stream: check stream_new in winpr and libfreerdp

also fixed a few things
This commit is contained in:
Martin Haimberger 2015-05-29 04:46:50 -07:00
parent ca274b6b49
commit 951a2d2210
13 changed files with 295 additions and 30 deletions

View File

@ -3,6 +3,8 @@
* Interleaved RLE Bitmap Codec * Interleaved RLE Bitmap Codec
* *
* Copyright 2014 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2014 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -426,7 +428,21 @@ BITMAP_INTERLEAVED_CONTEXT* bitmap_interleaved_context_new(BOOL Compressor)
{ {
interleaved->TempSize = 64 * 64 * 4; interleaved->TempSize = 64 * 64 * 4;
interleaved->TempBuffer = _aligned_malloc(interleaved->TempSize, 16); interleaved->TempBuffer = _aligned_malloc(interleaved->TempSize, 16);
if (!interleaved->TempBuffer)
{
free(interleaved);
WLog_ERR(TAG, "_aligned_malloc failed!");
return NULL;
}
interleaved->bts = Stream_New(NULL, interleaved->TempSize); interleaved->bts = Stream_New(NULL, interleaved->TempSize);
if (!interleaved->bts)
{
_aligned_free(interleaved->TempBuffer);
free(interleaved);
WLog_ERR(TAG, "Stream_New failed!");
return NULL;
}
} }
return interleaved; return interleaved;

View File

@ -4,6 +4,8 @@
* *
* Copyright 2011 Jiten Pathy * Copyright 2011 Jiten Pathy
* Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -630,6 +632,13 @@ BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* serv
return TRUE; return TRUE;
s = Stream_New(server_cert, length); s = Stream_New(server_cert, length);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
Stream_Read_UINT32(s, dwVersion); /* dwVersion (4 bytes) */ Stream_Read_UINT32(s, dwVersion); /* dwVersion (4 bytes) */
switch (dwVersion & CERT_CHAIN_VERSION_MASK) switch (dwVersion & CERT_CHAIN_VERSION_MASK)

View File

@ -3,6 +3,8 @@
* Connection Sequence * Connection Sequence
* *
* Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -443,6 +445,12 @@ static BOOL rdp_client_establish_keys(rdpRdp* rdp)
length = RDP_PACKET_HEADER_MAX_LENGTH + RDP_SECURITY_HEADER_LENGTH + 4 + key_len + 8; length = RDP_PACKET_HEADER_MAX_LENGTH + RDP_SECURITY_HEADER_LENGTH + 4 + key_len + 8;
s = Stream_New(NULL, length); s = Stream_New(NULL, length);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
goto end;
}
rdp_write_header(rdp, s, length, MCS_GLOBAL_CHANNEL_ID); rdp_write_header(rdp, s, length, MCS_GLOBAL_CHANNEL_ID);
rdp_write_security_header(s, SEC_EXCHANGE_PKT | SEC_LICENSE_ENCRYPT_SC); rdp_write_security_header(s, SEC_EXCHANGE_PKT | SEC_LICENSE_ENCRYPT_SC);
length = key_len + 8; length = key_len + 8;

View File

@ -4,6 +4,8 @@
* *
* Copyright 2012 Fujitsu Technology Solutions GmbH * Copyright 2012 Fujitsu Technology Solutions GmbH
* Copyright 2012 Dmitrij Jasnov <dmitrij.jasnov@ts.fujitsu.com> * Copyright 2012 Dmitrij Jasnov <dmitrij.jasnov@ts.fujitsu.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -122,6 +124,13 @@ DWORD TsProxySendToServer(handle_t IDL_handle, byte pRpcMessage[], UINT32 count,
return -1; return -1;
s = Stream_New(buffer, length); s = Stream_New(buffer, length);
if (!s)
{
free(buffer);
WLog_ERR(TAG, "Stream_New failed!");
return -1;
}
/* PCHANNEL_CONTEXT_HANDLE_NOSERIALIZE_NR (20 bytes) */ /* PCHANNEL_CONTEXT_HANDLE_NOSERIALIZE_NR (20 bytes) */
Stream_Write(s, &tsg->ChannelContext.ContextType, 4); /* ContextType (4 bytes) */ Stream_Write(s, &tsg->ChannelContext.ContextType, 4); /* ContextType (4 bytes) */
Stream_Write(s, tsg->ChannelContext.ContextUuid, 16); /* ContextUuid (16 bytes) */ Stream_Write(s, tsg->ChannelContext.ContextUuid, 16); /* ContextUuid (16 bytes) */

View File

@ -3,6 +3,8 @@
* RDP Client Info * RDP Client Info
* *
* Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -640,6 +642,13 @@ BOOL rdp_send_client_info(rdpRdp* rdp)
rdp->sec_flags |= SEC_INFO_PKT; rdp->sec_flags |= SEC_INFO_PKT;
s = Stream_New(NULL, 2048); s = Stream_New(NULL, 2048);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
rdp_init_stream(rdp, s); rdp_init_stream(rdp, s);
rdp_write_info_packet(rdp, s); rdp_write_info_packet(rdp, s);

