From a5ea6345169463bc426eebcd9aad7e34134f884e Mon Sep 17 00:00:00 2001 From: Armin Novak Date: Mon, 24 Jul 2023 07:53:42 +0200 Subject: [PATCH] [core] fix cJSON compat * only export used symbols, provide prototypes when required * clean up some length checks --- client/common/client.c | 12 ++++++++++++ libfreerdp/core/aad.c | 26 ++++++-------------------- libfreerdp/core/aad.h | 16 ++++++++++++++++ libfreerdp/core/gateway/arm.c | 11 ++++++----- libfreerdp/utils/http.c | 10 ++++++---- 5 files changed, 46 insertions(+), 29 deletions(-) diff --git a/client/common/client.c b/client/common/client.c index 2c195a646..2194c381a 100644 --- a/client/common/client.c +++ b/client/common/client.c @@ -61,6 +61,18 @@ #ifdef WITH_AAD #include #include + +#if CJSON_VERSION_MAJOR == 1 +#if CJSON_VERSION_MINOR <= 7 +#if CJSON_VERSION_PATCH < 13 +#define USE_CJSON_COMPAT +#endif +#endif +#endif + +#if defined(USE_CJSON_COMPAT) +extern cJSON* cJSON_ParseWithLength(const char* value, size_t buffer_length); +#endif #endif #include diff --git a/libfreerdp/core/aad.c b/libfreerdp/core/aad.c index 2a28462ff..3c5c26d6d 100644 --- a/libfreerdp/core/aad.c +++ b/libfreerdp/core/aad.c @@ -27,26 +27,12 @@ #include "../crypto/privatekey.h" #include -#ifdef WITH_AAD -#include -#endif - #include #include "transport.h" #include "aad.h" -#ifdef WITH_AAD -#if CJSON_VERSION_MAJOR == 1 -#if CJSON_VERSION_MINOR <= 7 -#if CJSON_VERSION_PATCH < 13 -#define USE_CJSON_COMPAT -#endif -#endif -#endif -#endif - struct rdp_aad { AAD_STATE state; @@ -112,8 +98,7 @@ static BOOL json_get_object(wLog* wlog, cJSON* json, const char* key, cJSON** ob } #if defined(USE_CJSON_COMPAT) -FREERDP_API double cJSON_GetNumberValue(const cJSON* const item); -double cJSON_GetNumberValue(const cJSON* const prop) +static double cJSON_GetNumberValue(const cJSON* const prop) { #ifndef NAN #ifdef _WIN32 @@ -208,14 +193,15 @@ static BOOL json_get_string_alloc(wLog* wlog, cJSON* json, const char* key, char } #if defined(USE_CJSON_COMPAT) -FREERDP_API cJSON* cJSON_ParseWithLength(const char* value, size_t buffer_length); - cJSON* cJSON_ParseWithLength(const char* value, size_t buffer_length) { // Check for string '\0' termination. const size_t slen = strnlen(value, buffer_length); if (slen >= buffer_length) - return NULL; + { + if (value[buffer_length] != '\0') + return NULL; + } return cJSON_Parse(value); } #endif @@ -235,7 +221,7 @@ static BOOL aad_get_nonce(rdpAad* aad) goto fail; } - if (resp_code != 200) + if (resp_code != HTTP_STATUS_OK) { WLog_Print(aad->log, WLOG_ERROR, "Server unwilling to provide nonce; returned status code %li", resp_code); diff --git a/libfreerdp/core/aad.h b/libfreerdp/core/aad.h index 69d184853..88785b958 100644 --- a/libfreerdp/core/aad.h +++ b/libfreerdp/core/aad.h @@ -32,6 +32,18 @@ typedef enum #include #include +#ifdef WITH_AAD +#include + +#if CJSON_VERSION_MAJOR == 1 +#if CJSON_VERSION_MINOR <= 7 +#if CJSON_VERSION_PATCH < 13 +#define USE_CJSON_COMPAT +#endif +#endif +#endif +#endif + FREERDP_LOCAL BOOL aad_is_supported(void); FREERDP_LOCAL