mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes for malloc / calloc + other fixes

Browse Source 
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
This commit is contained in:
David FORT 2015-06-16 15:42:07 +02:00 committed by Bernhard Miklautz
parent 16d36e3083
commit 7c3f8f33ab
70 changed files with 845 additions and 473 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -94,6 +94,7 @@ client/X11/xfreerdp
client/Mac/xcode
client/Sample/sfreerdp
client/DirectFB/dfreerdp
client/Wayland/wlfreerdp
server/Sample/sfreerdp-server
server/X11/xfreerdp-server
xcode

2
channels/rdpgfx/client/rdpgfx_main.c
View File

@ -851,6 +851,8 @@ static int rdpgfx_on_data_received(IWTSVirtualChannelCallback* pChannelCallback,
}
s = Stream_New(pDstData, DstSize);
if (!s)
return 0;
while (((size_t) Stream_GetPosition(s)) < Stream_Length(s))
{

1
client/.gitignore vendored
View File

@ -7,4 +7,5 @@
!/Sample
!/Windows
!/X11
!/Wayland
!/CMakeLists.txt

6
client/Android/FreeRDPCore/jni/android_freerdp.c
View File

@ -240,7 +240,8 @@ static BOOL android_post_connect(freerdp* instance)
settings->DesktopWidth, settings->DesktopHeight,
settings->ColorDepth);
instance->context->cache = cache_new(settings);
if (!(instance->context->cache = cache_new(settings)))
return FALSE;
if (instance->settings->ColorDepth > 16)
gdi_flags = CLRBUF_32BPP | CLRCONV_ALPHA | CLRCONV_INVERT;
@ -254,7 +255,8 @@ static BOOL android_post_connect(freerdp* instance)
instance->update->EndPaint = android_end_paint;
instance->update->DesktopResize = android_desktop_resize;
freerdp_channels_post_connect(instance->context->channels, instance);
if (freerdp_channels_post_connect(instance->context->channels, instance) < 0)
return FALSE;
freerdp_callback("OnConnectionSuccess", "(I)V", instance);

8
client/DirectFB/dfreerdp.c
View File

@ -179,9 +179,7 @@ BOOL df_pre_connect(freerdp* instance)
freerdp_channels_pre_connect(instance->context->channels, instance);
instance->context->cache = cache_new(instance->settings);
return TRUE;
return (instance->context->cache = cache_new(instance->settings)) != NULL;
}
BOOL df_post_connect(freerdp* instance)
@ -237,9 +235,7 @@ BOOL df_post_connect(freerdp* instance)
pointer_cache_register_callbacks(instance->update);
df_register_graphics(instance->context->graphics);
freerdp_channels_post_connect(instance->context->channels, instance);
return TRUE;
return freerdp_channels_post_connect(instance->context->channels, instance) >= 0;
}
BOOL df_verify_certificate(freerdp* instance, char* subject, char* issuer, char* fingerprint)

4
client/Sample/freerdp.c
View File

@ -122,9 +122,7 @@ static BOOL tf_post_connect(freerdp* instance)
instance->update->BeginPaint = tf_begin_paint;
instance->update->EndPaint = tf_end_paint;
freerdp_channels_post_connect(instance->context->channels, instance);
return TRUE;
return (freerdp_channels_post_connect(instance->context->channels, instance) >= 0);
}
static void* tf_client_thread_proc(freerdp* instance)

2
client/Wayland/wlfreerdp.c
View File

@ -142,7 +142,7 @@ static BOOL wl_post_connect(freerdp* instance)
/* put Wayland data in the context here */
context->window = window;
if (freerdp_channels_post_connect(instance->context->channels, instance))
if (freerdp_channels_post_connect(instance->context->channels, instance) < 0)
return FALSE;
wlf_UpdateWindowArea(context, window, 0, 0, gdi->width, gdi->height);

6
client/Windows/wf_client.c
View File

@ -275,7 +275,8 @@ BOOL wf_pre_connect(freerdp* instance)
wfc->clrconv->palette = NULL;
wfc->clrconv->alpha = FALSE;
instance->context->cache = cache_new(settings);
if (!(instance->context->cache = cache_new(settings)))
return FALSE;
desktopWidth = settings->DesktopWidth;
desktopHeight = settings->DesktopHeight;
@ -484,7 +485,8 @@ BOOL wf_post_connect(freerdp* instance)
instance->update->BitmapUpdate = wf_gdi_bitmap_update;
}
freerdp_channels_post_connect(context->channels, instance);
if (freerdp_channels_post_connect(context->channels, instance) < 0)
return FALSE;
if (wfc->fullscreen)
floatbar_window_create(wfc);

8
client/X11/xf_client.c
View File

@ -1020,7 +1020,10 @@ BOOL xf_pre_connect(freerdp* instance)
}
if (!context->cache)
context->cache = cache_new(settings);
{
if (!(context->cache = cache_new(settings)))
return FALSE;
}
if (!xf_keyboard_init(xfc))
return FALSE;
@ -1170,7 +1173,8 @@ BOOL xf_post_connect(freerdp* instance)
update->SetKeyboardIndicators = xf_keyboard_set_indicators;
xfc->clipboard = xf_clipboard_new(xfc);
freerdp_channels_post_connect(channels, instance);
if (freerdp_channels_post_connect(channels, instance) < 0)
return FALSE;
EventArgsInit(&e, "xfreerdp");
e.width = settings->DesktopWidth;

47
client/common/cmdline.c
View File

@ -471,16 +471,33 @@ int freerdp_client_add_static_channel(rdpSettings* settings, int count, char** p
ADDIN_ARGV* args;
args = (ADDIN_ARGV*) malloc(sizeof(ADDIN_ARGV));
if (!args)
return -1;
args->argc = count;
args->argv = (char**) calloc(args->argc, sizeof(char*));
if (!args->argv)
goto error_argv;
for (index = 0; index < args->argc; index++)
{
args->argv[index] = _strdup(params[index]);
if (!args->argv[index])
goto error_argv_index;
}
freerdp_static_channel_collection_add(settings, args);
if (!freerdp_static_channel_collection_add(settings, args))
goto error_argv_index;
return 0;
error_argv_index:
for (index = 0; index < args->argc; index++)
free(args->argv[index]);
free(args->argv);
error_argv:
free(args);
return -1;
}
int freerdp_client_add_dynamic_channel(rdpSettings* settings, int count, char** params)
@ -489,16 +506,33 @@ int freerdp_client_add_dynamic_channel(rdpSettings* settings, int count, char**
ADDIN_ARGV* args;
args = (ADDIN_ARGV*) malloc(sizeof(ADDIN_ARGV));
if (!args)
return -1;
args->argc = count;
args->argv = (char**) calloc(args->argc, sizeof(char*));
if (!args->argv)
goto error_argv;
for (index = 0; index < args->argc; index++)
{
args->argv[index] = _strdup(params[index]);
if (!args->argv[index])
goto error_argv_index;
}
freerdp_dynamic_channel_collection_add(settings, args);
if (!freerdp_dynamic_channel_collection_add(settings, args))
goto error_argv_index;
return 0;
error_argv_index:
for (index = 0; index < args->argc; index++)
free(args->argv[index]);
free(args->argv);
error_argv:
free(args);
return -1;
}
static char** freerdp_command_line_parse_comma_separated_values(char* list, int* count)
@ -562,6 +596,7 @@ static char** freerdp_command_line_parse_comma_separated_values_offset(char* lis
int freerdp_client_command_line_post_filter(void* context, COMMAND_LINE_ARGUMENT_A* arg)
{
rdpSettings* settings = (rdpSettings*) context;
int status = 0;
CommandLineSwitchStart(arg)
@ -586,7 +621,7 @@ int freerdp_client_command_line_post_filter(void* context, COMMAND_LINE_ARGUMENT
p = freerdp_command_line_parse_comma_separated_values(arg->Value, &count);
freerdp_client_add_static_channel(settings, count, p);
status = freerdp_client_add_static_channel(settings, count, p);
free(p);
}
@ -712,7 +747,7 @@ int freerdp_client_command_line_post_filter(void* context, COMMAND_LINE_ARGUMENT
p = freerdp_command_line_parse_comma_separated_values_offset(arg->Value, &count);
p[0] = "rdpsnd";
freerdp_client_add_static_channel(settings, count, p);
status = freerdp_client_add_static_channel(settings, count, p);
free(p);
}
@ -724,7 +759,7 @@ int freerdp_client_command_line_post_filter(void* context, COMMAND_LINE_ARGUMENT
count = 1;
p[0] = "rdpsnd";
freerdp_client_add_static_channel(settings, count, p);
status = freerdp_client_add_static_channel(settings, count, p);
}
}
CommandLineSwitchCase(arg, "microphone")
@ -789,7 +824,7 @@ int freerdp_client_command_line_post_filter(void* context, COMMAND_LINE_ARGUMENT
CommandLineSwitchEnd(arg)
return 0;
return status;
}
int freerdp_parse_username(char* username, char** user, char** domain)

4
include/freerdp/crypto/certificate.h
View File

@ -55,8 +55,8 @@ struct rdp_certificate_store
#endif
FREERDP_API rdpCertificateData* certificate_data_new(
char* hostname, UINT16 port, char*subject,
char*issuer, char* fingerprint);
char* hostname, UINT16 port, char* subject,
char* issuer, char* fingerprint);
FREERDP_API void certificate_data_free(
rdpCertificateData* certificate_data);
FREERDP_API rdpCertificateStore* certificate_store_new(

4
include/freerdp/settings.h
View File

@ -1440,12 +1440,12 @@ FREERDP_API RDPDR_DEVICE* freerdp_device_collection_find(rdpSettings* settings,
FREERDP_API RDPDR_DEVICE* freerdp_device_clone(RDPDR_DEVICE* device);
FREERDP_API void freerdp_device_collection_free(rdpSettings* settings);
FREERDP_API void freerdp_static_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel);
FREERDP_API BOOL freerdp_static_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel);
FREERDP_API ADDIN_ARGV* freerdp_static_channel_collection_find(rdpSettings* settings, const char* name);
FREERDP_API ADDIN_ARGV* freerdp_static_channel_clone(ADDIN_ARGV* channel);
FREERDP_API void freerdp_static_channel_collection_free(rdpSettings* settings);
FREERDP_API void freerdp_dynamic_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel);
FREERDP_API BOOL freerdp_dynamic_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel);
FREERDP_API ADDIN_ARGV* freerdp_dynamic_channel_collection_find(rdpSettings* settings, const char* name);
FREERDP_API ADDIN_ARGV* freerdp_dynamic_channel_clone(ADDIN_ARGV* channel);
FREERDP_API void freerdp_dynamic_channel_collection_free(rdpSettings* settings);

2
include/freerdp/utils/pcap.h
View File

@ -75,7 +75,7 @@ extern "C" {
FREERDP_API rdpPcap* pcap_open(char* name, BOOL write);
FREERDP_API void pcap_close(rdpPcap* pcap);
FREERDP_API void pcap_add_record(rdpPcap* pcap, void* data, UINT32 length);
FREERDP_API BOOL pcap_add_record(rdpPcap* pcap, void* data, UINT32 length);
FREERDP_API BOOL pcap_has_next_record(rdpPcap* pcap);
FREERDP_API BOOL pcap_get_next_record(rdpPcap* pcap, pcap_record* record);
FREERDP_API BOOL pcap_get_next_record_header(rdpPcap* pcap, pcap_record* record);

30
libfreerdp/cache/brush.c vendored
View File

@ -189,25 +189,31 @@ rdpBrushCache* brush_cache_new(rdpSettings* settings)
{
rdpBrushCache* brushCache;
brushCache = (rdpBrushCache*) malloc(sizeof(rdpBrushCache));
brushCache = (rdpBrushCache*) calloc(1, sizeof(rdpBrushCache));
if (brushCache)
{
ZeroMemory(brushCache, sizeof(rdpBrushCache));
if (!brushCache)
return NULL;
brushCache->settings = settings;
brushCache->settings = settings;
brushCache->maxEntries = 64;
brushCache->maxMonoEntries = 64;
brushCache->maxEntries = 64;
brushCache->maxMonoEntries = 64;
brushCache->entries = (BRUSH_ENTRY*) malloc(sizeof(BRUSH_ENTRY) * brushCache->maxEntries);
ZeroMemory(brushCache->entries, sizeof(BRUSH_ENTRY) * brushCache->maxEntries);
brushCache->entries = (BRUSH_ENTRY*)calloc(brushCache->maxEntries, sizeof(BRUSH_ENTRY));
if (!brushCache->entries)
goto error_entries;
brushCache->monoEntries = (BRUSH_ENTRY*) malloc(sizeof(BRUSH_ENTRY) * brushCache->maxMonoEntries);
ZeroMemory(brushCache->monoEntries, sizeof(BRUSH_ENTRY) * brushCache->maxMonoEntries);
}
brushCache->monoEntries = (BRUSH_ENTRY*) calloc(brushCache->maxMonoEntries, sizeof(BRUSH_ENTRY));
if (!brushCache->monoEntries)
goto error_mono;
return brushCache;
error_mono:
free(brushCache->entries);
error_entries:
free(brushCache);
return NULL;
}
void brush_cache_free(rdpBrushCache* brushCache)

54
libfreerdp/cache/cache.c vendored
View File

@ -31,22 +31,50 @@ rdpCache* cache_new(rdpSettings* settings)
{
rdpCache* cache;
cache = (rdpCache*) malloc(sizeof(rdpCache));
ZeroMemory(cache, sizeof(rdpCache));
cache = (rdpCache*) calloc(1, sizeof(rdpCache));
if (!cache)
return NULL;
if (cache != NULL)
{
cache->settings = settings;
cache->glyph = glyph_cache_new(settings);
cache->brush = brush_cache_new(settings);
cache->pointer = pointer_cache_new(settings);
cache->bitmap = bitmap_cache_new(settings);
cache->offscreen = offscreen_cache_new(settings);
cache->palette = palette_cache_new(settings);
cache->nine_grid = nine_grid_cache_new(settings);
}
cache->settings = settings;
cache->glyph = glyph_cache_new(settings);
if (!cache->glyph)
goto error_glyph;
cache->brush = brush_cache_new(settings);
if (cache->brush)
goto error_brush;
cache->pointer = pointer_cache_new(settings);
if (!cache->pointer)
goto error_pointer;
cache->bitmap = bitmap_cache_new(settings);
if (!cache->bitmap)
goto error_bitmap;
cache->offscreen = offscreen_cache_new(settings);
if (!cache->offscreen)
goto error_offscreen;
cache->palette = palette_cache_new(settings);
if (!cache->palette)
goto error_palette;
cache->nine_grid = nine_grid_cache_new(settings);
if (!cache->nine_grid)
goto error_ninegrid;
return cache;
error_ninegrid:
palette_cache_free(cache->palette);
error_palette:
offscreen_cache_free(cache->offscreen);
error_offscreen:
bitmap_cache_free(cache->bitmap);
error_bitmap:
pointer_cache_free(cache->pointer);
error_pointer:
brush_cache_free(cache->brush);
error_brush:
glyph_cache_free(cache->glyph);
error_glyph:
free(cache);
return NULL;
}
void cache_free(rdpCache* cache)

