mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

spnego: add various check and fixes

Browse Source
This commit is contained in:
David Fort 2022-07-07 00:36:48 +02:00 committed by David Fort
parent 6c834eaa15
commit b128ec4fba
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
winpr/libwinpr/sspi/Negotiate/negotiate.c
View File

@ -418,35 +418,34 @@ static BOOL negotiate_read_neg_token(PSecBuffer input, NegToken* token)
switch (contextual) switch (contextual)
{ {
case 0: case 0:
/* mechTypes [0] MechTypeList */
if (token->init) if (token->init)
{ {
/* mechTypes [0] MechTypeList */
WinPrAsn1DecGetStream(&dec2, &s); WinPrAsn1DecGetStream(&dec2, &s);
token->mechTypes.BufferType = SECBUFFER_TOKEN; token->mechTypes.BufferType = SECBUFFER_TOKEN;
token->mechTypes.cbBuffer = Stream_Length(&s); token->mechTypes.cbBuffer = Stream_Length(&s);
token->mechTypes.pvBuffer = Stream_Buffer(&s); token->mechTypes.pvBuffer = Stream_Buffer(&s);
WLog_DBG(TAG, "\tmechTypes [0] (%li bytes)", token->mechTypes.cbBuffer); WLog_DBG(TAG, "\tmechTypes [0] (%li bytes)", token->mechTypes.cbBuffer);
} }
/* negState [0] ENUMERATED */
else else
{ {
/* negState [0] ENUMERATED */
if (!WinPrAsn1DecReadEnumerated(&dec2, &token->negState)) if (!WinPrAsn1DecReadEnumerated(&dec2, &token->negState))
return FALSE; return FALSE;
WLog_DBG(TAG, "\tnegState [0] (%d)", token->negState); WLog_DBG(TAG, "\tnegState [0] (%d)", token->negState);
} }
break; break;
case 1: case 1:
/* reqFlags [1] ContextFlags BIT STRING (ignored) */
if (token->init) if (token->init)
{ {
WinPrAsn1DecPeekTagAndLen(&dec2, &tag, &len); /* reqFlags [1] ContextFlags BIT STRING (ignored) */
if (tag != ER_TAG_BIT_STRING) if (!WinPrAsn1DecPeekTagAndLen(&dec2, &tag, &len) || (tag != ER_TAG_BIT_STRING))
return FALSE; return FALSE;
WLog_DBG(TAG, "\treqFlags [1] (%li bytes)", len); WLog_DBG(TAG, "\treqFlags [1] (%li bytes)", len);
} }
/* supportedMech [1] MechType */
else else
{ {
/* supportedMech [1] MechType */
if (!WinPrAsn1DecReadOID(&dec2, &token->supportedMech, FALSE)) if (!WinPrAsn1DecReadOID(&dec2, &token->supportedMech, FALSE))
return FALSE; return FALSE;
WLog_DBG(TAG, "\tsupportedMech [1] (%s)", WLog_DBG(TAG, "\tsupportedMech [1] (%s)",
@ -462,7 +461,7 @@ static BOOL negotiate_read_neg_token(PSecBuffer input, NegToken* token)
token->mechToken.BufferType = SECBUFFER_TOKEN; token->mechToken.BufferType = SECBUFFER_TOKEN;
WLog_DBG(TAG, "\tmechToken [2] (%li bytes)", octet_string.len); WLog_DBG(TAG, "\tmechToken [2] (%li bytes)", octet_string.len);
break; break;
case 0xA3: case 3:
/* mechListMic [3] OCTET STRING */ /* mechListMic [3] OCTET STRING */
if (!WinPrAsn1DecReadOctetString(&dec2, &octet_string, FALSE)) if (!WinPrAsn1DecReadOctetString(&dec2, &octet_string, FALSE))
return FALSE; return FALSE;
@ -472,6 +471,7 @@ static BOOL negotiate_read_neg_token(PSecBuffer input, NegToken* token)
WLog_DBG(TAG, "\tmechListMIC [3] (%li bytes)", octet_string.len); WLog_DBG(TAG, "\tmechListMIC [3] (%li bytes)", octet_string.len);
break; break;
default: default:
WLog_ERR(TAG, "unknown contextual item %d", contextual);
return FALSE; return FALSE;
} }
} while (WinPrAsn1DecPeekTag(&dec, &tag)); } while (WinPrAsn1DecPeekTag(&dec, &tag));
@ -569,7 +569,7 @@ static SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextW(
{ {
enc = WinPrAsn1Encoder_New(WINPR_ASN1_DER); enc = WinPrAsn1Encoder_New(WINPR_ASN1_DER);
if (!enc) if (!enc)
return SEC_E_INTERNAL_ERROR; return SEC_E_INSUFFICIENT_MEMORY;
if (!WinPrAsn1EncSeqContainer(enc)) if (!WinPrAsn1EncSeqContainer(enc))
goto cleanup; goto cleanup;