int aad_client_begin(rdpAad* aad); @@ -42,4 +54,8 @@ FREERDP_LOCAL AAD_STATE aad_get_state(rdpAad* aad); FREERDP_LOCAL rdpAad* aad_new(rdpContext* context, rdpTransport* transport); FREERDP_LOCAL void aad_free(rdpAad* aad); +#if defined(USE_CJSON_COMPAT) +FREERDP_API cJSON* cJSON_ParseWithLength(const char* value, size_t buffer_length); +#endif + #endif /* FREERDP_LIB_CORE_AAD_H */ diff --git a/libfreerdp/core/gateway/arm.c b/libfreerdp/core/gateway/arm.c index 05459c713..d61d3fb9a 100644 --- a/libfreerdp/core/gateway/arm.c +++ b/libfreerdp/core/gateway/arm.c @@ -310,13 +310,13 @@ arm_create_cleanup: return message; } -static BOOL arm_fill_gateway_parameters(rdpArm* arm, const char* message) +static BOOL arm_fill_gateway_parameters(rdpArm* arm, const char* message, size_t len) { WINPR_ASSERT(arm); WINPR_ASSERT(arm->context); WINPR_ASSERT(message); - cJSON* json = cJSON_Parse(message); + cJSON* json = cJSON_ParseWithLength(message, len); BOOL status = FALSE; if (!json) return FALSE; @@ -408,14 +408,15 @@ BOOL arm_resolve_endpoint(rdpContext* context, DWORD timeout) StatusCode = http_response_get_status_code(response); if (StatusCode == HTTP_STATUS_OK) { - char* msg = calloc(http_response_get_body_length(response) + 1, sizeof(char)); + const size_t len = http_response_get_body_length(response); + char* msg = calloc(len + 1, sizeof(char)); if (!msg) goto arm_error; - memcpy(msg, http_response_get_body(response), http_response_get_body_length(response)); + memcpy(msg, http_response_get_body(response), len); WLog_DBG(TAG, "Got HTTP Response data: %s", msg); - const BOOL res = arm_fill_gateway_parameters(arm, msg); + const BOOL res = arm_fill_gateway_parameters(arm, msg, len); free(msg); if (!res) goto arm_error; diff --git a/libfreerdp/utils/http.c b/libfreerdp/utils/http.c index a1e23e85c..9a8b6c3f9 100644 --- a/libfreerdp/utils/http.c +++ b/libfreerdp/utils/http.c @@ -121,9 +121,11 @@ BOOL freerdp_http_request(const char* url, const char* body, long* status_code, if (!hostname) return FALSE; + size_t blen = 0; if (body) { - if (winpr_asprintf(&headers, &size, post_header_fmt, path, hostname, strlen(body)) < 0) + blen = strlen(body); + if (winpr_asprintf(&headers, &size, post_header_fmt, path, hostname, blen) < 0) return FALSE; } else @@ -182,7 +184,7 @@ BOOL freerdp_http_request(const char* url, const char* body, long* status_code, WLog_Print(log, WLOG_DEBUG, "headers:\n%s", headers); ERR_clear_error(); - if (BIO_write(bio, headers, strlen(headers)) < 0) + if (BIO_write(bio, headers, strnlen(headers, size)) < 0) { log_errors(log, "could not write headers"); goto out; @@ -192,14 +194,14 @@ BOOL freerdp_http_request(const char* url, const char* body, long* status_code, { WLog_Print(log, WLOG_DEBUG, "body:\n%s", body); - if (strlen(body) > INT_MAX) + if (blen > INT_MAX) { WLog_Print(log, WLOG_ERROR, "body too long!"); goto out; } ERR_clear_error(); - if (BIO_write(bio, body, strlen(body)) < 0) + if (BIO_write(bio, body, blen) < 0) { log_errors(log, "could not write body"); goto out;