53
libfreerdp/cache/glyph.c vendored
View File

@ -77,7 +77,7 @@ void update_process_glyph(rdpContext* context, BYTE* data, int* index,
}
}
void update_process_glyph_fragments(rdpContext* context, BYTE* data, UINT32 length,
BOOL update_process_glyph_fragments(rdpContext* context, BYTE* data, UINT32 length,
UINT32 cacheId, UINT32 ulCharInc, UINT32 flAccel, UINT32 bgcolor, UINT32 fgcolor, int x, int y,
int bkX, int bkY, int bkWidth, int bkHeight, int opX, int opY, int opWidth, int opHeight, BOOL fOpRedundant)
{
@ -108,17 +108,20 @@ void update_process_glyph_fragments(rdpContext* context, BYTE* data, UINT32 leng
if (opWidth > 0 && opHeight > 0)
{
Glyph_BeginDraw(context, opX, opY, opWidth, opHeight, bgcolor, fgcolor, fOpRedundant);
if (!Glyph_BeginDraw(context, opX, opY, opWidth, opHeight, bgcolor, fgcolor, fOpRedundant))
return FALSE;
}
else
{
if (fOpRedundant)
{
Glyph_BeginDraw(context, bkX, bkY, bkWidth, bkHeight, bgcolor, fgcolor, fOpRedundant);
if (!Glyph_BeginDraw(context, bkX, bkY, bkWidth, bkHeight, bgcolor, fgcolor, fOpRedundant))
return FALSE;
}
else
{
Glyph_BeginDraw(context, 0, 0, 0, 0, bgcolor, fgcolor, fOpRedundant);
if (!Glyph_BeginDraw(context, 0, 0, 0, 0, bgcolor, fgcolor, fOpRedundant))
return FALSE;
}
}
@ -175,6 +178,8 @@ void update_process_glyph_fragments(rdpContext* context, BYTE* data, UINT32 leng
size = data[index + 2];
fragments = (BYTE*) malloc(size);
if (!fragments)
return FALSE;
CopyMemory(fragments, data, size);
glyph_cache_fragment_put(glyph_cache, id, size, fragments);
@ -194,9 +199,9 @@ void update_process_glyph_fragments(rdpContext* context, BYTE* data, UINT32 leng
}
if (opWidth > 0 && opHeight > 0)
Glyph_EndDraw(context, opX, opY, opWidth, opHeight, bgcolor, fgcolor);
else
Glyph_EndDraw(context, bkX, bkY, bkWidth, bkHeight, bgcolor, fgcolor);
return Glyph_EndDraw(context, opX, opY, opWidth, opHeight, bgcolor, fgcolor);
return Glyph_EndDraw(context, bkX, bkY, bkWidth, bkHeight, bgcolor, fgcolor);
}
BOOL update_gdi_glyph_index(rdpContext* context, GLYPH_INDEX_ORDER* glyphIndex)
@ -211,14 +216,12 @@ BOOL update_gdi_glyph_index(rdpContext* context, GLYPH_INDEX_ORDER* glyphIndex)
bkHeight = glyphIndex->bkBottom - glyphIndex->bkTop;
opHeight = glyphIndex->opBottom - glyphIndex->opTop;
update_process_glyph_fragments(context, glyphIndex->data, glyphIndex->cbData,
return update_process_glyph_fragments(context, glyphIndex->data, glyphIndex->cbData,
glyphIndex->cacheId, glyphIndex->ulCharInc, glyphIndex->flAccel,
glyphIndex->backColor, glyphIndex->foreColor, glyphIndex->x, glyphIndex->y,
glyphIndex->bkLeft, glyphIndex->bkTop, bkWidth, bkHeight,
glyphIndex->opLeft, glyphIndex->opTop, opWidth, opHeight,
glyphIndex->fOpRedundant);
return TRUE;
}
BOOL update_gdi_fast_index(rdpContext* context, FAST_INDEX_ORDER* fastIndex)
@ -263,7 +266,7 @@ BOOL update_gdi_fast_index(rdpContext* context, FAST_INDEX_ORDER* fastIndex)
if (y == -32768)
y = fastIndex->bkTop;
update_process_glyph_fragments(context, fastIndex->data, fastIndex->cbData,
return update_process_glyph_fragments(context, fastIndex->data, fastIndex->cbData,
fastIndex->cacheId, fastIndex->ulCharInc, fastIndex->flAccel,
fastIndex->backColor, fastIndex->foreColor, x, y,
fastIndex->bkLeft, fastIndex->bkTop,
@ -271,7 +274,6 @@ BOOL update_gdi_fast_index(rdpContext* context, FAST_INDEX_ORDER* fastIndex)
opLeft, opTop,
opRight - opLeft, opBottom - opTop,
FALSE);
return TRUE;
}
BOOL update_gdi_fast_glyph(rdpContext* context, FAST_GLYPH_ORDER* fastGlyph)
@ -323,14 +325,20 @@ BOOL update_gdi_fast_glyph(rdpContext* context, FAST_GLYPH_ORDER* fastGlyph)
glyphData = &fastGlyph->glyphData;
glyph = Glyph_Alloc(context);
if (!glyph)
return FALSE;
glyph->x = glyphData->x;
glyph->y = glyphData->y;
glyph->cx = glyphData->cx;
glyph->cy = glyphData->cy;
glyph->cb = glyphData->cb;
glyph->aj = malloc(glyphData->cb);
if (!glyph->aj)
goto error_aj;
CopyMemory(glyph->aj, glyphData->aj, glyph->cb);
Glyph_New(context, glyph);
if (!Glyph_New(context, glyph))
goto error_glyph_new;
glyph_cache_put(cache->glyph, fastGlyph->cacheId, fastGlyph->data[0], glyph);
}
@ -338,7 +346,7 @@ BOOL update_gdi_fast_glyph(rdpContext* context, FAST_GLYPH_ORDER* fastGlyph)
text_data[0] = fastGlyph->data[0];
text_data[1] = 0;
update_process_glyph_fragments(context, text_data, 1,
return update_process_glyph_fragments(context, text_data, 1,
fastGlyph->cacheId, fastGlyph->ulCharInc, fastGlyph->flAccel,
fastGlyph->backColor, fastGlyph->foreColor, x, y,
fastGlyph->bkLeft, fastGlyph->bkTop,
@ -346,7 +354,13 @@ BOOL update_gdi_fast_glyph(rdpContext* context, FAST_GLYPH_ORDER* fastGlyph)
opLeft, opTop,
opRight - opLeft, opBottom - opTop,
FALSE);
return TRUE;
error_glyph_new:
free(glyph->aj);
glyph->aj = NULL;
error_aj:
Glyph_Free(context, glyph);
return FALSE;
}
BOOL update_gdi_cache_glyph(rdpContext* context, CACHE_GLYPH_ORDER* cacheGlyph)
@ -362,10 +376,7 @@ BOOL update_gdi_cache_glyph(rdpContext* context, CACHE_GLYPH_ORDER* cacheGlyph)
glyph = Glyph_Alloc(context);
if (!glyph)
{
/* TODO: cleanup previously allocated memory */
return FALSE;
}
glyph->x = glyph_data->x;
glyph->y = glyph_data->y;
@ -373,7 +384,11 @@ BOOL update_gdi_cache_glyph(rdpContext* context, CACHE_GLYPH_ORDER* cacheGlyph)
glyph->cy = glyph_data->cy;
glyph->cb = glyph_data->cb;
glyph->aj = glyph_data->aj;
Glyph_New(context, glyph);
if (!Glyph_New(context, glyph))
{
Glyph_Free(context, glyph);
return FALSE;
}
glyph_cache_put(cache->glyph, cacheGlyph->cacheId, glyph_data->cacheIndex, glyph);
}

28
libfreerdp/cache/nine_grid.c vendored
View File

@ -95,21 +95,23 @@ rdpNineGridCache* nine_grid_cache_new(rdpSettings* settings)
{
rdpNineGridCache* nine_grid;
nine_grid = (rdpNineGridCache*) malloc(sizeof(rdpNineGridCache));
ZeroMemory(nine_grid, sizeof(rdpNineGridCache));
nine_grid = (rdpNineGridCache*) calloc(1, sizeof(rdpNineGridCache));
if (!nine_grid)
return NULL;
if (nine_grid != NULL)
nine_grid->settings = settings;
nine_grid->maxSize = 2560;
nine_grid->maxEntries = 256;
nine_grid->settings->DrawNineGridCacheSize = nine_grid->maxSize;
nine_grid->settings->DrawNineGridCacheEntries = nine_grid->maxEntries;
nine_grid->entries = (NINE_GRID_ENTRY*) calloc(nine_grid->maxEntries, sizeof(NINE_GRID_ENTRY));
if (!nine_grid->entries)
{
nine_grid->settings = settings;
nine_grid->maxSize = 2560;
nine_grid->maxEntries = 256;
nine_grid->settings->DrawNineGridCacheSize = nine_grid->maxSize;
nine_grid->settings->DrawNineGridCacheEntries = nine_grid->maxEntries;
nine_grid->entries = (NINE_GRID_ENTRY*) malloc(sizeof(NINE_GRID_ENTRY) * nine_grid->maxEntries);
ZeroMemory(nine_grid->entries, sizeof(NINE_GRID_ENTRY) * nine_grid->maxEntries);
free(nine_grid);
return NULL;
}
return nine_grid;

35
libfreerdp/cache/offscreen.c vendored
View File

@ -146,26 +146,27 @@ rdpOffscreenCache* offscreen_cache_new(rdpSettings* settings)
{
rdpOffscreenCache* offscreenCache;
offscreenCache = (rdpOffscreenCache*) malloc(sizeof(rdpOffscreenCache));
offscreenCache = (rdpOffscreenCache*) calloc(1, sizeof(rdpOffscreenCache));
if (offscreenCache)
if (!offscreenCache)
return NULL;
offscreenCache->settings = settings;
offscreenCache->update = ((freerdp*) settings->instance)->update;
offscreenCache->currentSurface = SCREEN_BITMAP_SURFACE;
offscreenCache->maxSize = 7680;
offscreenCache->maxEntries = 2000;
settings->OffscreenCacheSize = offscreenCache->maxSize;
settings->OffscreenCacheEntries = offscreenCache->maxEntries;
offscreenCache->entries = (rdpBitmap**) calloc(offscreenCache->maxEntries, sizeof(rdpBitmap*));
if (!offscreenCache->entries)
{
ZeroMemory(offscreenCache, sizeof(rdpOffscreenCache));
offscreenCache->settings = settings;
offscreenCache->update = ((freerdp*) settings->instance)->update;
offscreenCache->currentSurface = SCREEN_BITMAP_SURFACE;
offscreenCache->maxSize = 7680;
offscreenCache->maxEntries = 2000;
settings->OffscreenCacheSize = offscreenCache->maxSize;
settings->OffscreenCacheEntries = offscreenCache->maxEntries;
offscreenCache->entries = (rdpBitmap**) malloc(sizeof(rdpBitmap*) * offscreenCache->maxEntries);
ZeroMemory(offscreenCache->entries, sizeof(rdpBitmap*) * offscreenCache->maxEntries);
free(offscreenCache);
return NULL;
}
return offscreenCache;
}

79
libfreerdp/cache/pointer.c vendored
View File

@ -109,39 +109,37 @@ BOOL update_pointer_new(rdpContext* context, POINTER_NEW_UPDATE* pointer_new)
rdpCache* cache = context->cache;
pointer = Pointer_Alloc(context);
if (!pointer)
return FALSE;
if (pointer != NULL)
pointer->xorBpp = pointer_new->xorBpp;
pointer->xPos = pointer_new->colorPtrAttr.xPos;
pointer->yPos = pointer_new->colorPtrAttr.yPos;
pointer->width = pointer_new->colorPtrAttr.width;
pointer->height = pointer_new->colorPtrAttr.height;
pointer->lengthAndMask = pointer_new->colorPtrAttr.lengthAndMask;
pointer->lengthXorMask = pointer_new->colorPtrAttr.lengthXorMask;
if (pointer->lengthAndMask)
{
pointer->xorBpp = pointer_new->xorBpp;
pointer->xPos = pointer_new->colorPtrAttr.xPos;
pointer->yPos = pointer_new->colorPtrAttr.yPos;
pointer->width = pointer_new->colorPtrAttr.width;
pointer->height = pointer_new->colorPtrAttr.height;
pointer->lengthAndMask = pointer_new->colorPtrAttr.lengthAndMask;
pointer->lengthXorMask = pointer_new->colorPtrAttr.lengthXorMask;
pointer->andMaskData = pointer->xorMaskData = NULL;
if (pointer->lengthAndMask)
{
pointer->andMaskData = (BYTE*) malloc(pointer->lengthAndMask);
if (!pointer->andMaskData)
goto out_fail;
CopyMemory(pointer->andMaskData, pointer_new->colorPtrAttr.andMaskData, pointer->lengthAndMask);
}
if (pointer->lengthXorMask)
{
pointer->xorMaskData = (BYTE*) malloc(pointer->lengthXorMask);
CopyMemory(pointer->xorMaskData, pointer_new->colorPtrAttr.xorMaskData, pointer->lengthXorMask);
}
pointer->New(context, pointer);
pointer_cache_put(cache->pointer, pointer_new->colorPtrAttr.cacheIndex, pointer);
Pointer_Set(context, pointer);
return TRUE;
pointer->andMaskData = (BYTE*) malloc(pointer->lengthAndMask);
if (!pointer->andMaskData)
goto out_fail;
CopyMemory(pointer->andMaskData, pointer_new->colorPtrAttr.andMaskData, pointer->lengthAndMask);
}
return FALSE;
if (pointer->lengthXorMask)
{
pointer->xorMaskData = (BYTE*) malloc(pointer->lengthXorMask);
if (!pointer->xorMaskData)
goto out_fail;
CopyMemory(pointer->xorMaskData, pointer_new->colorPtrAttr.xorMaskData, pointer->lengthXorMask);
}
if (!pointer->New(context, pointer))
goto out_fail;
pointer_cache_put(cache->pointer, pointer_new->colorPtrAttr.cacheIndex, pointer);
return Pointer_Set(context, pointer);
out_fail:
free(pointer->andMaskData);
@ -213,18 +211,19 @@ rdpPointerCache* pointer_cache_new(rdpSettings* settings)
{
rdpPointerCache* pointer_cache;
pointer_cache = (rdpPointerCache*) malloc(sizeof(rdpPointerCache));
pointer_cache = (rdpPointerCache*) calloc(1, sizeof(rdpPointerCache));
if (!pointer_cache)
return NULL;
if (pointer_cache != NULL)
pointer_cache->settings = settings;
pointer_cache->cacheSize = settings->PointerCacheSize;
pointer_cache->update = ((freerdp*) settings->instance)->update;
pointer_cache->entries = (rdpPointer**) calloc(pointer_cache->cacheSize, sizeof(rdpPointer*));
if (!pointer_cache->entries)
{
ZeroMemory(pointer_cache, sizeof(rdpPointerCache));
pointer_cache->settings = settings;
pointer_cache->cacheSize = settings->PointerCacheSize;
pointer_cache->update = ((freerdp*) settings->instance)->update;
pointer_cache->entries = (rdpPointer**) malloc(sizeof(rdpPointer*) * pointer_cache->cacheSize);
ZeroMemory(pointer_cache->entries, sizeof(rdpPointer*) * pointer_cache->cacheSize);
free(pointer_cache);
return NULL;
}
return pointer_cache;

