From e79c6b7d685d5b11bab2b150bf87b398936803e9 Mon Sep 17 00:00:00 2001 From: Hardening Date: Fri, 9 May 2014 22:37:47 +0200 Subject: [PATCH] Treat OOM in GCC certificates This patch treats OOM cases and do a trivial cleanup --- libfreerdp/core/certificate.c | 8 +----- libfreerdp/core/gcc.c | 48 +++++++++++++++-------------------- 2 files changed, 22 insertions(+), 34 deletions(-) diff --git a/libfreerdp/core/certificate.c b/libfreerdp/core/certificate.c index 233ca8ff4..fcc3f01bf 100644 --- a/libfreerdp/core/certificate.c +++ b/libfreerdp/core/certificate.c @@ -717,13 +717,7 @@ void key_free(rdpRsaKey* key) rdpCertificate* certificate_new() { - rdpCertificate* certificate; - - certificate = (rdpCertificate*) calloc(1, sizeof(rdpCertificate)); - if (!certificate) - return NULL; - - return certificate; + return (rdpCertificate*) calloc(1, sizeof(rdpCertificate)); } /** diff --git a/libfreerdp/core/gcc.c b/libfreerdp/core/gcc.c index 9d8932aef..d9c6fe67a 100644 --- a/libfreerdp/core/gcc.c +++ b/libfreerdp/core/gcc.c @@ -982,37 +982,31 @@ BOOL gcc_read_server_security_data(wStream* s, rdpMcs* mcs) if (Stream_GetRemainingLength(s) < settings->ServerRandomLength + settings->ServerCertificateLength) return FALSE; - if (settings->ServerRandomLength > 0) - { - /* serverRandom */ - settings->ServerRandom = (BYTE*) malloc(settings->ServerRandomLength); - Stream_Read(s, settings->ServerRandom, settings->ServerRandomLength); - } - else - { + if ((settings->ServerRandomLength <= 0) || (settings->ServerCertificateLength <= 0)) return FALSE; - } - if (settings->ServerCertificateLength > 0) - { - /* serverCertificate */ - settings->ServerCertificate = (BYTE*) malloc(settings->ServerCertificateLength); - Stream_Read(s, settings->ServerCertificate, settings->ServerCertificateLength); - - certificate_free(settings->RdpServerCertificate); - settings->RdpServerCertificate = certificate_new(); - data = settings->ServerCertificate; - length = settings->ServerCertificateLength; - - if (certificate_read_server_certificate(settings->RdpServerCertificate, data, length) < 1) - return FALSE; - } - else - { + /* serverRandom */ + settings->ServerRandom = (BYTE*) malloc(settings->ServerRandomLength); + if (!settings->ServerRandom) return FALSE; - } + Stream_Read(s, settings->ServerRandom, settings->ServerRandomLength); - return TRUE; + + /* serverCertificate */ + settings->ServerCertificate = (BYTE*) malloc(settings->ServerCertificateLength); + if (!settings->ServerCertificate) + return FALSE; + Stream_Read(s, settings->ServerCertificate, settings->ServerCertificateLength); + + certificate_free(settings->RdpServerCertificate); + settings->RdpServerCertificate = certificate_new(); + if (!settings->RdpServerCertificate) + return FALSE; + + data = settings->ServerCertificate; + length = settings->ServerCertificateLength; + + return certificate_read_server_certificate(settings->RdpServerCertificate, data, length); } static const BYTE initial_signature[] =