mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[core,rdp] Add a check for broken RDP security

Browse Source 
RDP security is rarely used nowadays, but there have been reports about
situations where the encryption key is missing.
Add this check to properly terminate the connection in case of such an
unexpected event.
This commit is contained in:
akallabeth 2022-11-25 10:05:32 +01:00 committed by akallabeth
parent 3262e11d1f
commit c8956513d6
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
libfreerdp/core/security.c
View File

@ -730,6 +730,12 @@ BOOL security_encrypt(BYTE* data, size_t length, rdpRdp* rdp)
{
BOOL rc = FALSE;
EnterCriticalSection(&rdp->critical);
if (!rdp->rc4_encrypt_key)
{
WLog_ERR(TAG, "[%s] rdp->rc4_encrypt_key=%p", __FUNCTION__, rdp->rc4_encrypt_key);
goto fail;
}
if (rdp->encrypt_use_count >= 4096)
{
if (!security_key_update(rdp->encrypt_key, rdp->encrypt_update_key, rdp->rc4_key_len, rdp))
@ -763,8 +769,11 @@ BOOL security_decrypt(BYTE* data, size_t length, rdpRdp* rdp)
WINPR_ASSERT(rdp);
EnterCriticalSection(&rdp->critical);
if (rdp->rc4_decrypt_key == NULL)
if (!rdp->rc4_decrypt_key)
{
WLog_ERR(TAG, "[%s] rdp->rc4_decrypt_key=%p", __FUNCTION__, rdp->rc4_decrypt_key);
goto fail;
}
if (rdp->decrypt_use_count >= 4096)
{