59
libfreerdp/codec/clear.c
View File

@ -377,12 +377,13 @@ int clear_decompress(CLEAR_CONTEXT* clear, BYTE* pSrcData, UINT32 SrcSize,
if (vBarShortEntry->count > vBarShortEntry->size)
{
UINT32 *tmp;
vBarShortEntry->size = vBarShortEntry->count;
if (!vBarShortEntry->pixels)
vBarShortEntry->pixels = (UINT32*) malloc(vBarShortEntry->count * 4);
else
vBarShortEntry->pixels = (UINT32*) realloc(vBarShortEntry->pixels, vBarShortEntry->count * 4);
tmp = (UINT32*) realloc(vBarShortEntry->pixels, vBarShortEntry->count * 4);
if (!tmp)
return -1;
vBarShortEntry->pixels = tmp;
}
if (!vBarShortEntry->pixels && vBarShortEntry->size)
@ -442,12 +443,13 @@ int clear_decompress(CLEAR_CONTEXT* clear, BYTE* pSrcData, UINT32 SrcSize,
if (vBarEntry->count > vBarEntry->size)
{
UINT32 *tmp;
vBarEntry->size = vBarEntry->count;
if (!vBarEntry->pixels)
vBarEntry->pixels = (UINT32*) malloc(vBarEntry->count * 4);
else
vBarEntry->pixels = (UINT32*) realloc(vBarEntry->pixels, vBarEntry->count * 4);
tmp = (UINT32*) realloc(vBarEntry->pixels, vBarEntry->count * 4);
if (!tmp)
return -1;
vBarEntry->pixels = tmp;
}
if (!vBarEntry->pixels && vBarEntry->size)
@ -791,12 +793,13 @@ int clear_decompress(CLEAR_CONTEXT* clear, BYTE* pSrcData, UINT32 SrcSize,
if (glyphEntry->count > glyphEntry->size)
{
UINT32 *tmp;
glyphEntry->size = glyphEntry->count;
if (!glyphEntry->pixels)
glyphEntry->pixels = (UINT32*) malloc(glyphEntry->size * 4);
else
glyphEntry->pixels = (UINT32*) realloc(glyphEntry->pixels, glyphEntry->size * 4);
tmp = (UINT32*) realloc(glyphEntry->pixels, glyphEntry->size * 4);
if (!tmp)
return -1;
glyphEntry->pixels = tmp;
}
if (!glyphEntry->pixels)
@ -841,27 +844,31 @@ CLEAR_CONTEXT* clear_context_new(BOOL Compressor)
clear = (CLEAR_CONTEXT*) calloc(1, sizeof(CLEAR_CONTEXT));
if (clear)
{
clear->Compressor = Compressor;
if (!clear)
return NULL;
clear->nsc = nsc_context_new();
clear->Compressor = Compressor;
if (!clear->nsc)
{
free (clear);
return NULL;
}
clear->nsc = nsc_context_new();
if (!clear->nsc)
goto error_nsc;
nsc_context_set_pixel_format(clear->nsc, RDP_PIXEL_FORMAT_R8G8B8);
nsc_context_set_pixel_format(clear->nsc, RDP_PIXEL_FORMAT_R8G8B8);
clear->TempSize = 512 * 512 * 4;
clear->TempBuffer = (BYTE*) malloc(clear->TempSize);
clear->TempSize = 512 * 512 * 4;
clear->TempBuffer = (BYTE*) malloc(clear->TempSize);
if (!clear->TempBuffer)
goto error_temp_buffer;
clear_context_reset(clear);
}
clear_context_reset(clear);
return clear;
error_temp_buffer:
nsc_context_free(clear->nsc);
error_nsc:
free(clear);
return NULL;
}
void clear_context_free(CLEAR_CONTEXT* clear)

25
libfreerdp/codec/h264.c
View File

@ -679,7 +679,7 @@ int h264_decompress(H264_CONTEXT* h264, BYTE* pSrcData, UINT32 SrcSize,
int h264_compress(H264_CONTEXT* h264, BYTE* pSrcData, DWORD SrcFormat,
int nSrcStep, int nSrcWidth, int nSrcHeight, BYTE** ppDstData, UINT32* pDstSize)
{
int status;
int status = -1;
prim_size_t roi;
int nWidth, nHeight;
primitives_t *prims = primitives_get();
@ -691,12 +691,19 @@ int h264_compress(H264_CONTEXT* h264, BYTE* pSrcData, DWORD SrcFormat,
nWidth = (nSrcWidth + 1) & ~1;
nHeight = (nSrcHeight + 1) & ~1;
h264->pYUVData[0] = (BYTE*) malloc(nWidth * nHeight);
if (!(h264->pYUVData[0] = (BYTE*) malloc(nWidth * nHeight)))
return -1;
h264->iStride[0] = nWidth;
h264->pYUVData[1] = (BYTE*) malloc(nWidth * nHeight / 4);
if (!(h264->pYUVData[1] = (BYTE*) malloc(nWidth * nHeight / 4)))
goto error_1;
h264->iStride[1] = nWidth / 2;
h264->pYUVData[2] = (BYTE*) malloc(nWidth * nHeight / 4);
if (!(h264->pYUVData[2] = (BYTE*) malloc(nWidth * nHeight / 4)))
goto error_2;
h264->iStride[2] = nWidth / 2;
h264->width = nWidth;
h264->height = nHeight;
roi.width = nSrcWidth;
@ -706,12 +713,14 @@ int h264_compress(H264_CONTEXT* h264, BYTE* pSrcData, DWORD SrcFormat,
status = h264->subsystem->Compress(h264, ppDstData, pDstSize);
free(h264->pYUVData[0]);
free(h264->pYUVData[1]);
free(h264->pYUVData[2]);
h264->pYUVData[0] = NULL;
h264->pYUVData[1] = NULL;
h264->pYUVData[2] = NULL;
error_2:
free(h264->pYUVData[1]);
h264->pYUVData[1] = NULL;
error_1:
free(h264->pYUVData[0]);
h264->pYUVData[0] = NULL;
return status;
}

47
libfreerdp/codec/planar.c
View File

@ -873,6 +873,8 @@ BYTE* freerdp_bitmap_planar_compress_plane_rle(BYTE* inPlane, int width, int hei
{
outBufferSize = width * height;
outPlane = malloc(outBufferSize);
if (!outPlane)
return NULL;
}
else
{
@ -968,7 +970,10 @@ BYTE* freerdp_bitmap_planar_delta_encode_plane(BYTE* inPlane, int width, int hei
BYTE *outPtr, *srcPtr, *prevLinePtr;
if (!outPlane)
outPlane = (BYTE*) malloc(width * height);
{
if (!(outPlane = (BYTE*) malloc(width * height)))
return NULL;
}
// first line is copied as is
CopyMemory(outPlane, inPlane, width);
@ -994,14 +999,18 @@ BYTE* freerdp_bitmap_planar_delta_encode_plane(BYTE* inPlane, int width, int hei
return outPlane;
}
int freerdp_bitmap_planar_delta_encode_planes(BYTE* inPlanes[4], int width, int height, BYTE* outPlanes[4])
BOOL freerdp_bitmap_planar_delta_encode_planes(BYTE* inPlanes[4], int width, int height, BYTE* outPlanes[4])
{
outPlanes[0] = freerdp_bitmap_planar_delta_encode_plane(inPlanes[0], width, height, outPlanes[0]);
outPlanes[1] = freerdp_bitmap_planar_delta_encode_plane(inPlanes[1], width, height, outPlanes[1]);
outPlanes[2] = freerdp_bitmap_planar_delta_encode_plane(inPlanes[2], width, height, outPlanes[2]);
outPlanes[3] = freerdp_bitmap_planar_delta_encode_plane(inPlanes[3], width, height, outPlanes[3]);
int i;
return 0;
for (i = 0; i < 4; i++)
{
outPlanes[i] = freerdp_bitmap_planar_delta_encode_plane(inPlanes[i], width, height, outPlanes[i]);
if (!outPlanes[i])
return FALSE;
}
return TRUE;
}
BYTE* freerdp_bitmap_compress_planar(BITMAP_PLANAR_CONTEXT* context, BYTE* data, UINT32 format,
@ -1025,7 +1034,8 @@ BYTE* freerdp_bitmap_compress_planar(BITMAP_PLANAR_CONTEXT* context, BYTE* data,
if (context->AllowRunLengthEncoding)
{
freerdp_bitmap_planar_delta_encode_planes(context->planes, width, height, context->deltaPlanes);
if (!freerdp_bitmap_planar_delta_encode_planes(context->planes, width, height, context->deltaPlanes))
return NULL;;
if (freerdp_bitmap_planar_compress_planes_rle(context->deltaPlanes, width, height,
context->rlePlanesBuffer, (int*) &dstSizes, context->AllowSkipAlpha) > 0)
@ -1071,6 +1081,8 @@ BYTE* freerdp_bitmap_compress_planar(BITMAP_PLANAR_CONTEXT* context, BYTE* data,
size++;
dstData = malloc(size);
if (!dstData)
return NULL;
*pDstSize = size;
}
@ -1157,13 +1169,10 @@ BITMAP_PLANAR_CONTEXT* freerdp_bitmap_planar_context_new(DWORD flags, int maxWid
{
BITMAP_PLANAR_CONTEXT* context;
context = (BITMAP_PLANAR_CONTEXT*) malloc(sizeof(BITMAP_PLANAR_CONTEXT));
context = (BITMAP_PLANAR_CONTEXT*) calloc(1, sizeof(BITMAP_PLANAR_CONTEXT));
if (!context)
return NULL;
ZeroMemory(context, sizeof(BITMAP_PLANAR_CONTEXT));
if (flags & PLANAR_FORMAT_HEADER_NA)
context->AllowSkipAlpha = TRUE;
@ -1183,20 +1192,34 @@ BITMAP_PLANAR_CONTEXT* freerdp_bitmap_planar_context_new(DWORD flags, int maxWid
context->maxPlaneSize = context->maxWidth * context->maxHeight;
context->planesBuffer = malloc(context->maxPlaneSize * 4);
if (!context->planesBuffer)
goto error_planesBuffer;
context->planes[0] = &context->planesBuffer[context->maxPlaneSize * 0];
context->planes[1] = &context->planesBuffer[context->maxPlaneSize * 1];
context->planes[2] = &context->planesBuffer[context->maxPlaneSize * 2];
context->planes[3] = &context->planesBuffer[context->maxPlaneSize * 3];
context->deltaPlanesBuffer = malloc(context->maxPlaneSize * 4);
if (!context->deltaPlanesBuffer)
goto error_deltaPlanesBuffer;
context->deltaPlanes[0] = &context->deltaPlanesBuffer[context->maxPlaneSize * 0];
context->deltaPlanes[1] = &context->deltaPlanesBuffer[context->maxPlaneSize * 1];
context->deltaPlanes[2] = &context->deltaPlanesBuffer[context->maxPlaneSize * 2];
context->deltaPlanes[3] = &context->deltaPlanesBuffer[context->maxPlaneSize * 3];
context->rlePlanesBuffer = malloc(context->maxPlaneSize * 4);
if (!context->rlePlanesBuffer)
goto error_rlePlanesBuffer;
return context;
error_rlePlanesBuffer:
free(context->deltaPlanesBuffer);
error_deltaPlanesBuffer:
free(context->planesBuffer);
error_planesBuffer:
free(context);
return NULL;
}
void freerdp_bitmap_planar_context_free(BITMAP_PLANAR_CONTEXT* context)

