||
#define ORDER_FIELD_COORD(NO, TARGET) \
|
#define ORDER_FIELD_COORD(NO, TARGET) \
|
||||||
if ((orderInfo->fieldFlags & (1 << (NO-1))) && !update_read_coord(s, &TARGET, orderInfo->deltaCoordinates)) \
|
do { \
|
||||||
return FALSE
|
if ((orderInfo->fieldFlags & (1 << (NO-1))) && !update_read_coord(s, &TARGET, orderInfo->deltaCoordinates)) { \
|
||||||
|
printf("%s: error reading %s\n", __func__, #TARGET); \
|
||||||
|
return FALSE; \
|
||||||
|
} \
|
||||||
|
} while(0)
|
||||||
#define ORDER_FIELD_COLOR(NO, TARGET) \
|
#define ORDER_FIELD_COLOR(NO, TARGET) \
|
||||||
if ((orderInfo->fieldFlags & (1 << (NO-1))) && !update_read_color(s, &TARGET)) \
|
do { \
|
||||||
return FALSE
|
if ((orderInfo->fieldFlags & (1 << (NO-1))) && !update_read_color(s, &TARGET)) { \
|
||||||
|
printf("%s: error reading %s\n", __func__, #TARGET); \
|
||||||
|
return FALSE; \
|
||||||
|
} \
|
||||||
|
} while(0)
|
||||||
|
|
||||||
|
|
||||||
#define FIELD_SKIP_BUFFER16(s, TARGET_LEN) \
|
#define FIELD_SKIP_BUFFER16(s, TARGET_LEN) \
|
||||||
if(stream_get_left(s) < 2) \
|
do { \
|
||||||
|
if(stream_get_left(s) < 2) {\
|
||||||
|
printf("%s: error reading length %s\n", __func__, #TARGET_LEN); \
|
||||||
return FALSE; \
|
return FALSE; \
|
||||||
|
}\
|
||||||
stream_read_UINT16(s, TARGET_LEN); \
|
stream_read_UINT16(s, TARGET_LEN); \
|
||||||
if(!stream_skip(s, TARGET_LEN)) \
|
if(!stream_skip(s, TARGET_LEN)) { \
|
||||||
return FALSE
|
printf("%s: error skipping %d bytes\n", __func__, TARGET_LEN); \
|
||||||
|
return FALSE; \
|
||||||
|
} \
|
||||||
|
} while(0)
|
||||||
|
|
||||||
|
|
||||||
/* Primary Drawing Orders */
|
/* Primary Drawing Orders */
|
||||||
|
Loading…
Reference in New Issue
Block a user