View File

@ -3,6 +3,8 @@
* T.125 Multipoint Communication Service (MCS) Protocol * T.125 Multipoint Communication Service (MCS) Protocol
* *
* Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -304,12 +306,17 @@ BOOL mcs_read_domain_parameters(wStream* s, DomainParameters* domainParameters)
* @param domainParameters domain parameters * @param domainParameters domain parameters
*/ */
void mcs_write_domain_parameters(wStream* s, DomainParameters* domainParameters) BOOL mcs_write_domain_parameters(wStream* s, DomainParameters* domainParameters)
{ {
int length; int length;
wStream* tmps; wStream* tmps;
tmps = Stream_New(NULL, Stream_Capacity(s)); tmps = Stream_New(NULL, Stream_Capacity(s));
if (!tmps)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
ber_write_integer(tmps, domainParameters->maxChannelIds); ber_write_integer(tmps, domainParameters->maxChannelIds);
ber_write_integer(tmps, domainParameters->maxUserIds); ber_write_integer(tmps, domainParameters->maxUserIds);
ber_write_integer(tmps, domainParameters->maxTokenIds); ber_write_integer(tmps, domainParameters->maxTokenIds);
@ -323,6 +330,8 @@ void mcs_write_domain_parameters(wStream* s, DomainParameters* domainParameters)
ber_write_sequence_tag(s, length); ber_write_sequence_tag(s, length);
Stream_Write(s, Stream_Buffer(tmps), length); Stream_Write(s, Stream_Buffer(tmps), length);
Stream_Free(tmps, TRUE); Stream_Free(tmps, TRUE);
return TRUE;
} }
/** /**
@ -527,13 +536,19 @@ BOOL mcs_recv_connect_initial(rdpMcs* mcs, wStream* s)
* @param user_data GCC Conference Create Request * @param user_data GCC Conference Create Request
*/ */
void mcs_write_connect_initial(wStream* s, rdpMcs* mcs, wStream* userData) BOOL mcs_write_connect_initial(wStream* s, rdpMcs* mcs, wStream* userData)
{ {
int length; int length;
wStream* tmps; wStream* tmps;
BOOL ret = FALSE;
tmps = Stream_New(NULL, Stream_Capacity(s)); tmps = Stream_New(NULL, Stream_Capacity(s));
if (!tmps) {
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
/* callingDomainSelector (OCTET_STRING) */ /* callingDomainSelector (OCTET_STRING) */
ber_write_octet_string(tmps, callingDomainSelector, sizeof(callingDomainSelector)); ber_write_octet_string(tmps, callingDomainSelector, sizeof(callingDomainSelector));
@ -544,13 +559,16 @@ void mcs_write_connect_initial(wStream* s, rdpMcs* mcs, wStream* userData)
ber_write_BOOL(tmps, TRUE); ber_write_BOOL(tmps, TRUE);
/* targetParameters (DomainParameters) */ /* targetParameters (DomainParameters) */
mcs_write_domain_parameters(tmps, &mcs->targetParameters); if (!mcs_write_domain_parameters(tmps, &mcs->targetParameters))
goto out;
/* minimumParameters (DomainParameters) */ /* minimumParameters (DomainParameters) */
mcs_write_domain_parameters(tmps, &mcs->minimumParameters); if (!mcs_write_domain_parameters(tmps, &mcs->minimumParameters))
goto out;
/* maximumParameters (DomainParameters) */ /* maximumParameters (DomainParameters) */
mcs_write_domain_parameters(tmps, &mcs->maximumParameters); if (!mcs_write_domain_parameters(tmps, &mcs->maximumParameters))
goto out;
/* userData (OCTET_STRING) */ /* userData (OCTET_STRING) */
ber_write_octet_string(tmps, userData->buffer, Stream_GetPosition(userData)); ber_write_octet_string(tmps, userData->buffer, Stream_GetPosition(userData));
@ -559,7 +577,10 @@ void mcs_write_connect_initial(wStream* s, rdpMcs* mcs, wStream* userData)
/* Connect-Initial (APPLICATION 101, IMPLICIT SEQUENCE) */ /* Connect-Initial (APPLICATION 101, IMPLICIT SEQUENCE) */
ber_write_application_tag(s, MCS_TYPE_CONNECT_INITIAL, length); ber_write_application_tag(s, MCS_TYPE_CONNECT_INITIAL, length);
Stream_Write(s, Stream_Buffer(tmps), length); Stream_Write(s, Stream_Buffer(tmps), length);
ret = TRUE;
out:
Stream_Free(tmps, TRUE); Stream_Free(tmps, TRUE);
return ret;
} }
/** /**
@ -574,21 +595,28 @@ BOOL mcs_write_connect_response(wStream* s, rdpMcs* mcs, wStream* userData)
{ {
int length; int length;
wStream* tmps; wStream* tmps;
BOOL ret = FALSE;
tmps = Stream_New(NULL, Stream_Capacity(s)); tmps = Stream_New(NULL, Stream_Capacity(s));
if (!tmps) if (!tmps)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE; return FALSE;
}
ber_write_enumerated(tmps, 0, MCS_Result_enum_length); ber_write_enumerated(tmps, 0, MCS_Result_enum_length);
ber_write_integer(tmps, 0); /* calledConnectId */ ber_write_integer(tmps, 0); /* calledConnectId */
mcs_write_domain_parameters(tmps, &(mcs->domainParameters)); if (!mcs_write_domain_parameters(tmps, &(mcs->domainParameters)))
goto out;
/* userData (OCTET_STRING) */ /* userData (OCTET_STRING) */
ber_write_octet_string(tmps, userData->buffer, Stream_GetPosition(userData)); ber_write_octet_string(tmps, userData->buffer, Stream_GetPosition(userData));
length = Stream_GetPosition(tmps); length = Stream_GetPosition(tmps);
ber_write_application_tag(s, MCS_TYPE_CONNECT_RESPONSE, length); ber_write_application_tag(s, MCS_TYPE_CONNECT_RESPONSE, length);
Stream_Write(s, Stream_Buffer(tmps), length); Stream_Write(s, Stream_Buffer(tmps), length);
ret = TRUE;
out:
Stream_Free(tmps, TRUE); Stream_Free(tmps, TRUE);
return TRUE; return ret;
} }
/** /**
@ -599,28 +627,48 @@ BOOL mcs_write_connect_response(wStream* s, rdpMcs* mcs, wStream* userData)
BOOL mcs_send_connect_initial(rdpMcs* mcs) BOOL mcs_send_connect_initial(rdpMcs* mcs)