44
libfreerdp/codec/test/TestFreeRDPCodecPlanar.c
View File

@ -2960,9 +2960,14 @@ int test_individual_planes_encoding_rle()
CopyMemory(planar->planes[1], (BYTE*) TEST_64X64_RED_PLANE, planeSize); /* Red */
CopyMemory(planar->planes[2], (BYTE*) TEST_64X64_GREEN_PLANE, planeSize); /* Green */
CopyMemory(planar->planes[3], (BYTE*) TEST_64X64_BLUE_PLANE, planeSize); /* Blue */
freerdp_bitmap_planar_delta_encode_plane(planar->planes[1], width, height, planar->deltaPlanes[1]); /* Red */
freerdp_bitmap_planar_delta_encode_plane(planar->planes[2], width, height, planar->deltaPlanes[2]); /* Green */
freerdp_bitmap_planar_delta_encode_plane(planar->planes[3], width, height, planar->deltaPlanes[3]); /* Blue */
if (!freerdp_bitmap_planar_delta_encode_plane(planar->planes[1], width, height, planar->deltaPlanes[1]) || /* Red */
!freerdp_bitmap_planar_delta_encode_plane(planar->planes[2], width, height, planar->deltaPlanes[2]) || /* Green */
!freerdp_bitmap_planar_delta_encode_plane(planar->planes[3], width, height, planar->deltaPlanes[3])) /* Blue */
{
return -1;
}
pOutput = planar->rlePlanesBuffer;
availableSize = planeSize * 3;
/* Red */
@ -3101,11 +3106,15 @@ int TestFreeRDPCodecPlanar(int argc, char* argv[])
width = i;
height = i;
whiteBitmap = (BYTE*) malloc(width * height * 4);
if (!whiteBitmap)
return -1;
FillMemory(whiteBitmap, width * height * 4, 0xFF);
fill_bitmap_alpha_channel(whiteBitmap, width, height, 0x00);
compressedBitmap = freerdp_bitmap_compress_planar(planar, whiteBitmap, format, width, height, width * 4, NULL, &dstSize);
decompressedBitmap = (BYTE*) malloc(width * height * 4);
ZeroMemory(decompressedBitmap, width * height * 4);
decompressedBitmap = (BYTE*) calloc(width * height, 4);
if (!decompressedBitmap)
return -1;
pDstData = decompressedBitmap;
@ -3138,12 +3147,14 @@ int TestFreeRDPCodecPlanar(int argc, char* argv[])
{
width = i;
height = i;
blackBitmap = (BYTE*) malloc(width * height * 4);
ZeroMemory(blackBitmap, width * height * 4);
blackBitmap = (BYTE*) calloc(width * height, 4);
if (!blackBitmap)
return -1;
fill_bitmap_alpha_channel(blackBitmap, width, height, 0x00);
compressedBitmap = freerdp_bitmap_compress_planar(planar, blackBitmap, format, width, height, width * 4, NULL, &dstSize);
decompressedBitmap = (BYTE*) malloc(width * height * 4);
ZeroMemory(decompressedBitmap, width * height * 4);
decompressedBitmap = (BYTE*) calloc(width * height, 4);
if (!decompressedBitmap)
return -1;
pDstData = decompressedBitmap;
@ -3179,8 +3190,9 @@ int TestFreeRDPCodecPlanar(int argc, char* argv[])
height = 64;
compressedBitmap = freerdp_bitmap_compress_planar(planar, (BYTE*) TEST_RLE_BITMAP_EXPERIMENTAL_01,
format, width, height, width * 4, NULL, &dstSize);
decompressedBitmap = (BYTE*) malloc(width * height * 4);
ZeroMemory(decompressedBitmap, width * height * 4);
decompressedBitmap = (BYTE*) calloc(width * height, 4);
if (!decompressedBitmap)
return -1;
pDstData = decompressedBitmap;
@ -3217,8 +3229,9 @@ int TestFreeRDPCodecPlanar(int argc, char* argv[])
height = 64;
compressedBitmap = freerdp_bitmap_compress_planar(planar, (BYTE*) TEST_RLE_BITMAP_EXPERIMENTAL_02,
format, width, height, width * 4, NULL, &dstSize);
decompressedBitmap = (BYTE*) malloc(width * height * 4);
ZeroMemory(decompressedBitmap, width * height * 4);
decompressedBitmap = (BYTE*) calloc(width * height, 4);
if (!decompressedBitmap)
return -1;
pDstData = decompressedBitmap;
@ -3262,8 +3275,9 @@ int TestFreeRDPCodecPlanar(int argc, char* argv[])
height = 64;
compressedBitmap = freerdp_bitmap_compress_planar(planar, (BYTE*) TEST_RLE_BITMAP_EXPERIMENTAL_03,
format, width, height, width * 4, NULL, &dstSize);
decompressedBitmap = (BYTE*) malloc(width * height * 4);
ZeroMemory(decompressedBitmap, width * height * 4);
decompressedBitmap = (BYTE*) calloc(width * height, 4);
if (!decompressedBitmap)
return -1;
pDstData = decompressedBitmap;

4
libfreerdp/codec/zgfx.c
View File

@ -337,6 +337,8 @@ int zgfx_decompress(ZGFX_CONTEXT* zgfx, BYTE* pSrcData, UINT32 SrcSize, BYTE** p
status = zgfx_decompress_segment(zgfx, &pSrcData[1], SrcSize - 1);
*ppDstData = (BYTE*) malloc(zgfx->OutputCount);
if (!*ppDstData)
return -1;
*pDstSize = zgfx->OutputCount;
CopyMemory(*ppDstData, zgfx->OutputBuffer, zgfx->OutputCount);
@ -355,6 +357,8 @@ int zgfx_decompress(ZGFX_CONTEXT* zgfx, BYTE* pSrcData, UINT32 SrcSize, BYTE** p
uncompressedSize = *((UINT32*) &pSrcData[3]); /* uncompressedSize (4 bytes) */
pConcatenated = (BYTE*) malloc(uncompressedSize);
if (!pConcatenated)
return -1;
*ppDstData = pConcatenated;
*pDstSize = uncompressedSize;

60
libfreerdp/common/addin.c
View File

@ -46,11 +46,17 @@ LPSTR freerdp_get_library_install_path()
cchPath = cchInstallPrefix + cchLibraryPath + 2;
pszPath = (LPSTR) malloc(cchPath + 1);
if (!pszPath)
return NULL;
CopyMemory(pszPath, pszInstallPrefix, cchInstallPrefix);
pszPath[cchInstallPrefix] = '\0';
NativePathCchAppendA(pszPath, cchPath + 1, pszLibraryPath);
if (NativePathCchAppendA(pszPath, cchPath + 1, pszLibraryPath) != S_OK)
{
free(pszPath);
return NULL;
}
return pszPath;
}
@ -75,7 +81,11 @@ LPSTR freerdp_get_dynamic_addin_install_path()
CopyMemory(pszPath, pszInstallPrefix, cchInstallPrefix);
pszPath[cchInstallPrefix] = '\0';
NativePathCchAppendA(pszPath, cchPath + 1, pszAddinPath);
if (NativePathCchAppendA(pszPath, cchPath + 1, pszAddinPath) != S_OK)
{
free(pszPath);
return NULL;
}
return pszPath;
}
@ -182,6 +192,8 @@ void* freerdp_load_dynamic_channel_addin_entry(LPCSTR pszName, LPSTR pszSubsyste
{
cchFileName += strlen(pszName) + strlen(pszSubsystem) + strlen(pszType) + strlen(pszExtension);
pszFileName = (LPSTR) malloc(cchFileName);
if (!pszFileName)
return NULL;
sprintf_s(pszFileName, cchFileName, "%s%s-client-%s-%s.%s", pszPrefix, pszName, pszSubsystem, pszType, pszExtension);
cchFileName = strlen(pszFileName);
}
@ -189,6 +201,9 @@ void* freerdp_load_dynamic_channel_addin_entry(LPCSTR pszName, LPSTR pszSubsyste
{
cchFileName += strlen(pszName) + strlen(pszSubsystem) + strlen(pszExtension);
pszFileName = (LPSTR) malloc(cchFileName);
if (!pszFileName)
return NULL;
sprintf_s(pszFileName, cchFileName, "%s%s-client-%s.%s", pszPrefix, pszName, pszSubsystem, pszExtension);
cchFileName = strlen(pszFileName);
}
@ -196,6 +211,9 @@ void* freerdp_load_dynamic_channel_addin_entry(LPCSTR pszName, LPSTR pszSubsyste
{
cchFileName += strlen(pszName) + strlen(pszExtension);
pszFileName = (LPSTR) malloc(cchFileName);
if (!pszFileName)
return NULL;
sprintf_s(pszFileName, cchFileName, "%s%s-client.%s", pszPrefix, pszName, pszExtension);
cchFileName = strlen(pszFileName);
}
@ -213,6 +231,11 @@ void* freerdp_load_dynamic_channel_addin_entry(LPCSTR pszName, LPSTR pszSubsyste
cchEntryName = 64 + strlen(pszName);
pszEntryName = (LPSTR) malloc(cchEntryName + 1);
if (!pszEntryName)
{
free(pszFileName);
return NULL;
}
sprintf_s(pszEntryName, cchEntryName + 1, "freerdp_%s_client_subsystem_entry", pszName);
entry = freerdp_load_dynamic_addin(pszFileName, NULL, pszEntryName);
@ -220,29 +243,22 @@ void* freerdp_load_dynamic_channel_addin_entry(LPCSTR pszName, LPSTR pszSubsyste
free(pszEntryName);
free(pszFileName);
if (entry)
return entry;
return entry;
}
/* channel add-in */
if (dwFlags & FREERDP_ADDIN_CHANNEL_STATIC)
entry = freerdp_load_dynamic_addin(pszFileName, NULL, "VirtualChannelEntry");
else if (dwFlags & FREERDP_ADDIN_CHANNEL_DYNAMIC)
entry = freerdp_load_dynamic_addin(pszFileName, NULL, "DVCPluginEntry");
else if (dwFlags & FREERDP_ADDIN_CHANNEL_DEVICE)
entry = freerdp_load_dynamic_addin(pszFileName, NULL, "DeviceServiceEntry");
else
{
/* channel add-in */
entry = freerdp_load_dynamic_addin(pszFileName, NULL, pszType);
if (dwFlags & FREERDP_ADDIN_CHANNEL_STATIC)
entry = freerdp_load_dynamic_addin(pszFileName, NULL, "VirtualChannelEntry");
else if (dwFlags & FREERDP_ADDIN_CHANNEL_DYNAMIC)
entry = freerdp_load_dynamic_addin(pszFileName, NULL, "DVCPluginEntry");
else if (dwFlags & FREERDP_ADDIN_CHANNEL_DEVICE)
entry = freerdp_load_dynamic_addin(pszFileName, NULL, "DeviceServiceEntry");
else
entry = freerdp_load_dynamic_addin(pszFileName, NULL, pszType);
free(pszFileName);
if (entry)
return entry;
}
return NULL;
free(pszFileName);
return entry;
}
static FREERDP_LOAD_CHANNEL_ADDIN_ENTRY_FN freerdp_load_static_channel_addin_entry = NULL;

2
libfreerdp/common/assistance.c
View File

@ -829,6 +829,8 @@ char* freerdp_assistance_bin_to_hex_string(const BYTE* data, int size)
char bin2hex[] = "0123456789ABCDEF";
p = (char*) malloc((size + 1) * 2);
if (!p)
return NULL;
for (i = 0; i < size; i++)
{

30
libfreerdp/common/settings.c
View File

@ -95,6 +95,8 @@ int freerdp_addin_set_argument_value(ADDIN_ARGV* args, char* option, char* value
length = strlen(option) + strlen(value) + 1;
str = (char*) malloc(length + 1);
if (!str)
return -1;
sprintf_s(str, length + 1, "%s:%s", option, value);
for (i = 0; i < args->argc; i++)
@ -132,6 +134,8 @@ int freerdp_addin_replace_argument_value(ADDIN_ARGV* args, char* previous, char*
length = strlen(option) + strlen(value) + 1;
str = (char*) malloc(length + 1);
if (!str)
return -1;
sprintf_s(str, length + 1, "%s:%s", option, value);
for (i = 0; i < args->argc; i++)
@ -421,10 +425,10 @@ void freerdp_device_collection_free(rdpSettings* settings)
settings->DeviceCount = 0;
}
void freerdp_static_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel)
BOOL freerdp_static_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel)
{
if (!settings->StaticChannelArray)
return;
return FALSE;
if (settings->StaticChannelArraySize < (settings->StaticChannelCount + 1))
{
@ -435,12 +439,13 @@ void freerdp_static_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* ch
new_array = (ADDIN_ARGV**)
realloc(settings->StaticChannelArray, new_size * sizeof(ADDIN_ARGV*));
if (!new_array)
return;
return FALSE;
settings->StaticChannelArray = new_array;
settings->StaticChannelArraySize = new_size;
}
settings->StaticChannelArray[settings->StaticChannelCount++] = channel;
return TRUE;
}
ADDIN_ARGV* freerdp_static_channel_collection_find(rdpSettings* settings, const char* name)
@ -514,30 +519,25 @@ void freerdp_static_channel_collection_free(rdpSettings* settings)
settings->StaticChannelCount = 0;
}
void freerdp_dynamic_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel)
BOOL freerdp_dynamic_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel)
{
if (!settings->DynamicChannelArray)
return;
return FALSE;
if (settings->DynamicChannelArraySize < (settings->DynamicChannelCount + 1))
{
UINT32 new_size;
ADDIN_ARGV **new_array;
settings->DynamicChannelArraySize *= 2;
settings->DynamicChannelArray = (ADDIN_ARGV**)
realloc(settings->DynamicChannelArray, settings->DynamicChannelArraySize * sizeof(ADDIN_ARGV*));
new_size = settings->DynamicChannelArraySize * 2;
new_array = (ADDIN_ARGV**)
realloc(settings->DynamicChannelArray, new_size * sizeof(ADDIN_ARGV*));
new_array = realloc(settings->DynamicChannelArray, settings->DynamicChannelArraySize * sizeof(ADDIN_ARGV*) * 2);
if (!new_array)
return;
return FALSE;
settings->DynamicChannelArraySize *= 2;
settings->DynamicChannelArray = new_array;
settings->DynamicChannelArraySize = new_size;
}
settings->DynamicChannelArray[settings->DynamicChannelCount++] = channel;
return TRUE;
}
ADDIN_ARGV* freerdp_dynamic_channel_collection_find(rdpSettings* settings, const char* name)

4
libfreerdp/core/client.c
View File

@ -237,6 +237,8 @@ int freerdp_channels_post_connect(rdpChannels* channels, freerdp* instance)
pChannelClientData->pChannelInitEventProc(pChannelClientData->pInitHandle, CHANNEL_EVENT_CONNECTED, hostname, hostnameLength);
name = (char*) malloc(9);
if (!name)
return -1;
CopyMemory(name, pChannelOpenData->name, 8);
name[8] = '\0';
@ -449,6 +451,8 @@ int freerdp_channels_disconnect(rdpChannels* channels, freerdp* instance)
pChannelOpenData = &channels->openDataList[index];
name = (char*) malloc(9);
if (!name)
return -1;
CopyMemory(name, pChannelOpenData->name, 8);
name[8] = '\0';

8
libfreerdp/core/connection.c
View File

@ -400,7 +400,7 @@ BOOL rdp_client_reconnect(rdpRdp* rdp)
status = rdp_client_connect(rdp);
if (status)
freerdp_channels_post_connect(channels, context->instance);
status = (freerdp_channels_post_connect(channels, context->instance) >= 0);
return status;
}
@ -838,7 +838,11 @@ int rdp_client_connect_demand_active(rdpRdp* rdp, wStream* s)
if (!rdp_send_confirm_active(rdp))
return -1;
input_register_client_callbacks(rdp->input);
if (!input_register_client_callbacks(rdp->input))
{
WLog_ERR(TAG, "error registering client callbacks");
return -1;
}
/**
* The server may request a different desktop size during Deactivation-Reactivation sequence.

