mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,246 Commits 6 Branches 74 Tags 84 MiB
0f89e23542
Commit Graph

4095 Commits

Author SHA1 Message Date
akallabeth
0f89e23542 Fixed #6148: multiple ceritificate purposes 
OpenSSL certificate verification can only check a single purpose.
Run the checks with all allowed purposes and accept any.

(cherry picked from commit f3063a589d)
 2020-05-18 16:41:11 +02:00
akallabeth
2f75c4ac8d Ensure all NLA structs are freed up 
(cherry picked from commit 477ad675f3)
 2020-05-18 16:40:33 +02:00
akallabeth
5fc0ddeff5 Fixed #6156: Enforce synchronized encrypt count 
Old style RDP encryption uses a counter, synchronize this for
packets send from different threads.

(cherry picked from commit 873a9bef42)
 2020-05-18 16:38:42 +02:00
akallabeth
1178381809 Silence valgrind in rdp_read_header 
If a disconnect message is received, we returned success but did
not initialize the return arguments.

(cherry picked from commit b45336f51febb4c34b5bf33fdf8d63ce44fe9e99)
 2020-05-08 11:11:12 +02:00
Linus Heckemann
3c24e10bf3 shadow_server: allow specifying IP addresses to listen on (#6050) 
* shadow_server: allow specifying IP addresses to listen on

This allows using IPv6 as well as listening only on specific
interfaces. Additionally, it enables listening on local and TCP
sockets simultaneously.

* listener: log address with square brackets

This disambiguates IPv6 addresses.

* shadow_server: check error on each socket binding

* Refactored shadow /bind-address for 2.0 compiatibility.

* Made /ipc-socket and /bind-address incompatible arguments.

* Fixed shadow /bind-address handling and description

* Allow multiple bind addresses for shadow server.

