mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,127 Commits 6 Branches 74 Tags 84 MiB
17f547ae11
Commit Graph

2330 Commits

Author SHA1 Message Date
akallabeth
17f547ae11 Fixed CVE-2020-11521: Out of bounds write in planar codec. 
Thanks to Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
907640a924 Fixed CVE-2020-11522: Limit number of DELTA_RECT to 45. 
Thanks to Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
192856cb59 Fixed #6012: CVE-2020-11526: Out of bounds read in update_recv_orders 
Thanks to @hac425xxx and Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
e6d10041c1 Fix #6033: freeaddrinfo must not be called with NULL arguments. 2020-04-09 14:26:46 +02:00
Norbert Federa
c367f65d42
Merge pull request #6019 from akallabeth/bound_access_fixes 
Fix issues with boundary access.
 2020-04-06 13:53:28 +02:00
akallabeth
6f00add067 Export remaining packet length from rdp_read_share_control_header 2020-04-06 13:18:35 +02:00
akallabeth
0ad894adbc Fixed substream read in rdp_recv_tpkt_pdu 2020-04-06 11:58:48 +02:00
akallabeth
0533c05be3 Fixed rdp_recv_tpkt_pdu parsing, use substream. 2020-04-06 11:22:18 +02:00
akallabeth
df55f40ecf Fixed incorrect parser error message. 2020-04-06 10:42:06 +02:00
akallabeth
a022958ddf Better error message for partial parsed capability 2020-04-03 15:10:49 +02:00
akallabeth
cba63b6d43 Added fallback to CMDTYPE_STREAM_SURFACE_BITS 
Since our samples were incorrect, add a fallback with a log warnings
to the old CMDTYPE_STREAM_SURFACE_BITS by default behaviour.
 2020-04-03 12:18:59 +02:00
akallabeth
88ad9ca56b Fix sending/receiving surface bits command. 
* Pass on proper command type to application
* On send let the server implementation decide to send
   2.2.9.2.1 Set Surface Bits Command (TS_SURFCMD_SET_SURF_BITS) or
   2.2.9.2.2 Stream Surface Bits Command (TS_SURFCMD_STREAM_SURF_BITS)
Thanks to @viniciusjarina for tracing the issue down.
 2020-04-03 12:00:53 +02:00
akallabeth
2a379bfe09 Fixed invalid seek size in patrial pdu parse case 2020-04-02 17:41:49 +02:00
akallabeth
21320d973c Use safe seek for capability parsing 
thanks to @hardening for pointing that one out.
 2020-04-02 17:39:51 +02:00
akallabeth
ddfd0cdccf Use substreams to parse gcc_read_server_data_blocks 2020-04-02 17:39:43 +02:00
akallabeth
6b2bc41935 Fix #6010: Check length in read_icon_info 2020-04-02 17:34:02 +02:00
akallabeth
67c2aa52b2 Fixed #6013: Check new length is > 0 2020-04-02 17:33:54 +02:00
akallabeth
3627aaf7d2 Fixed #6011: Bounds check in rdp_read_font_capability_set 2020-04-02 17:28:17 +02:00
akallabeth
f8890a645c Fixed #6005: Bounds checks in update_read_bitmap_data 2020-04-02 17:28:10 +02:00
akallabeth
ed53cd148f Fixed #6006: bounds checks in update_read_synchronize 2020-04-02 17:28:04 +02:00
akallabeth
f5e73cc7c9 Fixed #6009: Bounds checks in autodetect_recv_bandwidth_measure_results 2020-04-02 17:27:59 +02:00
akallabeth
9301bfe730 Fixed #6007: Boundary checks in rdp_read_flow_control_pdu 2020-04-02 17:27:53 +02:00
akallabeth
bc33a50c5a Treat NULL and empty string as the same for credentials. 2020-03-24 12:34:35 +01:00
akallabeth
cf2f674283 Initialize KeyboardHook with define instead of magic number 2020-03-18 17:22:08 +01:00
Armin Novak
4216646746 Fixed length checks for compressed rdp data. 2020-03-10 14:05:10 +01:00
Armin Novak
297ad536a2 Cleaned up bulk_compress/decompress, prettified log. 2020-03-10 14:05:10 +01:00
Armin Novak
49b17e4e03 Refactored bulk compression 
* Arguments now opaque
* Removed internal functions from external interface
 2020-03-10 14:05:10 +01:00
Armin Novak
3ba66db99d Unify pReceiveChannelData and psPeerReceiveChannelData 
Fix definitions of the two function pointers.