16
libfreerdp/core/gcc.c
View File

@ -1590,11 +1590,12 @@ BOOL gcc_read_client_monitor_data(wStream* s, rdpMcs* mcs, UINT16 blockLength)
Stream_Read_UINT32(s, flags); /* flags */
Stream_Read_UINT32(s, monitorCount); /* monitorCount */
if (blockLength < (8 + (monitorCount * 20)))
if (((blockLength - 8) / 20) < monitorCount)
return FALSE;
monitorDefArray = (MONITOR_DEF*) malloc(sizeof(MONITOR_DEF) * monitorCount);
ZeroMemory(monitorDefArray, sizeof(MONITOR_DEF) * monitorCount);
monitorDefArray = (MONITOR_DEF*) calloc(monitorCount, sizeof(MONITOR_DEF));
if (!monitorDefArray)
return FALSE;
for (index = 0; index < monitorCount; index++)
{
@ -1657,7 +1658,7 @@ BOOL gcc_read_client_monitor_extended_data(wStream* s, rdpMcs* mcs, UINT16 block
UINT32 monitorAttributeSize;
MONITOR_ATTRIBUTES* monitorAttributesArray;
if (blockLength < 8)
if (blockLength < 12)
return FALSE;
Stream_Read_UINT32(s, flags); /* flags */
@ -1667,11 +1668,12 @@ BOOL gcc_read_client_monitor_extended_data(wStream* s, rdpMcs* mcs, UINT16 block
if (monitorAttributeSize != 20)
return FALSE;
if (blockLength < (12 + (monitorCount * monitorAttributeSize)))
if ((blockLength - 12) / monitorAttributeSize < monitorCount)
return FALSE;
monitorAttributesArray = (MONITOR_ATTRIBUTES*) malloc(sizeof(MONITOR_ATTRIBUTES) * monitorCount);
ZeroMemory(monitorAttributesArray, sizeof(MONITOR_ATTRIBUTES) * monitorCount);
monitorAttributesArray = (MONITOR_ATTRIBUTES*) calloc(monitorCount, sizeof(MONITOR_ATTRIBUTES));
if (!monitorAttributesArray)
return FALSE;
for (index = 0; index < monitorCount; index++)
{

5
libfreerdp/core/input.c
View File

@ -498,7 +498,7 @@ BOOL input_recv(rdpInput* input, wStream* s)
return TRUE;
}
void input_register_client_callbacks(rdpInput* input)
BOOL input_register_client_callbacks(rdpInput* input)
{
rdpSettings* settings = input->context->settings;
@ -528,7 +528,10 @@ void input_register_client_callbacks(rdpInput* input)
if (input->asynchronous)
{
input->proxy = input_message_proxy_new(input);
if (!input->proxy)
return FALSE;
}
return TRUE;
}
BOOL freerdp_input_send_synchronize_event(rdpInput* input, UINT32 flags)

2
libfreerdp/core/input.h
View File

@ -53,7 +53,7 @@ BOOL input_send_fastpath_extended_mouse_event(rdpInput* input, UINT16 flags, UIN
BOOL input_recv(rdpInput* input, wStream* s);
int input_process_events(rdpInput* input);
void input_register_client_callbacks(rdpInput* input);
BOOL input_register_client_callbacks(rdpInput* input);
rdpInput* input_new(rdpRdp* rdp);
void input_free(rdpInput* input);

94
libfreerdp/core/license.c
View File

@ -423,6 +423,8 @@ BOOL license_get_server_rsa_public_key(rdpLicense* license)
CopyMemory(license->Exponent, Exponent, 4);
license->ModulusLength = ModulusLength;
license->Modulus = (BYTE*) malloc(ModulusLength);
if (!license->Modulus)
return FALSE;
CopyMemory(license->Modulus, Modulus, ModulusLength);
return TRUE;
}
@ -501,19 +503,24 @@ BOOL license_read_product_info(wStream* s, LICENSE_PRODUCT_INFO* productInfo)
return FALSE;
productInfo->pbCompanyName = (BYTE*) malloc(productInfo->cbCompanyName);
if (!productInfo->pbCompanyName)
return FALSE;
Stream_Read(s, productInfo->pbCompanyName, productInfo->cbCompanyName);
Stream_Read_UINT32(s, productInfo->cbProductId); /* cbProductId (4 bytes) */
if (Stream_GetRemainingLength(s) < productInfo->cbProductId)
{
free(productInfo->pbCompanyName);
productInfo->pbCompanyName = NULL;
return FALSE;
}
goto out_fail;
productInfo->pbProductId = (BYTE*) malloc(productInfo->cbProductId);
if (!productInfo->pbProductId)
goto out_fail;
Stream_Read(s, productInfo->pbProductId, productInfo->cbProductId);
return TRUE;
out_fail:
free(productInfo->pbCompanyName);
productInfo->pbCompanyName = NULL;
return FALSE;
}
/**
@ -526,6 +533,8 @@ LICENSE_PRODUCT_INFO* license_new_product_info()
{
LICENSE_PRODUCT_INFO* productInfo;
productInfo = (LICENSE_PRODUCT_INFO*) malloc(sizeof(LICENSE_PRODUCT_INFO));
if (!productInfo)
return NULL;
productInfo->dwVersion = 0;
productInfo->cbCompanyName = 0;
productInfo->pbCompanyName = NULL;
@ -584,6 +593,8 @@ BOOL license_read_binary_blob(wStream* s, LICENSE_BLOB* blob)
blob->type = wBlobType;
blob->data = (BYTE*) malloc(blob->length);
if (!blob->data)
return FALSE;
Stream_Read(s, blob->data, blob->length); /* blobData */
return TRUE;
}
@ -640,10 +651,9 @@ BOOL license_write_encrypted_premaster_secret_blob(wStream* s, LICENSE_BLOB* blo
LICENSE_BLOB* license_new_binary_blob(UINT16 type)
{
LICENSE_BLOB* blob;
blob = (LICENSE_BLOB*) malloc(sizeof(LICENSE_BLOB));
blob->type = type;
blob->length = 0;
blob->data = NULL;
blob = (LICENSE_BLOB*) calloc(1, sizeof(LICENSE_BLOB));
if (blob)
blob->type = type;
return blob;
}
@ -684,6 +694,8 @@ BOOL license_read_scope_list(wStream* s, SCOPE_LIST* scopeList)
scopeList->count = scopeCount;
scopeList->array = (LICENSE_BLOB*) malloc(sizeof(LICENSE_BLOB) * scopeCount);
if (!scopeList->array)
return FALSE;
/* ScopeArray */
for (i = 0; i < scopeCount; i++)
@ -705,11 +717,7 @@ BOOL license_read_scope_list(wStream* s, SCOPE_LIST* scopeList)
SCOPE_LIST* license_new_scope_list()
{
SCOPE_LIST* scopeList;
scopeList = (SCOPE_LIST*) malloc(sizeof(SCOPE_LIST));
scopeList->count = 0;
scopeList->array = NULL;
return scopeList;
return (SCOPE_LIST*) calloc(1, sizeof(SCOPE_LIST));
}
/**
@ -722,6 +730,9 @@ void license_free_scope_list(SCOPE_LIST* scopeList)
{
UINT32 i;
if (!scopeList)
return;
/*
* We must NOT call license_free_binary_blob() on each scopelist->array[i] element,
* because scopelist->array was allocated at once, by a single call to malloc. The elements
@ -1093,29 +1104,44 @@ BOOL license_send_valid_client_error_packet(rdpLicense* license)
rdpLicense* license_new(rdpRdp* rdp)
{
rdpLicense* license;
license = (rdpLicense*) malloc(sizeof(rdpLicense));
license = (rdpLicense*) calloc(1, sizeof(rdpLicense));
if (!license)
return NULL;
if (license != NULL)
{
ZeroMemory(license, sizeof(rdpLicense));
license->rdp = rdp;
license->state = LICENSE_STATE_AWAIT;
license->certificate = certificate_new();
license->ProductInfo = license_new_product_info();
license->ErrorInfo = license_new_binary_blob(BB_ERROR_BLOB);
license->KeyExchangeList = license_new_binary_blob(BB_KEY_EXCHG_ALG_BLOB);
license->ServerCertificate = license_new_binary_blob(BB_CERTIFICATE_BLOB);
license->ClientUserName = license_new_binary_blob(BB_CLIENT_USER_NAME_BLOB);
license->ClientMachineName = license_new_binary_blob(BB_CLIENT_MACHINE_NAME_BLOB);
license->PlatformChallenge = license_new_binary_blob(BB_ANY_BLOB);
license->EncryptedPlatformChallenge = license_new_binary_blob(BB_ANY_BLOB);
license->EncryptedPremasterSecret = license_new_binary_blob(BB_ANY_BLOB);
license->EncryptedHardwareId = license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB);
license->ScopeList = license_new_scope_list();
license_generate_randoms(license);
}
license->rdp = rdp;
license->state = LICENSE_STATE_AWAIT;
if (!(license->certificate = certificate_new()))
goto out_error;
if (!(license->ProductInfo = license_new_product_info()))
goto out_error;
if (!(license->ErrorInfo = license_new_binary_blob(BB_ERROR_BLOB)))
goto out_error;
if (!(license->KeyExchangeList = license_new_binary_blob(BB_KEY_EXCHG_ALG_BLOB)))
goto out_error;
if (!(license->ServerCertificate = license_new_binary_blob(BB_CERTIFICATE_BLOB)))
goto out_error;
if (!(license->ClientUserName = license_new_binary_blob(BB_CLIENT_USER_NAME_BLOB)))
goto out_error;
if (!(license->ClientMachineName = license_new_binary_blob(BB_CLIENT_MACHINE_NAME_BLOB)))
goto out_error;
if (!(license->PlatformChallenge = license_new_binary_blob(BB_ANY_BLOB)))
goto out_error;
if (!(license->EncryptedPlatformChallenge = license_new_binary_blob(BB_ANY_BLOB)))
goto out_error;
if (!(license->EncryptedPremasterSecret = license_new_binary_blob(BB_ANY_BLOB)))
goto out_error;
if (!(license->EncryptedHardwareId = license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
goto out_error;
if (!(license->ScopeList = license_new_scope_list()))
goto out_error;
license_generate_randoms(license);
return license;
out_error:
license_free(license);
return NULL;
}
/**

12
libfreerdp/core/message.c
View File

@ -2770,15 +2770,13 @@ rdpInputProxy* input_message_proxy_new(rdpInput* input)
{
rdpInputProxy* proxy;
proxy = (rdpInputProxy*) malloc(sizeof(rdpInputProxy));
proxy = (rdpInputProxy*) calloc(1, sizeof(rdpInputProxy));
if (proxy)
{
ZeroMemory(proxy, sizeof(rdpInputProxy));
if (!proxy)
return NULL;
proxy->input = input;
input_message_proxy_register(proxy, input);
}
proxy->input = input;
input_message_proxy_register(proxy, input);
return proxy;
}

8
libfreerdp/core/multitransport.c
View File

@ -43,13 +43,7 @@ int rdp_recv_multitransport_packet(rdpRdp* rdp, wStream* s)
rdpMultitransport* multitransport_new(void)
{
rdpMultitransport* multitransport = (rdpMultitransport*)malloc(sizeof(rdpMultitransport));
if (multitransport)
{
memset(multitransport, 0, sizeof(rdpMultitransport));
}
return multitransport;
return (rdpMultitransport*)calloc(1, sizeof(rdpMultitransport));
}
void multitransport_free(rdpMultitransport* multitransport)

