diff --git a/libfreerdp/codec/dsp_ffmpeg.c b/libfreerdp/codec/dsp_ffmpeg.c index 59dd25db1..703340dcf 100644 --- a/libfreerdp/codec/dsp_ffmpeg.c +++ b/libfreerdp/codec/dsp_ffmpeg.c @@ -607,7 +607,8 @@ static BOOL ffmpeg_decode(AVCodecContext* dec_ctx, AVPacket* pkt, AVFrame* frame const size_t channels = resampled->ch_layout.nb_channels; #endif const size_t data_size = channels * resampled->nb_samples * 2; - Stream_EnsureRemainingCapacity(out, data_size); + if (!Stream_EnsureRemainingCapacity(out, data_size)) + return FALSE; Stream_Write(out, resampled->data[0], data_size); } } diff --git a/libfreerdp/core/capabilities.c b/libfreerdp/core/capabilities.c index a4706f8c6..f4274d7e0 100644 --- a/libfreerdp/core/capabilities.c +++ b/libfreerdp/core/capabilities.c @@ -3035,7 +3035,9 @@ static BOOL rdp_apply_bitmap_codecs_capability_set(rdpSettings* settings, const /* only enable a codec if we've announced/enabled it before */ settings->RemoteFxCodec = settings->RemoteFxCodec && src->RemoteFxCodecId; settings->RemoteFxImageCodec = settings->RemoteFxImageCodec && src->RemoteFxImageCodec; - freerdp_settings_set_bool(settings, FreeRDP_NSCodec, settings->NSCodec && src->NSCodec); + if (!freerdp_settings_set_bool(settings, FreeRDP_NSCodec, + settings->NSCodec && src->NSCodec)) + return FALSE; settings->JpegCodec = src->JpegCodec; } return TRUE; @@ -3237,10 +3239,14 @@ static BOOL rdp_read_bitmap_codecs_capability_set(wStream* s, rdpSettings* setti bitmapCodecCount--; /* only enable a codec if we've announced/enabled it before */ - settings->RemoteFxCodec = guidRemoteFx; - settings->RemoteFxImageCodec = guidRemoteFxImage; - freerdp_settings_set_bool(settings, FreeRDP_NSCodec, guidNSCodec); - settings->JpegCodec = FALSE; + if (!freerdp_settings_set_bool(settings, FreeRDP_RemoteFxCodec, guidRemoteFx)) + return FALSE; + if (!freerdp_settings_set_bool(settings, FreeRDP_RemoteFxImageCodec, guidRemoteFxImage)) + return FALSE; + if (!freerdp_settings_set_bool(settings, FreeRDP_NSCodec, guidNSCodec)) + return FALSE; + if (!freerdp_settings_set_bool(settings, FreeRDP_JpegCodec, FALSE)) + return FALSE; } return TRUE; @@ -4492,9 +4498,12 @@ BOOL rdp_recv_confirm_active(rdpRdp* rdp, wStream* s, UINT16 pduLength) if (!settings->ReceivedCapabilities[CAPSET_TYPE_BITMAP_CODECS]) { /* client does not support bitmap codecs */ - settings->RemoteFxCodec = FALSE; - freerdp_settings_set_bool(settings, FreeRDP_NSCodec, FALSE); - settings->JpegCodec = FALSE; + if (!freerdp_settings_set_bool(settings, FreeRDP_RemoteFxCodec, FALSE)) + return FALSE; + if (!freerdp_settings_set_bool(settings, FreeRDP_NSCodec, FALSE)) + return FALSE; + if (!freerdp_settings_set_bool(settings, FreeRDP_JpegCodec, FALSE)) + return FALSE; } if (!settings->ReceivedCapabilities[CAPSET_TYPE_MULTI_FRAGMENT_UPDATE]) diff --git a/libfreerdp/core/gateway/wst.c b/libfreerdp/core/gateway/wst.c index 87194da65..bd370a702 100644 --- a/libfreerdp/core/gateway/wst.c +++ b/libfreerdp/core/gateway/wst.c @@ -391,8 +391,10 @@ static BOOL wst_handle_ok_or_forbidden(rdpWst* wst, HttpResponse** ppresponse, D return FALSE; free(wst->gwpath); wst->gwpath = urlWithAuth; - http_context_set_uri(wst->http, wst->gwpath); - http_context_enable_websocket_upgrade(wst->http, TRUE); + if (!http_context_set_uri(wst->http, wst->gwpath)) + return FALSE; + if (!http_context_enable_websocket_upgrade(wst->http, TRUE)) + return FALSE; } if (!wst_send_http_request(wst, wst->tls)) diff --git a/libfreerdp/core/nla.c b/libfreerdp/core/nla.c index 577e0b4fd..1f5ab6b6a 100644 --- a/libfreerdp/core/nla.c +++ b/libfreerdp/core/nla.c @@ -818,7 +818,7 @@ static int nla_server_authenticate(rdpNla* nla) break; } - nla_send(nla); + (void)nla_send(nla); /* Access Denied */ goto fail; } diff --git a/libfreerdp/crypto/x509_utils.c b/libfreerdp/crypto/x509_utils.c index dc388e87a..c592c8222 100644 --- a/libfreerdp/crypto/x509_utils.c +++ b/libfreerdp/crypto/x509_utils.c @@ -79,16 +79,23 @@ static char* crypto_print_name(const X509_NAME* name) { UINT64 size = BIO_number_written(outBIO); if (size > INT_MAX) - return NULL; + goto fail; buffer = calloc(1, (size_t)size + 1); if (!buffer) - return NULL; + goto fail; ERR_clear_error(); - BIO_read(outBIO, buffer, (int)size); + const int rc = BIO_read(outBIO, buffer, (int)size); + if (rc <= 0) + { + free(buffer); + buffer = NULL; + goto fail; + } } +fail: BIO_free_all(outBIO); return buffer; } diff --git a/winpr/libwinpr/file/generic.c b/winpr/libwinpr/file/generic.c index b914354ed..c750739f2 100644 --- a/winpr/libwinpr/file/generic.c +++ b/winpr/libwinpr/file/generic.c @@ -886,7 +886,7 @@ static WIN32_FILE_SEARCH* file_search_new(const char* name, size_t namelen, cons if (!pFileSearch) return NULL; WINPR_ASSERT(sizeof(file_search_magic) == sizeof(pFileSearch->magic)); - strncpy(pFileSearch->magic, file_search_magic, sizeof(pFileSearch->magic)); + memcpy(pFileSearch->magic, file_search_magic, sizeof(pFileSearch->magic)); pFileSearch->lpPath = strndup(name, namelen); pFileSearch->lpPattern = strndup(pattern, patternlen); diff --git a/winpr/libwinpr/sspi/Negotiate/negotiate.c b/winpr/libwinpr/sspi/Negotiate/negotiate.c index 66d8d53f8..0d60f5d73 100644 --- a/winpr/libwinpr/sspi/Negotiate/negotiate.c +++ b/winpr/libwinpr/sspi/Negotiate/negotiate.c @@ -830,6 +830,8 @@ static SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextW( if (context->state == NEGOTIATE_STATE_NEGORESP) { /* Store the mech token in the output buffer */ + if (!output_buffer) + goto cleanup; CopyMemory(&output_token.mechToken, output_buffer, sizeof(SecBuffer)); mech_input_buffers[0] = input_token.mechToken;