{ {
int status; int status = -1;
int length; int length;
wStream* s; wStream* s = NULL;
int bm, em; int bm, em;
wStream* gcc_CCrq; wStream* gcc_CCrq = NULL;
wStream* client_data; wStream* client_data = NULL;
mcs_initialize_client_channels(mcs, mcs->settings); mcs_initialize_client_channels(mcs, mcs->settings);
client_data = Stream_New(NULL, 512); client_data = Stream_New(NULL, 512);
if (!client_data)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
gcc_write_client_data_blocks(client_data, mcs); gcc_write_client_data_blocks(client_data, mcs);
gcc_CCrq = Stream_New(NULL, 1024); gcc_CCrq = Stream_New(NULL, 1024);
if (!gcc_CCrq)
{
WLog_ERR(TAG, "Stream_New failed!");
goto out;
}
gcc_write_conference_create_request(gcc_CCrq, client_data); gcc_write_conference_create_request(gcc_CCrq, client_data);
length = Stream_GetPosition(gcc_CCrq) + 7; length = Stream_GetPosition(gcc_CCrq) + 7;
s = Stream_New(NULL, 1024 + length); s = Stream_New(NULL, 1024 + length);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
goto out;
}
bm = Stream_GetPosition(s); bm = Stream_GetPosition(s);
Stream_Seek(s, 7); Stream_Seek(s, 7);
mcs_write_connect_initial(s, mcs, gcc_CCrq); if (!mcs_write_connect_initial(s, mcs, gcc_CCrq))
{
WLog_ERR(TAG, "mcs_write_connect_initial failed!");
goto out;
}
em = Stream_GetPosition(s); em = Stream_GetPosition(s);
length = (em - bm); length = (em - bm);
Stream_SetPosition(s, bm); Stream_SetPosition(s, bm);
@ -632,6 +680,7 @@ BOOL mcs_send_connect_initial(rdpMcs* mcs)
status = transport_write(mcs->transport, s); status = transport_write(mcs->transport, s);
out:
Stream_Free(s, TRUE); Stream_Free(s, TRUE);
Stream_Free(gcc_CCrq, TRUE); Stream_Free(gcc_CCrq, TRUE);
Stream_Free(client_data, TRUE); Stream_Free(client_data, TRUE);
@ -691,19 +740,31 @@ BOOL mcs_send_connect_response(rdpMcs* mcs)
wStream* server_data; wStream* server_data;
server_data = Stream_New(NULL, 512); server_data = Stream_New(NULL, 512);
if (!server_data)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
if (!gcc_write_server_data_blocks(server_data, mcs)) if (!gcc_write_server_data_blocks(server_data, mcs))
goto error_data_blocks; goto error_data_blocks;
gcc_CCrsp = Stream_New(NULL, 512 + Stream_Capacity(server_data)); gcc_CCrsp = Stream_New(NULL, 512 + Stream_Capacity(server_data));
if (!gcc_CCrsp) if (!gcc_CCrsp)
{
WLog_ERR(TAG, "Stream_New failed!");
goto error_data_blocks; goto error_data_blocks;
}
gcc_write_conference_create_response(gcc_CCrsp, server_data); gcc_write_conference_create_response(gcc_CCrsp, server_data);
length = Stream_GetPosition(gcc_CCrsp) + 7; length = Stream_GetPosition(gcc_CCrsp) + 7;
s = Stream_New(NULL, length + 1024); s = Stream_New(NULL, length + 1024);
if (!s) if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
goto error_stream_s; goto error_stream_s;
}
bm = Stream_GetPosition(s); bm = Stream_GetPosition(s);
Stream_Seek(s, 7); Stream_Seek(s, 7);
@ -777,6 +838,11 @@ BOOL mcs_send_erect_domain_request(rdpMcs* mcs)
UINT16 length = 12; UINT16 length = 12;
s = Stream_New(NULL, length); s = Stream_New(NULL, length);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
mcs_write_domain_mcspdu_header(s, DomainMCSPDU_ErectDomainRequest, length, 0); mcs_write_domain_mcspdu_header(s, DomainMCSPDU_ErectDomainRequest, length, 0);
@ -822,6 +888,11 @@ BOOL mcs_send_attach_user_request(rdpMcs* mcs)
UINT16 length = 8; UINT16 length = 8;
s = Stream_New(NULL, length); s = Stream_New(NULL, length);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
mcs_write_domain_mcspdu_header(s, DomainMCSPDU_AttachUserRequest, length, 0); mcs_write_domain_mcspdu_header(s, DomainMCSPDU_AttachUserRequest, length, 0);
@ -870,6 +941,12 @@ BOOL mcs_send_attach_user_confirm(rdpMcs* mcs)
rdpSettings* settings; rdpSettings* settings;
s = Stream_New(NULL, length); s = Stream_New(NULL, length);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
settings = mcs->transport->settings; settings = mcs->transport->settings;
mcs->userId = mcs->baseChannelId++; mcs->userId = mcs->baseChannelId++;
@ -924,6 +1001,11 @@ BOOL mcs_send_channel_join_request(rdpMcs* mcs, UINT16 channelId)
UINT16 length = 12; UINT16 length = 12;
s = Stream_New(NULL, length); s = Stream_New(NULL, length);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
mcs_write_domain_mcspdu_header(s, DomainMCSPDU_ChannelJoinRequest, length, 0); mcs_write_domain_mcspdu_header(s, DomainMCSPDU_ChannelJoinRequest, length, 0);
@ -979,6 +1061,11 @@ BOOL mcs_send_channel_join_confirm(rdpMcs* mcs, UINT16 channelId)
UINT16 length = 15; UINT16 length = 15;
s = Stream_New(NULL, length); s = Stream_New(NULL, length);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
mcs_write_domain_mcspdu_header(s, DomainMCSPDU_ChannelJoinConfirm, length, 2); mcs_write_domain_mcspdu_header(s, DomainMCSPDU_ChannelJoinConfirm, length, 2);
@ -1056,6 +1143,11 @@ BOOL mcs_send_disconnect_provider_ultimatum(rdpMcs* mcs)
UINT16 length = 9; UINT16 length = 9;
s = Stream_New(NULL, length); s = Stream_New(NULL, length);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
mcs_write_domain_mcspdu_header(s, DomainMCSPDU_DisconnectProviderUltimatum, length, 1); mcs_write_domain_mcspdu_header(s, DomainMCSPDU_DisconnectProviderUltimatum, length, 1);