90
libfreerdp/core/nla.c
View File

@ -883,31 +883,47 @@ BOOL nla_read_ts_password_creds(rdpNla* nla, wStream* s)
}
/* TSPasswordCreds (SEQUENCE) */
ber_read_sequence_tag(s, &length);
if (!ber_read_sequence_tag(s, &length) ||
/* [0] domainName (OCTET STRING) */
!ber_read_contextual_tag(s, 0, &length, TRUE) ||
!ber_read_octet_string_tag(s, &length))
{
return FALSE;
}
/* [0] domainName (OCTET STRING) */
ber_read_contextual_tag(s, 0, &length, TRUE);
ber_read_octet_string_tag(s, &length);
nla->identity->DomainLength = (UINT32) length;
nla->identity->Domain = (UINT16*) malloc(length);
if (!nla->identity->Domain)
return FALSE;
CopyMemory(nla->identity->Domain, Stream_Pointer(s), nla->identity->DomainLength);
Stream_Seek(s, nla->identity->DomainLength);
nla->identity->DomainLength /= 2;
/* [1] userName (OCTET STRING) */
ber_read_contextual_tag(s, 1, &length, TRUE);
ber_read_octet_string_tag(s, &length);
if (!ber_read_contextual_tag(s, 1, &length, TRUE) ||
!ber_read_octet_string_tag(s, &length))
{
return FALSE;
}
nla->identity->UserLength = (UINT32) length;
nla->identity->User = (UINT16*) malloc(length);
if (!nla->identity->User)
return FALSE;
CopyMemory(nla->identity->User, Stream_Pointer(s), nla->identity->UserLength);
Stream_Seek(s, nla->identity->UserLength);
nla->identity->UserLength /= 2;
/* [2] password (OCTET STRING) */
ber_read_contextual_tag(s, 2, &length, TRUE);
ber_read_octet_string_tag(s, &length);
if (!ber_read_contextual_tag(s, 2, &length, TRUE) ||
!ber_read_octet_string_tag(s, &length))
{
return FALSE;
}
nla->identity->PasswordLength = (UINT32) length;
nla->identity->Password = (UINT16*) malloc(length);
if (!nla->identity->Password)
return FALSE;
CopyMemory(nla->identity->Password, Stream_Pointer(s), nla->identity->PasswordLength);
Stream_Seek(s, nla->identity->PasswordLength);
nla->identity->PasswordLength /= 2;
@ -951,10 +967,10 @@ int nla_sizeof_ts_credentials(rdpNla* nla)
static BOOL nla_read_ts_credentials(rdpNla* nla, PSecBuffer ts_credentials)
{
BOOL rc;
wStream* s;
int length;
int ts_password_creds_length;
BOOL ret;
s = Stream_New(ts_credentials->pvBuffer, ts_credentials->cbBuffer);
@ -965,21 +981,21 @@ static BOOL nla_read_ts_credentials(rdpNla* nla, PSecBuffer ts_credentials)
}
/* TSCredentials (SEQUENCE) */
ber_read_sequence_tag(s, &length);
/* TSCredentials (SEQUENCE) */
ret = ber_read_sequence_tag(s, &length) &&
/* [0] credType (INTEGER) */
ber_read_contextual_tag(s, 0, &length, TRUE);
ber_read_integer(s, NULL);
/* [0] credType (INTEGER) */
ber_read_contextual_tag(s, 0, &length, TRUE) &&
ber_read_integer(s, NULL) &&
/* [1] credentials (OCTET STRING) */
ber_read_contextual_tag(s, 1, &length, TRUE);
ber_read_octet_string_tag(s, &ts_password_creds_length);
/* [1] credentials (OCTET STRING) */
ber_read_contextual_tag(s, 1, &length, TRUE) &&
ber_read_octet_string_tag(s, &ts_password_creds_length) &&
rc = nla_read_ts_password_creds(nla, s);
nla_read_ts_password_creds(nla, s);
Stream_Free(s, FALSE);
return rc;
return ret;
}
int nla_write_ts_credentials(rdpNla* nla, wStream* s)
@ -1474,6 +1490,7 @@ rdpNla* nla_new(freerdp* instance, rdpTransport* transport, rdpSettings* setting
nla->transport = transport;
nla->sendSeqNum = 0;
nla->recvSeqNum = 0;
ZeroMemory(&nla->negoToken, sizeof(SecBuffer));
ZeroMemory(&nla->pubKeyAuth, sizeof(SecBuffer));
ZeroMemory(&nla->authInfo, sizeof(SecBuffer));
@ -1482,24 +1499,29 @@ rdpNla* nla_new(freerdp* instance, rdpTransport* transport, rdpSettings* setting
if (nla->server)
{
status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("Software\\FreeRDP\\Server"),
0, KEY_READ | KEY_WOW64_64KEY, &hKey);
0, KEY_READ | KEY_WOW64_64KEY, &hKey);
if (status != ERROR_SUCCESS)
return nla;
status = RegQueryValueEx(hKey, _T("SspiModule"), NULL, &dwType, NULL, &dwSize);
if (status != ERROR_SUCCESS)
return nla;
nla->SspiModule = (LPTSTR) malloc(dwSize + sizeof(TCHAR));
if (!nla->SspiModule)
{
free(nla);
return NULL;
}
status = RegQueryValueEx(hKey, _T("SspiModule"), NULL, &dwType,
(BYTE*) nla->SspiModule, &dwSize);
if (status == ERROR_SUCCESS)
{
status = RegQueryValueEx(hKey, _T("SspiModule"), NULL, &dwType, NULL, &dwSize);
if (status == ERROR_SUCCESS)
{
nla->SspiModule = (LPTSTR) malloc(dwSize + sizeof(TCHAR));
status = RegQueryValueEx(hKey, _T("SspiModule"), NULL, &dwType,
(BYTE*) nla->SspiModule, &dwSize);
if (status == ERROR_SUCCESS)
{
WLog_INFO(TAG, "Using SSPI Module: %s", nla->SspiModule);
RegCloseKey(hKey);
}
}
WLog_INFO(TAG, "Using SSPI Module: %s", nla->SspiModule);
RegCloseKey(hKey);
}
}

4
libfreerdp/core/orders.c
View File

@ -2280,6 +2280,8 @@ BOOL update_read_cache_glyph_order(wStream* s, CACHE_GLYPH_ORDER* cache_glyph_or
return FALSE;
glyph->aj = (BYTE*) malloc(glyph->cb);
if (!glyph->aj)
return FALSE;
Stream_Read(s, glyph->aj, glyph->cb);
}
@ -2370,6 +2372,8 @@ BOOL update_read_cache_glyph_v2_order(wStream* s, CACHE_GLYPH_V2_ORDER* cache_gl
return FALSE;
glyph->aj = (BYTE*) malloc(glyph->cb);
if (!glyph->aj)
return FALSE;
Stream_Read(s, glyph->aj, glyph->cb);
}

6
libfreerdp/core/redirection.c
View File

@ -253,6 +253,8 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
return -1;
redirection->LoadBalanceInfo = (BYTE*) malloc(redirection->LoadBalanceInfoLength);
if (!redirection->LoadBalanceInfo)
return -1;
Stream_Read(s, redirection->LoadBalanceInfo, redirection->LoadBalanceInfoLength);
WLog_DBG(TAG, "loadBalanceInfo:");
@ -283,6 +285,8 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
Stream_Read_UINT32(s, redirection->PasswordLength);
redirection->Password = (BYTE*) malloc(redirection->PasswordLength);
if (!redirection->Password)
return -1;
Stream_Read(s, redirection->Password, redirection->PasswordLength);
WLog_DBG(TAG, "PasswordCookie:");
@ -316,6 +320,8 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
return -1;
redirection->TsvUrl = (BYTE*) malloc(redirection->TsvUrlLength);
if (!redirection->TsvUrl)
return -1;
Stream_Read(s, redirection->TsvUrl, redirection->TsvUrlLength);
WLog_DBG(TAG, "TsvUrl:");

41
libfreerdp/core/server.c
View File

@ -852,6 +852,11 @@ BOOL WINAPI FreeRDP_WTSQuerySessionInformationA(HANDLE hServer, DWORD SessionId,
BytesReturned = sizeof(ULONG);
pBuffer = (ULONG*) malloc(sizeof(BytesReturned));
if (!pBuffer)
{
SetLastError(E_OUTOFMEMORY);
return FALSE;
}
*pBuffer = vcm->SessionId;
@ -1212,7 +1217,10 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer,
length = Length;
buffer = (BYTE *)malloc(length);
if (!buffer)
{
SetLastError(E_OUTOFMEMORY);
return FALSE;
}
CopyMemory(buffer, Buffer, length);
ret = wts_queue_send_item(channel, buffer, length);
@ -1232,6 +1240,7 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer,
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
SetLastError(E_OUTOFMEMORY);
return FALSE;
}
@ -1309,16 +1318,26 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelQuery(HANDLE hChannelHandle, WTS_VIRTUAL_CL
}
*ppBuffer = malloc(sizeof(void*));
CopyMemory(*ppBuffer, &fds[0], sizeof(void*));
*pBytesReturned = sizeof(void*);
status = TRUE;
if (!*ppBuffer)
{
SetLastError(E_OUTOFMEMORY);
} else {
CopyMemory(*ppBuffer, &fds[0], sizeof(void*));
*pBytesReturned = sizeof(void*);
status = TRUE;
}
break;
case WTSVirtualEventHandle:
*ppBuffer = malloc(sizeof(HANDLE));
CopyMemory(*ppBuffer, &(hEvent), sizeof(HANDLE));
*pBytesReturned = sizeof(void*);
status = TRUE;
if (!*ppBuffer)
{
SetLastError(E_OUTOFMEMORY);
} else {
CopyMemory(*ppBuffer, &(hEvent), sizeof(HANDLE));
*pBytesReturned = sizeof(void*);
status = TRUE;
}
break;
case WTSVirtualChannelReady:
@ -1349,8 +1368,14 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelQuery(HANDLE hChannelHandle, WTS_VIRTUAL_CL
}
*ppBuffer = malloc(sizeof(BOOL));
CopyMemory(*ppBuffer, &bval, sizeof(BOOL));
*pBytesReturned = sizeof(BOOL);
if (!*ppBuffer)
{
SetLastError(E_OUTOFMEMORY);
status = FALSE;
} else {
CopyMemory(*ppBuffer, &bval, sizeof(BOOL));
*pBytesReturned = sizeof(BOOL);
}
break;
default:

23
libfreerdp/core/settings.c
View File

@ -193,15 +193,19 @@ void settings_load_hkey_local_machine(rdpSettings* settings)
settings_client_load_hkey_local_machine(settings);
}
void settings_get_computer_name(rdpSettings* settings)
BOOL settings_get_computer_name(rdpSettings* settings)
{
DWORD nSize = 0;
DWORD nSize = MAX_COMPUTERNAME_LENGTH + 1;
TCHAR computerName[MAX_COMPUTERNAME_LENGTH + 1];
GetComputerNameExA(ComputerNameNetBIOS, NULL, &nSize);
settings->ComputerName = (char*) malloc(nSize);
if (!GetComputerNameExA(ComputerNameNetBIOS, computerName, &nSize))
return FALSE;
settings->ComputerName = _strdup(computerName);
if (!settings->ComputerName)
return;
GetComputerNameExA(ComputerNameNetBIOS, settings->ComputerName, &nSize);
return FALSE;
return TRUE;
}
rdpSettings* freerdp_settings_new(DWORD flags)
@ -290,7 +294,8 @@ rdpSettings* freerdp_settings_new(DWORD flags)
if(!settings->MonitorIds)
goto out_fail;
settings_get_computer_name(settings);
if (!settings_get_computer_name(settings))
goto out_fail;
settings->ReceivedCapabilities = calloc(1, 32);
if (!settings->ReceivedCapabilities)
@ -685,7 +690,11 @@ rdpSettings* freerdp_settings_clone(rdpSettings* settings)
CopyMemory(_settings->MonitorIds, settings->MonitorIds, 16 * sizeof(UINT32));
_settings->ReceivedCapabilities = malloc(32);
if (!_settings->ReceivedCapabilities)
goto out_fail;
_settings->OrderSupport = malloc(32);
if (!_settings->OrderSupport)
goto out_fail;
if (!_settings->ReceivedCapabilities || !_settings->OrderSupport)
goto out_fail;

1
libfreerdp/core/surface.c
View File

@ -128,6 +128,7 @@ int update_recv_surfcmds(rdpUpdate* update, UINT32 size, wStream* s)
if (update->dump_rfx)
{
/* TODO: treat return values */
pcap_add_record(update->pcap_rfx, mark, cmdLength + 2);
pcap_flush(update->pcap_rfx);
}

2
libfreerdp/core/update.c
View File

@ -1816,6 +1816,8 @@ BOOL update_read_refresh_rect(rdpUpdate* update, wStream* s)
return FALSE;
areas = (RECTANGLE_16*) malloc(sizeof(RECTANGLE_16) * numberOfAreas);
if (!areas)
return FALSE;
for (index = 0; index < numberOfAreas; index++)
{

13
libfreerdp/core/window.c
View File

@ -124,7 +124,11 @@ BOOL update_read_icon_info(wStream* s, ICON_INFO* iconInfo)
if (iconInfo->colorTable == NULL)
{
if (iconInfo->cbColorTable)
{
iconInfo->colorTable = (BYTE*) malloc(iconInfo->cbColorTable);
if (!iconInfo->colorTable)
return FALSE;
}
}
else if (iconInfo->cbColorTable)
{
@ -292,6 +296,8 @@ BOOL update_read_window_state_order(wStream* s, WINDOW_ORDER_INFO* orderInfo, WI
size = sizeof(RECTANGLE_16) * windowState->numWindowRects;
windowState->windowRects = (RECTANGLE_16*) malloc(size);
if (!windowState->windowRects)
return FALSE;
if (Stream_GetRemainingLength(s) < 8 * windowState->numWindowRects)
return FALSE;
@ -324,6 +330,8 @@ BOOL update_read_window_state_order(wStream* s, WINDOW_ORDER_INFO* orderInfo, WI
size = sizeof(RECTANGLE_16) * windowState->numVisibilityRects;
windowState->visibilityRects = (RECTANGLE_16*) malloc(size);
if (!windowState->visibilityRects)
return FALSE;
if (Stream_GetRemainingLength(s) < windowState->numVisibilityRects * 8)
return FALSE;
@ -342,8 +350,9 @@ BOOL update_read_window_state_order(wStream* s, WINDOW_ORDER_INFO* orderInfo, WI
BOOL update_read_window_icon_order(wStream* s, WINDOW_ORDER_INFO* orderInfo, WINDOW_ICON_ORDER* window_icon)
{
window_icon->iconInfo = (ICON_INFO*) malloc(sizeof(ICON_INFO));
ZeroMemory(window_icon->iconInfo, sizeof(ICON_INFO));
window_icon->iconInfo = (ICON_INFO*) calloc(1, sizeof(ICON_INFO));
if (!window_icon->iconInfo)
return FALSE;
return update_read_icon_info(s, window_icon->iconInfo); /* iconInfo (ICON_INFO) */
}

2
libfreerdp/crypto/base64.c
View File

@ -125,6 +125,8 @@ static void* base64_decode(const char* s, int length, int* data_len)
return NULL;
q = data = (BYTE*) malloc(length / 4 * 3);
if (!q)
return NULL;
/* first treat complete blocks */
nBlocks = (length / 4);

1
libfreerdp/crypto/certificate.c
View File

@ -325,7 +325,6 @@ BOOL certificate_data_replace(rdpCertificateStore* certificate_store,
if (!fp)
return FALSE;
/* Read the current contents of the file. */
fseek(fp, 0, SEEK_END);
size = ftell(fp);

21
libfreerdp/crypto/crypto.c
View File

@ -231,6 +231,11 @@ BOOL crypto_cert_get_public_key(CryptoCert cert, BYTE** PublicKey, DWORD* Public
*PublicKeyLength = (DWORD) length;
*PublicKey = (BYTE*) malloc(length);
ptr = (BYTE*) (*PublicKey);
if (!ptr)
{
status = FALSE;
goto exit;
}
i2d_PublicKey(pkey, &ptr);
@ -380,9 +385,9 @@ char* crypto_print_name(X509_NAME* name)
if (X509_NAME_print_ex(outBIO, name, 0, XN_FLAG_ONELINE) > 0)
{
unsigned long size = BIO_number_written(outBIO);
buffer = malloc(size + 1);
ZeroMemory(buffer, size + 1);
memset(buffer, 0, size + 1);
buffer = calloc(1, size + 1);
if (!buffer)
return NULL;
BIO_read(outBIO, buffer, size);
}
@ -471,7 +476,15 @@ char** crypto_cert_subject_alt_name(X509* xcert, int* count, int** lengths)
if (num_subject_alt_names)
{
strings = (char**) malloc(sizeof(char*) * num_subject_alt_names);
if (!strings)
goto out;
*lengths = (int*) malloc(sizeof(int) * num_subject_alt_names);
if (!*lengths)
{
free(strings);
goto out;
}
}
for (index = 0; index < num_subject_alt_names; ++index)
@ -494,6 +507,8 @@ char** crypto_cert_subject_alt_name(X509* xcert, int* count, int** lengths)
*lengths = NULL ;
return NULL;
}
out:
GENERAL_NAMES_free(subject_alt_names);
return strings;