Co-authored-by: akallabeth <akallabeth@posteo.net>
 2020-05-08 11:06:02 +02:00
akallabeth
c903aa0409 Fixed index out of bound access in update_glyph_offset 2020-05-08 11:06:02 +02:00
akallabeth
0f266b5362 Fixed #6112: Segfault in update_decompress_brush 
The iterators need to be signed for the loop check to work.
 2020-05-05 07:46:10 +02:00
akallabeth
e35d06f6e1 Fixed oob read in rfx_process_message_tileset 
Check input data length
Thanks to hac425 CVE-2020-11043
 2020-05-05 07:46:10 +02:00
akallabeth
32f705e597 Fixed oob read in clear_decompress_subcode_rlex 
Fixed length checks before stream read.
Thanks to hac425 CVE-2020-11040
 2020-05-05 07:46:10 +02:00
akallabeth
738d4bff00 Fixed oob read in update_recv 
properly use update_type_to_string to print update type.
Thanks to hac425 CVE-2020-11019
 2020-05-05 07:46:10 +02:00
akallabeth
f5b838de37 update_decompress_brush: explicit output length checks 
The output length was just assumed to be >= 256 bytes, with this
commit it is explicitly checked.
 2020-05-05 07:46:10 +02:00
akallabeth
13dac0ee2a Fixed possible int overflow. 2020-05-05 07:46:10 +02:00
akallabeth
09d0124418 Remove unnecessary cast. 2020-05-05 07:46:10 +02:00
akallabeth
a1a6790f99 Fixed oob read in irp_write and similar 2020-05-05 07:46:10 +02:00
Armin Novak
bc4615e5ed Added expert settings /tune and /tune-list 2020-05-05 07:46:10 +02:00
akallabeth
da03f7e04e Fixed #6122: Allow SSL server and client purpose 2020-05-05 07:46:10 +02:00
akallabeth
5d56937e20 Workaround #6072: FFMPEG AAC encoding graded experimental 
Due to many reporing issues with different AAC encoder configurations
deactivate support by default. Can be enabled by compiling with
experimental codec support.
 2020-05-05 07:46:09 +02:00
Raul Fernandes
54c902b3b5 Optimize function xcrush_copy_bytes() 
Use memcpy to copy the bytes when we can assure that the memory areas does not overlap.
When the areas overlap, copy the area that doesn't overlap repeatly.
With this change, the copy is ~30x faster.
 2020-05-05 07:46:09 +02:00
akallabeth
973731824b Fixed #6099: Add a flag for legacy hash entries 
If a legacy entry is found in certificate hash store print
additional information to the user informing about the change
with FreeRDP 2.0
 2020-04-28 14:03:19 +02:00
akallabeth
97bd60ba67 Refactored pointer and/xor data copying 
Using unified function upate_pointer_copy_andxor to copy now.
 2020-04-28 14:03:19 +02:00
akallabeth
cfc0d060c6 Refactored freerdp_image_copy_from_pointer_data 
Split monochrome and color pointer handling to separate functions.
 2020-04-28 14:03:19 +02:00
akallabeth
28e6c2e1d9 Fixed #6101: POINTER_LARGE_UPDATE serialization 
The length check and field sizes in _update_read_pointer_large
were off, corrected according to [MS-RDPBCGR] 2.2.9.1.2.1.11
Fast-Path Large Pointer Update (TS_FP_LARGEPOINTERATTRIBUTE)
 2020-04-28 14:03:19 +02:00
akallabeth
ccaad04876 Fix initialization of LargePointer flags 
Capability exchange is first reading server capabilities,
mask these with local settings and send only what both support.
 2020-04-28 14:03:19 +02:00
akallabeth
150343978d Fixed [MS-RDPBCGR] 2.2.9.1.1.4.4 Color Pointer Update 
The pointer size is limited to 32 pixel in width and height
unless LARGE_POINTER_FLAG_96x96 is set which increases the size
to 96 pixel.
 2020-04-28 14:03:19 +02:00
Raul Fernandes
4df7200836 Cache the calculated color 
In desktop area, the next color has high odds to be the same of previous color.
If we cache the value, it can be reused by the next pixel avoiding recalculation.
This optimization can halve the function's processing.
 2020-04-28 14:03:19 +02:00
akallabeth
cc6831ae31 Moved PROGRESSIVE_BLOCK_REGION to heap. 2020-04-28 14:03:19 +02:00
Armin Novak
2d0a136e8e Fixed #6067: Better CMake warning for deactivated image scaling 2020-04-28 14:03:19 +02:00
Armin Novak
4cfc5b25ef Fixed data type warnings 2020-04-28 14:03:19 +02:00
Armin Novak
808928ee7e Fixed format string warnings. 2020-04-28 14:03:19 +02:00
Linus Heckemann
b70be2ee04 tls: support non-RSA keys 2020-04-10 18:06:14 +02:00
akallabeth
a9daba0190 Check for int overflow in gdi_InvalidateRegion 2020-04-09 18:00:51 +02:00
akallabeth
6c0aeb10d2 Allow icon info with empty bitmap data. 2020-04-09 18:00:51 +02:00
akallabeth
232c7f4783 Abort order read on invalid element count. 2020-04-09 18:00:51 +02:00
akallabeth
acc6023643 Fixed possible NULL access. 2020-04-09 18:00:51 +02:00
akallabeth
a3996af062 Refactored gdi region 
* Added a unit test
* Fixed const correctness of function arguments
* Added return values for all functions
 2020-04-09 18:00:51 +02:00
akallabeth
b677b5db25 Proper error return from gdi_rect_str and gdi_regn_str 2020-04-09 18:00:51 +02:00
akallabeth
97efff4e90 Refactored order stream manipulation 
* Use stream seek instead of setting pointer directly
* Add log messages in case of inconsistencies
* Fixed missing stream advance in update_decompress_brush
 2020-04-09 18:00:51 +02:00
akallabeth
17f547ae11 Fixed CVE-2020-11521: Out of bounds write in planar codec. 
Thanks to Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
907640a924 Fixed CVE-2020-11522: Limit number of DELTA_RECT to 45. 
Thanks to Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
7b1d4b4939 Fix CVE-2020-11524: out of bounds access in interleaved 
Thanks to Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
e075f348d2 Added debug logging and claping to all region functions 2020-04-09 18:00:51 +02:00
akallabeth
ce21b9d7ec Fix CVE-2020-11523: clamp invalid rectangles to size 0 
Thanks to Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
192856cb59 Fixed #6012: CVE-2020-11526: Out of bounds read in update_recv_orders 
Thanks to @hac425xxx and Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
0b6b92a25a Fixed CVE-2020-11525: Out of bounds read in bitmap_cache_new 
Thanks to Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
e6d10041c1 Fix #6033: freeaddrinfo must not be called with NULL arguments. 2020-04-09 14:26:46 +02:00
Norbert Federa
c367f65d42
Merge pull request #6019 from akallabeth/bound_access_fixes 
Fix issues with boundary access.
 2020-04-06 13:53:28 +02:00
akallabeth
6f00add067 Export remaining packet length from rdp_read_share_control_header 2020-04-06 13:18:35 +02:00
akallabeth
0ad894adbc Fixed substream read in rdp_recv_tpkt_pdu 2020-04-06 11:58:48 +02:00
akallabeth
0533c05be3 Fixed rdp_recv_tpkt_pdu parsing, use substream. 2020-04-06 11:22:18 +02:00
akallabeth
df55f40ecf Fixed incorrect parser error message. 2020-04-06 10:42:06 +02:00