View File

@ -3,6 +3,8 @@
* T.125 Multipoint Communication Service (MCS) Protocol * T.125 Multipoint Communication Service (MCS) Protocol
* *
* Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -164,7 +166,7 @@ struct rdp_mcs
BOOL mcs_merge_domain_parameters(DomainParameters* targetParameters, DomainParameters* minimumParameters, BOOL mcs_merge_domain_parameters(DomainParameters* targetParameters, DomainParameters* minimumParameters,
DomainParameters* maximumParameters, DomainParameters* pOutParameters); DomainParameters* maximumParameters, DomainParameters* pOutParameters);
void mcs_write_connect_initial(wStream* s, rdpMcs* mcs, wStream* userData); BOOL mcs_write_connect_initial(wStream* s, rdpMcs* mcs, wStream* userData);
BOOL mcs_write_connect_response(wStream* s, rdpMcs* mcs, wStream* userData); BOOL mcs_write_connect_response(wStream* s, rdpMcs* mcs, wStream* userData);
BOOL mcs_recv_connect_initial(rdpMcs* mcs, wStream* s); BOOL mcs_recv_connect_initial(rdpMcs* mcs, wStream* s);

View File

@ -4,6 +4,8 @@
* *
* Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2014 Norbert Federa <norbert.federa@thincast.com> * Copyright 2014 Norbert Federa <norbert.federa@thincast.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -328,7 +330,10 @@ BOOL nego_send_preconnection_pdu(rdpNego* nego)
s = Stream_New(NULL, cbSize); s = Stream_New(NULL, cbSize);
if (!s) if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE; return FALSE;
}
Stream_Write_UINT32(s, cbSize); /* cbSize */ Stream_Write_UINT32(s, cbSize); /* cbSize */
Stream_Write_UINT32(s, 0); /* Flags */ Stream_Write_UINT32(s, 0); /* Flags */
@ -528,7 +533,10 @@ BOOL nego_recv_response(rdpNego* nego)
s = Stream_New(NULL, 1024); s = Stream_New(NULL, 1024);
if (!s) if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE; return FALSE;
}
status = transport_read_pdu(nego->transport, s); status = transport_read_pdu(nego->transport, s);
@ -798,6 +806,11 @@ BOOL nego_send_negotiation_request(rdpNego* nego)
int cookie_length; int cookie_length;
s = Stream_New(NULL, 512); s = Stream_New(NULL, 512);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
length = TPDU_CONNECTION_REQUEST_LENGTH; length = TPDU_CONNECTION_REQUEST_LENGTH;
bm = Stream_GetPosition(s); bm = Stream_GetPosition(s);
@ -988,7 +1001,10 @@ BOOL nego_send_negotiation_response(rdpNego* nego)
s = Stream_New(NULL, 512); s = Stream_New(NULL, 512);
if (!s) if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE; return FALSE;
}
length = TPDU_CONNECTION_CONFIRM_LENGTH; length = TPDU_CONNECTION_CONFIRM_LENGTH;
bm = Stream_GetPosition(s); bm = Stream_GetPosition(s);