5
libfreerdp/crypto/tls.c
View File

@ -1012,6 +1012,11 @@ int tls_verify_certificate(rdpTls* tls, CryptoCert cert, char* hostname, int por
offset = 0;
length = 2048;
pemCert = (BYTE*) malloc(length + 1);
if (!pemCert)
{
WLog_ERR(TAG, "error allocating pemCert");
return -1;
}
status = BIO_read(bio, pemCert, length);

1
libfreerdp/gdi/dc.c
View File

@ -44,6 +44,7 @@ HGDI_DC gdi_GetDC()
HGDI_DC hDC = (HGDI_DC) malloc(sizeof(GDI_DC));
if (!hDC)
return NULL;
hDC->bytesPerPixel = 4;
hDC->bitsPerPixel = 32;
hDC->drawMode = GDI_R2_BLACK;

2
libfreerdp/gdi/region.c
View File

@ -46,6 +46,7 @@ HGDI_RGN gdi_CreateRectRgn(int nLeftRect, int nTopRect, int nRightRect, int nBot
HGDI_RGN hRgn = (HGDI_RGN) malloc(sizeof(GDI_RGN));
if (!hRgn)
return NULL;
hRgn->objectType = GDIOBJECT_REGION;
hRgn->x = nLeftRect;
hRgn->y = nTopRect;
@ -69,6 +70,7 @@ HGDI_RECT gdi_CreateRect(int xLeft, int yTop, int xRight, int yBottom)
HGDI_RECT hRect = (HGDI_RECT) malloc(sizeof(GDI_RECT));
if (!hRect)
return NULL;
hRect->objectType = GDIOBJECT_RECT;
hRect->left = xLeft;
hRect->top = yTop;

6
libfreerdp/locale/keyboard_x11.c
View File

@ -182,8 +182,10 @@ char* freerdp_detect_keymap_from_xkb()
length = (end - beg);
keymap = (char*) malloc(length + 1);
strncpy(keymap, beg, length);
keymap[length] = '\0';
if (keymap) {
strncpy(keymap, beg, length);
keymap[length] = '\0';
}
break;
}

14
libfreerdp/locale/timezone.c
View File

@ -1541,6 +1541,12 @@ char* freerdp_get_unix_timezone_identifier()
}
tzid = (char*) malloc(length + 1);
if (!tzid)
{
fclose(fp);
return NULL;
}
fread(tzid, length, 1, fp);
tzid[length] = '\0';
@ -1579,6 +1585,9 @@ char* freerdp_get_unix_timezone_identifier()
}
tzid = (char*) malloc(len - pos + 1);
if (!tzid)
return NULL;
strncpy(tzid, buf + pos + 1, len - pos);
return tzid;
@ -1638,10 +1647,13 @@ TIME_ZONE_ENTRY* freerdp_detect_windows_time_zone(UINT32 bias)
if (freerdp_match_unix_timezone_identifier_with_list(tzid, WindowsTimeZoneIdTable[j].tzid))
{
free(tzid);
timezone = (TIME_ZONE_ENTRY*) malloc(sizeof(TIME_ZONE_ENTRY));
if (!timezone)
return NULL;
memcpy((void*) timezone, (void*) &TimeZoneTable[i], sizeof(TIME_ZONE_ENTRY));
timezone->Bias = bias;
free(tzid);
return timezone;
}
}

42
libfreerdp/utils/msusb.c
View File

@ -36,9 +36,7 @@
static MSUSB_PIPE_DESCRIPTOR* msusb_mspipe_new()
{
MSUSB_PIPE_DESCRIPTOR* MsPipe = (MSUSB_PIPE_DESCRIPTOR*) malloc(sizeof(MSUSB_PIPE_DESCRIPTOR));
memset(MsPipe, 0, sizeof(MSUSB_PIPE_DESCRIPTOR));
return MsPipe;
return (MSUSB_PIPE_DESCRIPTOR*) calloc(1, sizeof(MSUSB_PIPE_DESCRIPTOR));
}
static void msusb_mspipes_free(MSUSB_PIPE_DESCRIPTOR** MsPipes, UINT32 NumberOfPipes)
@ -69,11 +67,15 @@ static MSUSB_PIPE_DESCRIPTOR** msusb_mspipes_read(BYTE* data, UINT32 data_size,
int pnum, move = 0;
MSUSB_PIPE_DESCRIPTOR** MsPipes;
MsPipes = (MSUSB_PIPE_DESCRIPTOR**) malloc(NumberOfPipes * sizeof(MSUSB_PIPE_DESCRIPTOR*));
MsPipes = (MSUSB_PIPE_DESCRIPTOR**) calloc(NumberOfPipes, sizeof(MSUSB_PIPE_DESCRIPTOR*));
if (!MsPipes)
return NULL;
for (pnum = 0; pnum < NumberOfPipes; pnum++)
{
MSUSB_PIPE_DESCRIPTOR * MsPipe = msusb_mspipe_new();
MSUSB_PIPE_DESCRIPTOR *MsPipe = msusb_mspipe_new();
if (!MsPipe)
goto out_error;
data_read_UINT16(data + move, MsPipe->MaximumPacketSize);
data_read_UINT32(data + move + 4, MsPipe->MaximumTransferSize);
@ -92,13 +94,19 @@ static MSUSB_PIPE_DESCRIPTOR** msusb_mspipes_read(BYTE* data, UINT32 data_size,
*offset += move;
return MsPipes;
out_error:
for (pnum = 0; pnum < NumberOfPipes; pnum++)
{
free(MsPipes[pnum]);
}
free(MsPipes);
return NULL;
}
static MSUSB_INTERFACE_DESCRIPTOR* msusb_msinterface_new()
{
MSUSB_INTERFACE_DESCRIPTOR* MsInterface = (MSUSB_INTERFACE_DESCRIPTOR*) malloc(sizeof(MSUSB_INTERFACE_DESCRIPTOR));
memset(MsInterface, 0, sizeof(MSUSB_INTERFACE_DESCRIPTOR));
return MsInterface;
return (MSUSB_INTERFACE_DESCRIPTOR*) calloc(1, sizeof(MSUSB_INTERFACE_DESCRIPTOR));
}
static void msusb_msinterface_free(MSUSB_INTERFACE_DESCRIPTOR* MsInterface)
@ -137,6 +145,8 @@ MSUSB_INTERFACE_DESCRIPTOR* msusb_msinterface_read(BYTE* data, UINT32 data_size,
MSUSB_INTERFACE_DESCRIPTOR* MsInterface;
MsInterface = msusb_msinterface_new();
if (!MsInterface)
return NULL;
data_read_UINT16(data, MsInterface->Length);
data_read_UINT16(data + 2, MsInterface->NumberOfPipesExpected);
@ -156,9 +166,15 @@ MSUSB_INTERFACE_DESCRIPTOR* msusb_msinterface_read(BYTE* data, UINT32 data_size,
{
MsInterface->MsPipes =
msusb_mspipes_read(data+(*offset), data_size-(*offset), MsInterface->NumberOfPipes, offset);
if (!MsInterface->MsPipes)
goto out_error;
}
return MsInterface;
out_error:
msusb_msinterface_free(MsInterface);
return NULL;
}
int msusb_msinterface_write(MSUSB_INTERFACE_DESCRIPTOR* MsInterface, BYTE* data, int* offset)
@ -219,7 +235,9 @@ static MSUSB_INTERFACE_DESCRIPTOR** msusb_msinterface_read_list(BYTE * data, UIN
int inum, offset = 0;
MSUSB_INTERFACE_DESCRIPTOR** MsInterfaces;
MsInterfaces = (MSUSB_INTERFACE_DESCRIPTOR**) malloc(NumInterfaces * sizeof(MSUSB_INTERFACE_DESCRIPTOR*));
MsInterfaces = (MSUSB_INTERFACE_DESCRIPTOR**) calloc(NumInterfaces, sizeof(MSUSB_INTERFACE_DESCRIPTOR*));
if (!MsInterfaces)
return NULL;
for (inum = 0; inum < NumInterfaces; inum++)
{
@ -257,11 +275,7 @@ int msusb_msconfig_write(MSUSB_CONFIG_DESCRIPTOR* MsConfg, BYTE* data, int* offs
MSUSB_CONFIG_DESCRIPTOR* msusb_msconfig_new()
{
MSUSB_CONFIG_DESCRIPTOR* MsConfig = NULL;
MsConfig = (MSUSB_CONFIG_DESCRIPTOR*) malloc(sizeof(MSUSB_CONFIG_DESCRIPTOR));
memset(MsConfig, 0, sizeof(MSUSB_CONFIG_DESCRIPTOR));
return MsConfig;
return (MSUSB_CONFIG_DESCRIPTOR*) calloc(1, sizeof(MSUSB_CONFIG_DESCRIPTOR));
}
void msusb_msconfig_free(MSUSB_CONFIG_DESCRIPTOR* MsConfig)

112
libfreerdp/utils/pcap.c
View File

@ -52,19 +52,19 @@ int gettimeofday(struct timeval* tp, void* tz)
#define PCAP_MAGIC 0xA1B2C3D4
void pcap_read_header(rdpPcap* pcap, pcap_header* header)
BOOL pcap_read_header(rdpPcap* pcap, pcap_header* header)
{
fread((void*) header, sizeof(pcap_header), 1, pcap->fp);
return fread((void*) header, sizeof(pcap_header), 1, pcap->fp) == 1;
}
void pcap_write_header(rdpPcap* pcap, pcap_header* header)
BOOL pcap_write_header(rdpPcap* pcap, pcap_header* header)
{
fwrite((void*) header, sizeof(pcap_header), 1, pcap->fp);
return fwrite((void*) header, sizeof(pcap_header), 1, pcap->fp) == 1;
}
void pcap_read_record_header(rdpPcap* pcap, pcap_record_header* record)
BOOL pcap_read_record_header(rdpPcap* pcap, pcap_record_header* record)
{
fread((void*) record, sizeof(pcap_record_header), 1, pcap->fp);
return fread((void*) record, sizeof(pcap_record_header), 1, pcap->fp) > 0;
}
void pcap_write_record_header(rdpPcap* pcap, pcap_record_header* record)
@ -72,12 +72,23 @@ void pcap_write_record_header(rdpPcap* pcap, pcap_record_header* record)
fwrite((void*) record, sizeof(pcap_record_header), 1, pcap->fp);
}
void pcap_read_record(rdpPcap* pcap, pcap_record* record)
BOOL pcap_read_record(rdpPcap* pcap, pcap_record* record)
{
pcap_read_record_header(pcap, &record->header);
if (!pcap_read_record_header(pcap, &record->header))
return FALSE;
record->length = record->header.incl_len;
record->data = malloc(record->length);
fread(record->data, record->length, 1, pcap->fp);
if (!record->data)
return FALSE;
if (!fread(record->data, record->length, 1, pcap->fp))
{
free(record->data);
record->data = NULL;
return FALSE;
}
return TRUE;
}
void pcap_write_record(rdpPcap* pcap, pcap_record* record)
@ -86,15 +97,16 @@ void pcap_write_record(rdpPcap* pcap, pcap_record* record)
fwrite(record->data, record->length, 1, pcap->fp);
}
void pcap_add_record(rdpPcap* pcap, void* data, UINT32 length)
BOOL pcap_add_record(rdpPcap* pcap, void* data, UINT32 length)
{
pcap_record* record;
struct timeval tp;
if (pcap->tail == NULL)
{
pcap->tail = (pcap_record*) malloc(sizeof(pcap_record));
ZeroMemory(pcap->tail, sizeof(pcap_record));
pcap->tail = (pcap_record*) calloc(1, sizeof(pcap_record));
if (!pcap->tail)
return FALSE;
pcap->head = pcap->tail;
pcap->record = pcap->head;
@ -102,8 +114,9 @@ void pcap_add_record(rdpPcap* pcap, void* data, UINT32 length)
}
else
{
record = (pcap_record*) malloc(sizeof(pcap_record));
ZeroMemory(record, sizeof(pcap_record));
record = (pcap_record*) calloc(1, sizeof(pcap_record));
if (!record)
return FALSE;
pcap->tail->next = record;
pcap->tail = record;
@ -120,6 +133,7 @@ void pcap_add_record(rdpPcap* pcap, void* data, UINT32 length)
gettimeofday(&tp, 0);
record->header.ts_sec = tp.tv_sec;
record->header.ts_usec = tp.tv_usec;
return TRUE;
}
BOOL pcap_has_next_record(rdpPcap* pcap)
@ -143,18 +157,13 @@ BOOL pcap_get_next_record_header(rdpPcap* pcap, pcap_record* record)
BOOL pcap_get_next_record_content(rdpPcap* pcap, pcap_record* record)
{
fread(record->data, record->length, 1, pcap->fp);
return TRUE;
return fread(record->data, record->length, 1, pcap->fp) == 1;
}
BOOL pcap_get_next_record(rdpPcap* pcap, pcap_record* record)
{
if (pcap_has_next_record(pcap) != TRUE)
return FALSE;
pcap_read_record(pcap, record);
return TRUE;
return pcap_has_next_record(pcap) &&
pcap_read_record(pcap, record);
}
rdpPcap* pcap_open(char* name, BOOL write)
@ -169,38 +178,43 @@ rdpPcap* pcap_open(char* name, BOOL write)
return NULL;
}
pcap = (rdpPcap*) malloc(sizeof(rdpPcap));
pcap = (rdpPcap*) calloc(1, sizeof(rdpPcap));
if (!pcap)
goto fail_close;
if (pcap != NULL)
pcap->name = name;
pcap->write = write;
pcap->record_count = 0;
pcap->fp = pcap_fp;
if (write)
{
ZeroMemory(pcap, sizeof(rdpPcap));
pcap->name = name;
pcap->write = write;
pcap->record_count = 0;
pcap->fp = pcap_fp;
if (write)
{
pcap->header.magic_number = 0xA1B2C3D4;
pcap->header.version_major = 2;
pcap->header.version_minor = 4;
pcap->header.thiszone = 0;
pcap->header.sigfigs = 0;
pcap->header.snaplen = 0xFFFFFFFF;
pcap->header.network = 0;
pcap_write_header(pcap, &pcap->header);
}
else
{
fseek(pcap->fp, 0, SEEK_END);
pcap->file_size = (int) ftell(pcap->fp);
fseek(pcap->fp, 0, SEEK_SET);
pcap_read_header(pcap, &pcap->header);
}
pcap->header.magic_number = 0xA1B2C3D4;
pcap->header.version_major = 2;
pcap->header.version_minor = 4;
pcap->header.thiszone = 0;
pcap->header.sigfigs = 0;
pcap->header.snaplen = 0xFFFFFFFF;
pcap->header.network = 0;
if (!pcap_write_header(pcap, &pcap->header))
goto fail;
}
else
{
fseek(pcap->fp, 0, SEEK_END);
pcap->file_size = (int) ftell(pcap->fp);
fseek(pcap->fp, 0, SEEK_SET);
if (!pcap_read_header(pcap, &pcap->header))
goto fail;
}
return pcap;
fail:
free(pcap);
fail_close:
fclose(pcap_fp);
return NULL;
}
void pcap_flush(rdpPcap* pcap)