Use and definition did not match, fix that.
Will create warnings in external projects
 2020-03-10 12:21:14 +01:00
Armin Novak
d5b5088eac Fixed misinterpretation of SendChannelData 
SendChannelData was defined with a return value of type int, but
used as BOOL everywhere. Fix the definition to match use.
 2020-03-10 12:21:14 +01:00
Armin Novak
c7187928e9 Fix tpkt header length checks for encrypted packets 
If securityFlag SEC_ENCRYPT is set, remove the encryption headers from
the TPKT header length on comparison.
 2020-03-10 12:20:50 +01:00
Armin Novak
cc49a212bd Default to positive return for missing callbacks 
When using +async-update, default to positive return if some
client callback is not implemented.
 2020-03-10 08:59:52 +01:00
Armin Novak
d3b36ab299 Added CertificateAcceptedFingerprints to settings 2020-03-06 11:37:35 +01:00
Armin Novak
07605b0281 Consume all TPKT data reading new/upgrade license 2020-03-05 13:48:58 +01:00
Armin Novak
f1098aa17c rdp_recv_tpkt_pdu verbose debug parsing issues 
Print out parsing issues found in MCS Channel 1003 parsing.
 2020-03-05 13:48:58 +01:00
Armin Novak
8e55c44088 tpkt_ensure_stream_consumed now more verbose. 
tpkt_ensure_stream_consumed now writes the function it was called
from to the log. This should help identify areas the check failed.
 2020-03-05 13:48:58 +01:00
Armin Novak
825d63cf0c Added clarifications in freerdp_channel_process 2020-03-04 15:01:36 +01:00
Armin Novak
d7ba252cd7 Fixed arguments for peer->ReceiveChannelData 2020-03-04 14:52:19 +01:00
Armin Novak
0f729d2b2c Fixed conversion and return checks. 
* Fix some missing argument checks for function pointer implementations
* Fix broken return value check for client->SendChannelData
* Updated const correctness for function pointer implementations
 2020-03-04 14:44:03 +01:00
Armin Novak
9398e8e647 Fixed freerdp_channel_process length checks 
Fragmented data was not handled properly.
 2020-03-04 14:44:03 +01:00
Armin Novak
4ad158fac6 Added freerdp_channels_data argument checks. 2020-03-04 14:44:03 +01:00
Armin Novak
bda2731035 Fixed reading suppress output pdu 
Optional rectangle must be read from PDU
 2020-03-03 13:10:24 +01:00
Armin Novak
1b91c77350 Fixed shadow server with mstsc as client. 2020-03-03 12:27:19 +01:00
Armin Novak
0d1c440cf5 Consume stream data in autoconnect 
TPKT checks failed due to payload data not consumed in autodetect.
 2020-03-02 13:54:44 +01:00
Armin Novak
be714d2a13 Fixed tpkt header length checks. 
TPKT header length and consumption of data was not consistently
checked. This adds checks after each packet processed and fixes
any inconsistencies found.
 2020-03-02 11:40:35 +01:00
Armin Novak
039bb88fef Fixed warnings in capabilities.c 2020-03-02 11:40:35 +01:00
Armin Novak
171e73d797 Fixed compiler warnings in info.c 2020-03-02 11:40:35 +01:00
Armin Novak
318cb3dd47 Added tpkt header length plausibility checks. 2020-03-02 11:40:35 +01:00
Armin Novak
ce387ba04f Check length of TPKT header for plausibility. 2020-03-02 11:40:35 +01:00
Kobi Mizrachi
9417350d92 core: channels: add API to get channel name/id 2020-02-26 11:47:01 +01:00
Martin Fleisz
7ae8a158a0
Merge pull request #5707 from akallabeth/kbd_codepage 
Added KeyboardCodePage option
 2020-02-25 14:50:51 +01:00