View File

@ -3,6 +3,8 @@
* Network Level Authentication (NLA) * Network Level Authentication (NLA)
* *
* Copyright 2010-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2010-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -88,7 +90,7 @@
#define TERMSRV_SPN_PREFIX "TERMSRV/" #define TERMSRV_SPN_PREFIX "TERMSRV/"
void nla_send(rdpNla* nla); BOOL nla_send(rdpNla* nla);
int nla_recv(rdpNla* nla); int nla_recv(rdpNla* nla);
void nla_buffer_print(rdpNla* nla); void nla_buffer_print(rdpNla* nla);
void nla_buffer_free(rdpNla* nla); void nla_buffer_free(rdpNla* nla);
@ -293,7 +295,12 @@ int nla_client_begin(rdpNla* nla)
WLog_DBG(TAG, "Sending Authentication Token"); WLog_DBG(TAG, "Sending Authentication Token");
winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer); winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer);
nla_send(nla); if (!nla_send(nla))
{
nla_buffer_free(nla);
return -1;
}
nla_buffer_free(nla); nla_buffer_free(nla);
nla->state = NLA_STATE_NEGO_TOKEN; nla->state = NLA_STATE_NEGO_TOKEN;
@ -365,7 +372,11 @@ int nla_client_recv(rdpNla* nla)
WLog_DBG(TAG, "Sending Authentication Token"); WLog_DBG(TAG, "Sending Authentication Token");
winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer); winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer);
nla_send(nla); if (!nla_send(nla))
{
nla_buffer_free(nla);
return -1;
}
nla_buffer_free(nla); nla_buffer_free(nla);
nla->state = NLA_STATE_PUB_KEY_AUTH; nla->state = NLA_STATE_PUB_KEY_AUTH;
@ -392,7 +403,11 @@ int nla_client_recv(rdpNla* nla)
return -1; return -1;
} }
nla_send(nla); if (!nla_send(nla))
{
nla_buffer_free(nla);
return -1;
}
nla_buffer_free(nla); nla_buffer_free(nla);
nla->table->FreeCredentialsHandle(&nla->credentials); nla->table->FreeCredentialsHandle(&nla->credentials);
@ -412,6 +427,12 @@ int nla_client_authenticate(rdpNla* nla)
s = Stream_New(NULL, 4096); s = Stream_New(NULL, 4096);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return -1;
}
if (nla_client_begin(nla) < 1) if (nla_client_begin(nla) < 1)
return -1; return -1;
@ -621,7 +642,11 @@ int nla_server_authenticate(rdpNla* nla)
WLog_DBG(TAG, "Sending Authentication Token"); WLog_DBG(TAG, "Sending Authentication Token");
nla_buffer_print(nla); nla_buffer_print(nla);
nla_send(nla); if (!nla_send(nla))
{
nla_buffer_free(nla);
return -1;
}
nla_buffer_free(nla); nla_buffer_free(nla);
if (nla->status != SEC_I_CONTINUE_NEEDED) if (nla->status != SEC_I_CONTINUE_NEEDED)
@ -895,7 +920,7 @@ int nla_sizeof_ts_credentials(rdpNla* nla)
return size; return size;
} }
void nla_read_ts_credentials(rdpNla* nla, PSecBuffer ts_credentials) BOOL nla_read_ts_credentials(rdpNla* nla, PSecBuffer ts_credentials)
{ {
wStream* s; wStream* s;
int length; int length;
@ -903,6 +928,13 @@ void nla_read_ts_credentials(rdpNla* nla, PSecBuffer ts_credentials)
s = Stream_New(ts_credentials->pvBuffer, ts_credentials->cbBuffer); s = Stream_New(ts_credentials->pvBuffer, ts_credentials->cbBuffer);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
/* TSCredentials (SEQUENCE) */ /* TSCredentials (SEQUENCE) */
ber_read_sequence_tag(s, &length); ber_read_sequence_tag(s, &length);
@ -917,6 +949,7 @@ void nla_read_ts_credentials(rdpNla* nla, PSecBuffer ts_credentials)
nla_read_ts_password_creds(nla, s); nla_read_ts_password_creds(nla, s);
Stream_Free(s, FALSE); Stream_Free(s, FALSE);
return TRUE;
} }
int nla_write_ts_credentials(rdpNla* nla, wStream* s) int nla_write_ts_credentials(rdpNla* nla, wStream* s)