7
libfreerdp/utils/profiler.c
View File

@ -34,9 +34,16 @@ PROFILER* profiler_create(char* name)
PROFILER* profiler;
profiler = (PROFILER*) malloc(sizeof(PROFILER));
if (!profiler)
return NULL;
profiler->name = name;
profiler->stopwatch = stopwatch_create();
if (!profiler->stopwatch)
{
free(profiler);
return NULL;
}
return profiler;
}

2
libfreerdp/utils/stopwatch.c
View File

@ -55,6 +55,8 @@ STOPWATCH* stopwatch_create()
#endif
sw = (STOPWATCH*) malloc(sizeof(STOPWATCH));
if (!sw)
return NULL;
stopwatch_reset(sw);
return sw;

4
rdtk/sample/rdtk_x11.c
View File

@ -95,9 +95,13 @@ int main(int argc, char** argv)
XFree(pfs);
engine = rdtk_engine_new();
if (!engine)
return 1;
scanline = width * 4;
buffer = (BYTE*) malloc(scanline * height);
if (!buffer)
return 1;
surface = rdtk_surface_new(engine, buffer, width, height, scanline);

2
server/Mac/mf_event.c
View File

@ -167,6 +167,8 @@ void mf_event_region_free(mfEventRegion* event_region)
mfEvent* mf_event_new(int type)
{
mfEvent* event = malloc(sizeof(mfEvent));
if (!event)
return NULL;
event->type = type;
return event;
}

12
server/Mac/mf_info.c
View File

@ -92,18 +92,20 @@ mfInfo* mf_info_init()
{
mfInfo* mfi;
mfi = (mfInfo*) malloc(sizeof(mfInfo));
memset(mfi, 0, sizeof(mfInfo));
mfi = (mfInfo*) calloc(1, sizeof(mfInfo));
if (mfi != NULL)
{
pthread_mutex_init(&mfi->mutex, NULL);
mfi->peers = (freerdp_peer**) malloc(sizeof(freerdp_peer*) * MF_INFO_MAXPEERS);
memset(mfi->peers, 0, sizeof(freerdp_peer*) * MF_INFO_MAXPEERS);
mfi->peers = (freerdp_peer**) calloc(MF_INFO_MAXPEERS, sizeof(freerdp_peer*));
if (!mfi->peers)
{
free(mfi);
return NULL;
}
mfi->framesPerSecond = MF_INFO_DEFAULT_FPS;
mfi->input_disabled = FALSE;
}

2
server/Mac/mf_mountain_lion.c
View File

@ -155,6 +155,8 @@ int mf_mlion_screen_updates_init()
mf_mlion_display_info(&pixelWidth, &pixelHeight, &scale);
localBuf = malloc(pixelWidth * pixelHeight * 4);
if (!localBuf)
return -1;
CFDictionaryRef opts;

11
server/Windows/wf_mirage.c
View File

@ -54,6 +54,8 @@ BOOL wf_mirror_driver_find_display_device(wfInfo* wfi)
{
deviceKeyLength = _tcslen(deviceInfo.DeviceKey) - deviceKeyPrefixLength;
wfi->deviceKey = (LPTSTR) malloc((deviceKeyLength + 1) * sizeof(TCHAR));
if (!wfi->deviceKey)
return FALSE;
_tcsncpy_s(wfi->deviceKey, deviceKeyLength + 1,
&deviceInfo.DeviceKey[deviceKeyPrefixLength], deviceKeyLength);
@ -210,6 +212,8 @@ BOOL wf_mirror_driver_update(wfInfo* wfi, int mode)
}
deviceMode = (DEVMODE*) malloc(sizeof(DEVMODE) + EXT_DEVMODE_SIZE_MAX);
if (!deviceMode)
return FALSE;
deviceMode->dmDriverExtra = 2 * sizeof(DWORD);
extHdr = (DWORD*)((BYTE*) &deviceMode + sizeof(DEVMODE));
@ -278,8 +282,9 @@ BOOL wf_mirror_driver_map_memory(wfInfo* wfi)
return FALSE;
}
wfi->changeBuffer = malloc(sizeof(GETCHANGESBUF));
ZeroMemory(wfi->changeBuffer, sizeof(GETCHANGESBUF));
wfi->changeBuffer = calloc(1, sizeof(GETCHANGESBUF));
if (!wfi->changeBuffer)
return FALSE;
status = ExtEscape(wfi->driverDC, dmf_esc_usm_pipe_map, 0, 0, sizeof(GETCHANGESBUF), (LPSTR) wfi->changeBuffer);
@ -365,4 +370,4 @@ void wf_mirror_driver_deactivate(wfInfo* wfi)
wf_mirror_driver_update(wfi, MIRROR_UNLOAD);
wfi->mirrorDriverActive = FALSE;
}
}
}

4
server/Windows/wf_settings.c
View File

@ -73,6 +73,8 @@ BOOL wf_settings_read_string_ascii(HKEY key, LPTSTR subkey, LPTSTR name, char**
if (status == ERROR_SUCCESS)
{
strX = (LPTSTR) malloc(dwSize + sizeof(TCHAR));
if (!strX)
return FALSE;
status = RegQueryValueEx(hKey, name, NULL, &dwType, (BYTE*) strX, &dwSize);
if (status != ERROR_SUCCESS)
@ -99,4 +101,4 @@ BOOL wf_settings_read_string_ascii(HKEY key, LPTSTR subkey, LPTSTR name, char**
}
return FALSE;
}
}

5
server/Windows/wf_wasapi.c
View File

@ -131,8 +131,9 @@ int wf_wasapi_get_device_string(LPWSTR pattern, LPWSTR * deviceStr)
WLog_INFO(TAG, "Using sound ouput endpoint: [%s] (%s)", nameVar.pwszVal, pwszID);
//WLog_INFO(TAG, "matched %d characters", wcscmp(pattern, nameVar.pwszVal);
devStrLen = wcslen(pwszID);
*deviceStr = (LPWSTR) malloc((devStrLen * 2) + 2);
ZeroMemory(*deviceStr, (devStrLen * 2) + 2);
*deviceStr = (LPWSTR) calloc(1, (devStrLen * 2) + 2);
if (!deviceStr)
return -1;
wcscpy_s(*deviceStr, devStrLen+1, pwszID);
}
CoTaskMemFree(pwszID);

4
server/shadow/Win/win_rdp.c
View File

@ -157,9 +157,7 @@ BOOL shw_post_connect(freerdp* instance)
instance->update->DesktopResize = shw_desktop_resize;
instance->update->SurfaceFrameMarker = shw_surface_frame_marker;
freerdp_channels_post_connect(instance->context->channels, instance);
return TRUE;
return (freerdp_channels_post_connect(instance->context->channels, instance) >= 0) ;
}
void* shw_client_thread(void* arg)

5
server/shadow/shadow_client.c
View File

@ -683,6 +683,11 @@ int shadow_client_send_bitmap_update(rdpShadowClient* client, rdpShadowSurface*
BITMAP_DATA* fragBitmapData;
fragBitmapData = (BITMAP_DATA*) malloc(sizeof(BITMAP_DATA) * k);
if (!fragBitmapData)
{
free(bitmapData);
return -1;
}
bitmapUpdate.rectangles = fragBitmapData;
i = j = 0;

2
server/shadow/shadow_server.c
View File

@ -88,7 +88,7 @@ int shadow_server_print_command_line_help(int argc, char** argv)
{
length = (int) (strlen(arg->Name) + strlen(arg->Format) + 2);
str = (char*) malloc(length + 1);
if (str)
if (!str)
return -1;
sprintf_s(str, length + 1, "%s:%s", arg->Name, arg->Format);
WLog_INFO(TAG, "%-20s", str);

2
winpr/include/winpr/sysinfo.h
View File

@ -94,6 +94,8 @@ typedef struct _SYSTEM_INFO
WORD wProcessorRevision;
} SYSTEM_INFO, *LPSYSTEM_INFO;
#define MAX_COMPUTERNAME_LENGTH 31
WINPR_API void GetSystemInfo(LPSYSTEM_INFO lpSystemInfo);
WINPR_API void GetNativeSystemInfo(LPSYSTEM_INFO lpSystemInfo);

31
winpr/libwinpr/sspi/NTLM/ntlm.c
View File

@ -33,6 +33,7 @@
#include <winpr/print.h>
#include <winpr/sysinfo.h>
#include <winpr/registry.h>
#include <winpr/tchar.h>
#include "ntlm.h"
#include "../sspi.h"
@ -47,22 +48,17 @@ char* NTLM_PACKAGE_NAME = "NTLM";
int ntlm_SetContextWorkstation(NTLM_CONTEXT* context, char* Workstation)
{
int status;
DWORD nSize = 0;
DWORD nSize = MAX_COMPUTERNAME_LENGTH;
char* ws = Workstation;
TCHAR computerName[MAX_COMPUTERNAME_LENGTH + 1];
if (!Workstation)
{
GetComputerNameExA(ComputerNameNetBIOS, NULL, &nSize);
ws = (char*) malloc(nSize);
if (!GetComputerNameExA(ComputerNameNetBIOS, computerName, &nSize))
return -1;
ws = _strdup(computerName);
if (!ws)
return -1;
if (!GetComputerNameExA(ComputerNameNetBIOS, ws, &nSize))
{
free(ws);
return 0;
}
}
context->Workstation.Buffer = NULL;
@ -114,25 +110,20 @@ int ntlm_SetContextServicePrincipalNameA(NTLM_CONTEXT* context, char* ServicePri
int ntlm_SetContextTargetName(NTLM_CONTEXT* context, char* TargetName)
{
int status;
DWORD nSize = 0;
TCHAR computerName[MAX_COMPUTERNAME_LENGTH + 1];
DWORD nSize = MAX_COMPUTERNAME_LENGTH;
char* name = TargetName;
if (!TargetName)
{
if (!GetComputerNameExA(ComputerNameDnsHostname, NULL, &nSize))
if (!GetComputerNameExA(ComputerNameDnsHostname, computerName, &nSize))
return -1;
name = (char*) malloc(nSize);
name = strdup(computerName);
if (!name)
return -1;
if (!GetComputerNameExA(ComputerNameDnsHostname, name, &nSize))
{
free(name);
return -1;
}
CharUpperA(TargetName);
}

11
winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
View File

@ -29,6 +29,7 @@
#include <winpr/crt.h>
#include <winpr/print.h>
#include <winpr/sysinfo.h>
#include <winpr/tchar.h>
#include "ntlm_compute.h"
@ -171,14 +172,14 @@ int ntlm_get_target_computer_name(PUNICODE_STRING pName, COMPUTER_NAME_FORMAT ty
{
char* name;
int status;
DWORD nSize = 0;
GetComputerNameExA(type, NULL, &nSize);
name = (char*) malloc(nSize);
TCHAR computerName[MAX_COMPUTERNAME_LENGTH + 1];
DWORD nSize = MAX_COMPUTERNAME_LENGTH;
if (!name)
if (!GetComputerNameExA(type, computerName, &nSize))
return -1;
if (!GetComputerNameExA(type, name, &nSize))
name = strdup(computerName);
if (!name)
return -1;
if (type == ComputerNameNetBIOS)

17
winpr/libwinpr/sysinfo/sysinfo.c
View File

@ -188,17 +188,20 @@ BOOL GetComputerNameA(LPSTR lpBuffer, LPDWORD lpnSize)
if (dot)
length = dot - hostname;
if (*lpnSize <= length)
{
*lpnSize = length + 1;
return FALSE;
}
if (!lpBuffer)
return FALSE;
if (*lpnSize <= length)
{
SetLastError(ERROR_BUFFER_OVERFLOW);
*lpnSize = length;
return FALSE;
}
CopyMemory(lpBuffer, hostname, length);
lpBuffer[length] = '\0';
*lpnSize = length;
return TRUE;
}
@ -224,7 +227,7 @@ BOOL GetComputerNameExA(COMPUTER_NAME_FORMAT NameType, LPSTR lpBuffer, LPDWORD l
case ComputerNamePhysicalDnsFullyQualified:
if (*lpnSize <= length)
{
*lpnSize = length + 1;
*lpnSize = length;
return FALSE;
}

17
winpr/tools/makecert/makecert.c
View File

@ -306,16 +306,19 @@ char* x509_name_parse(char* name, char* txt, int* length)
char* x509_get_default_name()
{
DWORD nSize = 0;
char* ComputerName;
TCHAR computerName[MAX_COMPUTERNAME_LENGTH + 1];
DWORD nSize = MAX_COMPUTERNAME_LENGTH;
GetComputerNameExA(ComputerNameNetBIOS, NULL, &nSize);
ComputerName = (char*) malloc(nSize);
if (!ComputerName)
char* ret;
if (!GetComputerNameExA(ComputerNameNetBIOS, computerName, &nSize))
return NULL;
GetComputerNameExA(ComputerNameNetBIOS, ComputerName, &nSize);
return ComputerName;
ret = strdup(computerName);
if (!ret)
return NULL;
return ret;
}
int command_line_pre_filter(MAKECERT_CONTEXT* context, int index, int argc, LPCSTR* argv)