mirrors
/
FreeRDP
mirror of https://github.com/FreeRDP/FreeRDP
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

checks stream size when processing channel data

This commit is contained in:
rdp.effort 2013-01-11 01:25:26 +01:00
parent 0af0d3adfa
commit 6bc7da797b
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
libfreerdp/core/channel.c
View File

@ -91,30 +91,36 @@ BOOL freerdp_channel_send(rdpRdp* rdp, UINT16 channel_id, BYTE* data, int size)
return TRUE;
}
void freerdp_channel_process(freerdp* instance, STREAM* s, UINT16 channel_id)
BOOL freerdp_channel_process(freerdp* instance, STREAM* s, UINT16 channel_id)
{
UINT32 length;
UINT32 flags;
int chunk_length;
if(stream_get_left(s) < 4)
return FALSE;
stream_read_UINT32(s, length);
stream_read_UINT32(s, flags);
chunk_length = stream_get_left(s);
IFCALL(instance->ReceiveChannelData, instance,
channel_id, stream_get_tail(s), chunk_length, flags, length);
return TRUE;
}
void freerdp_channel_peer_process(freerdp_peer* client, STREAM* s, UINT16 channel_id)
BOOL freerdp_channel_peer_process(freerdp_peer* client, STREAM* s, UINT16 channel_id)
{
UINT32 length;
UINT32 flags;
int chunk_length;
if(stream_get_left(s) < 8)
return FALSE;
stream_read_UINT32(s, length);
stream_read_UINT32(s, flags);
chunk_length = stream_get_left(s);
IFCALL(client->ReceiveChannelData, client,
channel_id, stream_get_tail(s), chunk_length, flags, length);
return TRUE;
}

4
libfreerdp/core/channel.h
View File

@ -21,7 +21,7 @@
#define __CHANNEL_H
BOOL freerdp_channel_send(rdpRdp* rdp, UINT16 channel_id, BYTE* data, int size);
void freerdp_channel_process(freerdp* instance, STREAM* s, UINT16 channel_id);
void freerdp_channel_peer_process(freerdp_peer* client, STREAM* s, UINT16 channel_id);
BOOL freerdp_channel_process(freerdp* instance, STREAM* s, UINT16 channel_id);
BOOL freerdp_channel_peer_process(freerdp_peer* client, STREAM* s, UINT16 channel_id);
#endif /* __CHANNEL_H */