@ -946,7 +979,7 @@ int nla_write_ts_credentials(rdpNla* nla, wStream* s)
* @param credssp * @param credssp
*/ */
void nla_encode_ts_credentials(rdpNla* nla) BOOL nla_encode_ts_credentials(rdpNla* nla)
{ {
wStream* s; wStream* s;
int length; int length;
@ -967,8 +1000,19 @@ void nla_encode_ts_credentials(rdpNla* nla)
length = ber_sizeof_sequence(nla_sizeof_ts_credentials(nla)); length = ber_sizeof_sequence(nla_sizeof_ts_credentials(nla));
if (!sspi_SecBufferAlloc(&nla->tsCredentials, length)) if (!sspi_SecBufferAlloc(&nla->tsCredentials, length))
return; {
WLog_ERR(TAG, "sspi_SecBufferAlloc failed!");
return FALSE;
}
s = Stream_New((BYTE*) nla->tsCredentials.pvBuffer, length); s = Stream_New((BYTE*) nla->tsCredentials.pvBuffer, length);
if (!s)
{
sspi_SecBufferFree(&nla->tsCredentials);
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
nla_write_ts_credentials(nla, s); nla_write_ts_credentials(nla, s);
if (nla->settings->DisableCredentialsDelegation) if (nla->settings->DisableCredentialsDelegation)
@ -979,6 +1023,7 @@ void nla_encode_ts_credentials(rdpNla* nla)
} }
Stream_Free(s, FALSE); Stream_Free(s, FALSE);
return TRUE;
} }
SECURITY_STATUS nla_encrypt_ts_credentials(rdpNla* nla) SECURITY_STATUS nla_encrypt_ts_credentials(rdpNla* nla)
@ -987,7 +1032,8 @@ SECURITY_STATUS nla_encrypt_ts_credentials(rdpNla* nla)
SecBufferDesc Message; SecBufferDesc Message;
SECURITY_STATUS status; SECURITY_STATUS status;
nla_encode_ts_credentials(nla); if (!nla_encode_ts_credentials(nla))
return SEC_E_INSUFFICIENT_MEMORY;
if (!sspi_SecBufferAlloc(&nla->authInfo, nla->ContextSizes.cbMaxSignature + nla->tsCredentials.cbBuffer)) if (!sspi_SecBufferAlloc(&nla->authInfo, nla->ContextSizes.cbMaxSignature + nla->tsCredentials.cbBuffer))
return SEC_E_INSUFFICIENT_MEMORY; return SEC_E_INSUFFICIENT_MEMORY;
@ -1048,7 +1094,11 @@ SECURITY_STATUS nla_decrypt_ts_credentials(rdpNla* nla)
if (status != SEC_E_OK) if (status != SEC_E_OK)
return status; return status;
nla_read_ts_credentials(nla, &Buffers[1]); if(!nla_read_ts_credentials(nla, &Buffers[1]))
{
free(buffer);
return SEC_E_INSUFFICIENT_MEMORY;
}
free(buffer); free(buffer);
return SEC_E_OK; return SEC_E_OK;
@ -1096,7 +1146,7 @@ int nla_sizeof_ts_request(int length)
* @param credssp * @param credssp
*/ */
void nla_send(rdpNla* nla) BOOL nla_send(rdpNla* nla)
{ {
wStream* s; wStream* s;
int length; int length;
@ -1113,6 +1163,13 @@ void nla_send(rdpNla* nla)
s = Stream_New(NULL, ber_sizeof_sequence(ts_request_length)); s = Stream_New(NULL, ber_sizeof_sequence(ts_request_length));
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
/* TSRequest */ /* TSRequest */
ber_write_sequence_tag(s, ts_request_length); /* SEQUENCE */ ber_write_sequence_tag(s, ts_request_length); /* SEQUENCE */
/* [0] version */ /* [0] version */
@ -1146,6 +1203,7 @@ void nla_send(rdpNla* nla)
Stream_SealLength(s); Stream_SealLength(s);
transport_write(nla->transport, s); transport_write(nla->transport, s);
Stream_Free(s, TRUE); Stream_Free(s, TRUE);
return TRUE;
} }
int nla_decode_ts_request(rdpNla* nla, wStream* s) int nla_decode_ts_request(rdpNla* nla, wStream* s)
@ -1243,6 +1301,12 @@ int nla_recv(rdpNla* nla)
s = Stream_New(NULL, 4096); s = Stream_New(NULL, 4096);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return -1;
}
status = transport_read_pdu(nla->transport, s); status = transport_read_pdu(nla->transport, s);
if (status < 0) if (status < 0)

View File

@ -3,7 +3,8 @@
* Server Channels * Server Channels
* *
* Copyright 2014 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2014 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Copyright 2015 Thincast Technologies GmbH * Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -446,7 +447,8 @@ BOOL WTSVirtualChannelManagerCheckFileDescriptor(HANDLE hServer)
vcm->drdynvc_channel = channel; vcm->drdynvc_channel = channel;
dynvc_caps = 0x00010050; /* DYNVC_CAPS_VERSION1 (4 bytes) */ dynvc_caps = 0x00010050; /* DYNVC_CAPS_VERSION1 (4 bytes) */
WTSVirtualChannelWrite(channel, (PCHAR) &dynvc_caps, sizeof(dynvc_caps), &written); if (!WTSVirtualChannelWrite(channel, (PCHAR) &dynvc_caps, sizeof(dynvc_caps), &written))
return FALSE;
} }
} }
@ -960,7 +962,11 @@ HANDLE WINAPI FreeRDP_WTSVirtualChannelOpen(HANDLE hServer, DWORD SessionId, LPS
channel->channelType = RDP_PEER_CHANNEL_TYPE_SVC; channel->channelType = RDP_PEER_CHANNEL_TYPE_SVC;
channel->receiveData = Stream_New(NULL, client->settings->VirtualChannelChunkSize); channel->receiveData = Stream_New(NULL, client->settings->VirtualChannelChunkSize);
if (!channel->receiveData) if (!channel->receiveData)
{
WLog_ERR(TAG, "Stream_New failed!");
goto error_receiveData; goto error_receiveData;
}
channel->queue = MessageQueue_New(NULL);
channel->queue = MessageQueue_New(NULL); channel->queue = MessageQueue_New(NULL);
if (!channel->queue) if (!channel->queue)
goto error_queue; goto error_queue;
@ -1039,8 +1045,13 @@ HANDLE WINAPI FreeRDP_WTSVirtualChannelOpenEx(DWORD SessionId, LPSTR pVirtualNam
channel->client = client; channel->client = client;
channel->channelType = RDP_PEER_CHANNEL_TYPE_DVC; channel->channelType = RDP_PEER_CHANNEL_TYPE_DVC;
channel->receiveData = Stream_New(NULL, client->settings->VirtualChannelChunkSize); channel->receiveData = Stream_New(NULL, client->settings->VirtualChannelChunkSize);
if (!channel->receiveData) if (!channel->receiveData)
{
WLog_ERR(TAG, "Stream_New failed!");
goto error_receiveData; goto error_receiveData;
}
channel->queue = MessageQueue_New(NULL); channel->queue = MessageQueue_New(NULL);
if (!channel->queue) if (!channel->queue)
goto error_queue; goto error_queue;
@ -1080,6 +1091,7 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelClose(HANDLE hChannelHandle)
rdpMcs* mcs; rdpMcs* mcs;
WTSVirtualChannelManager* vcm; WTSVirtualChannelManager* vcm;
rdpPeerChannel* channel = (rdpPeerChannel*) hChannelHandle; rdpPeerChannel* channel = (rdpPeerChannel*) hChannelHandle;
BOOL ret = TRUE;
if (channel) if (channel)
{ {
@ -1100,10 +1112,19 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelClose(HANDLE hChannelHandle)
ULONG written; ULONG written;
s = Stream_New(NULL, 8); s = Stream_New(NULL, 8);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
ret = FALSE;
}
else
{
wts_write_drdynvc_header(s, CLOSE_REQUEST_PDU, channel->channelId); wts_write_drdynvc_header(s, CLOSE_REQUEST_PDU, channel->channelId);
WTSVirtualChannelWrite(vcm->drdynvc_channel, (PCHAR) Stream_Buffer(s), Stream_GetPosition(s), &written); ret = WTSVirtualChannelWrite(vcm->drdynvc_channel, (PCHAR) Stream_Buffer(s), Stream_GetPosition(s), &written);
Stream_Free(s, TRUE); Stream_Free(s, TRUE);
} }
}
} }
if (channel->receiveData) if (channel->receiveData)
@ -1118,7 +1139,7 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelClose(HANDLE hChannelHandle)
free(channel); free(channel);
} }
return TRUE; return ret;
} }
BOOL WINAPI FreeRDP_WTSVirtualChannelRead(HANDLE hChannelHandle, ULONG TimeOut, PCHAR Buffer, ULONG BufferSize, PULONG pBytesRead) BOOL WINAPI FreeRDP_WTSVirtualChannelRead(HANDLE hChannelHandle, ULONG TimeOut, PCHAR Buffer, ULONG BufferSize, PULONG pBytesRead)
@ -1194,6 +1215,11 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer,
while (Length > 0) while (Length > 0)
{ {
s = Stream_New(NULL, channel->client->settings->VirtualChannelChunkSize); s = Stream_New(NULL, channel->client->settings->VirtualChannelChunkSize);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
buffer = Stream_Buffer(s); buffer = Stream_Buffer(s);
Stream_Seek_UINT8(s); Stream_Seek_UINT8(s);

View File

@ -56,6 +56,8 @@ int TestBitStream(int argc, char* argv[])
BYTE buffer[1024]; BYTE buffer[1024];
ZeroMemory(buffer, sizeof(buffer)); ZeroMemory(buffer, sizeof(buffer));
bs = BitStream_New(); bs = BitStream_New();
if (!bs)
return 1;
BitStream_Attach(bs, buffer, sizeof(buffer)); BitStream_Attach(bs, buffer, sizeof(buffer));
BitStream_Write_Bits(bs, 0xAF, 8); /* 11110101 */ BitStream_Write_Bits(bs, 0xAF, 8); /* 11110101 */
BitStream_Write_Bits(bs, 0xF, 4); /* 1111 */ BitStream_Write_Bits(bs, 0xF, 4); /* 1111 */

View File

@ -3,6 +3,8 @@
* WinPR Logger * WinPR Logger
* *
* Copyright 2013 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2013 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -148,6 +150,8 @@ int WLog_BinaryAppender_WriteMessage(wLog* log, wLogBinaryAppender* appender, wL
(4 + TextStringLength + 1); (4 + TextStringLength + 1);
s = Stream_New(NULL, MessageLength); s = Stream_New(NULL, MessageLength);
if (!s)
return -1;
Stream_Write_UINT32(s, MessageLength); Stream_Write_UINT32(s, MessageLength);

View File

@ -3,6 +3,8 @@
* WinPR Logger * WinPR Logger
* *
* Copyright 2013 Marc-Andre Moreau <marcandre.moreau@gmail.com> * Copyright 2013 Marc-Andre Moreau <marcandre.moreau@gmail.com>
* Copyright 2015 Thincast Technologies GmbH
* Copyright 2015 DI (FH) Martin Haimberger <martin.haimberger@thincast.com>
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -245,6 +247,8 @@ int WLog_PacketMessage_Write_EthernetHeader(wPcap* pcap, wEthernetHeader* ethern
return -1; return -1;
s = Stream_New(buffer, 14); s = Stream_New(buffer, 14);
if (!s)
return -1;
Stream_Write(s, ethernet->Destination, 6); Stream_Write(s, ethernet->Destination, 6);
Stream_Write(s, ethernet->Source, 6); Stream_Write(s, ethernet->Source, 6);
Stream_Write_UINT16_BE(s, ethernet->Type); Stream_Write_UINT16_BE(s, ethernet->Type);
@ -284,6 +288,8 @@ int WLog_PacketMessage_Write_IPv4Header(wPcap* pcap, wIPv4Header* ipv4)
return -1; return -1;
s = Stream_New(buffer, 20); s = Stream_New(buffer, 20);
if (!s)
return -1;
Stream_Write_UINT8(s, (ipv4->Version << 4) | ipv4->InternetHeaderLength); Stream_Write_UINT8(s, (ipv4->Version << 4) | ipv4->InternetHeaderLength);
Stream_Write_UINT8(s, ipv4->TypeOfService); Stream_Write_UINT8(s, ipv4->TypeOfService);
Stream_Write_UINT16_BE(s, ipv4->TotalLength); Stream_Write_UINT16_BE(s, ipv4->TotalLength);
@ -312,6 +318,8 @@ int WLog_PacketMessage_Write_TcpHeader(wPcap* pcap, wTcpHeader* tcp)
return -1; return -1;
s = Stream_New(buffer, 20); s = Stream_New(buffer, 20);
if (!s)
return -1;
Stream_Write_UINT16_BE(s, tcp->SourcePort); Stream_Write_UINT16_BE(s, tcp->SourcePort);
Stream_Write_UINT16_BE(s, tcp->DestinationPort); Stream_Write_UINT16_BE(s, tcp->DestinationPort);
Stream_Write_UINT32_BE(s, tcp->SequenceNumber); Stream_Write_UINT32_BE(s, tcp->SequenceNumber);