Commit Graph

30 Commits

Author SHA1 Message Date
Armin Novak
031c8bacfa [codec,zgfx] fix cBitsRemaining calculation
fixed out of bound read reported by @pwn2carr
2023-08-28 12:50:55 +02:00
akallabeth
075506f6c8 [winpr,stream] use new Stream_CheckAndLogRequiredLength* 2023-01-25 14:27:32 +01:00
akallabeth
5b90d0bc1d Added missing length checks in zgfx_decompress_segment 2022-11-14 09:28:22 +01:00
Armin Novak
ee243d17aa Fixed #7837: Overallocate zgfx output buffers
Some decoders require additional byte alignment to prevent out
of bound reads
2022-04-27 18:39:41 +02:00
akallabeth
73cdcdfe09
Logging and parser fixes (#7796)
* Fixed remdesk settings pointer

* Fixed sign warnings in display_write_monitor_layout_pdu

* Use freerdp_abort_connect_context and freerdp_shall_disconnect_context

* Added and updates settings

* info assert/dynamic timezone

* mcs assert/log/flags

* Fixed and added assertions for wStream

* Unified stream length checks

* Added new function to check for lenght and log
* Replace all usages with this new function

* Cleaned up PER, added parser logging

* Cleaned up BER, added parser logging

* log messages

* Modified Stream_CheckAndLogRequiredLengthEx

* Allow custom format and options
* Add Stream_CheckAndLogRequiredLengthExVa for prepared va_list

* Improved Stream_CheckAndLogRequiredLength

* Now have log level adjustable
* Added function equivalents for existing logger
* Added a backtrace in case of a failure is detected

* Fixed public API input checks
2022-04-19 14:29:17 +02:00
Armin Novak
4d03d7c0bf Freerdp remove #ifdef HAVE_CONFIG_H 2022-03-03 11:26:48 +01:00
Armin Novak
b2ad47a809 Reorganized FreeRDP headers 2022-03-03 11:26:48 +01:00
akallabeth
8cc6582044
Unify struct definitions (#7633)
* Unified enum/struct definitions, fixed include issues

* Fixed mac compilation issues

* Added missing include

* Fixed windows server build warnings

* Fixed VS2010 build issue

* Removed unnecessary library linking

* Fixed ThreadPool WinXP compatibility

* Fixed pr review remarks
2022-02-14 14:59:22 +01:00
Armin Novak
10e40147fb Fixed various const warnings 2022-02-01 10:25:37 +00:00
akallabeth
7b7e2d6f32 Prefer constant division over multiplication for length checks 2021-09-21 08:55:22 +02:00
Armin Novak
72ca88f49c Reformatted to new style 2019-11-07 10:53:54 +01:00
Armin Novak
9610faddaa Fixed sign-compare warnings 2019-04-05 09:13:24 +02:00
Armin Novak
17c363a516 Fixed CVE-2018-8784
Thanks to Eyal Itkin from Check Point Software Technologies.
2018-11-20 11:08:31 +01:00
Armin Novak
602f4a2e14 Fixed CVE-2018-8785
Thanks to Eyal Itkin from Check Point Software Technologies.
2018-11-20 11:08:31 +01:00
Armin Novak
50c7777bbb Prevent malloc of size 0 2018-02-09 11:41:53 +01:00
David Fort
e1cc601963
Merge pull request #4323 from akallabeth/scanbuild_fixes
Scanbuild and other warnings fixed
2018-01-08 11:16:21 +01:00
David Fort
5e2d6ea029 zgfx: add a check 2017-12-22 17:55:48 +01:00
Armin Novak
50a0968c6a Removed unused variables. 2017-12-21 11:29:24 +01:00
Armin Novak
dbdc4f4933 Fixed endianess issues of zgfx decoder. 2017-11-23 09:32:29 +01:00
Armin Novak
b2c29158be Scanbuild warning, argument checks and leak fixes.
* Added Stream_GetRemainingCapacity to check remaining stream size
  before writes.
* Fixed shadow server memory leak.
* Fixed lots of scanbuild warnings
* Added missing argument checks in many functions
* Added missing static function declarations
2017-03-02 18:13:43 +01:00
zihao.jiang
2b6bd2626d rdpgfx: various fixes according to comments
1. Fix stream leak in rdpgfx
2. Make src data const in zgfx. Harden zgfx to be independent to byte order
3. Fix written bytes return value in channel write
4. Add check for return value in shadow_client.c
5. Add gfx callback to send surface command with frame marker pdu.
6. Check remain length for recv subroutine
7. Fix compile errors
2016-08-07 20:15:39 +08:00
zihao.jiang
746a754244 rdpgfx: Implementation for server side channel
server/shadow: support h264 codec with gfx channel
2016-08-07 20:14:33 +08:00
David FORT
7c3f8f33ab Fixes for malloc / calloc + other fixes
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
2015-06-22 19:21:47 +02:00
Norbert Federa
1eff1a345e free can handle NULL perfectly fine 2015-05-11 09:07:39 +02:00
Marc-André Moreau
77c3de47d7 libfreerdp-codec: optimize zgfx history buffer wrap around 2014-06-05 18:09:37 -04:00
Marc-André Moreau
b4ba2c7a38 libfreerdp-codec: optimize zgfx bitstream 2014-06-05 15:41:42 -04:00
Marc-André Moreau
4e86211f34 libfreerdp-codec: refactor zgfx 2014-06-05 15:24:36 -04:00
Marc-André Moreau
161e7b0026 libfreerdp-codec: simplify zgfx segment processing 2014-06-05 14:52:27 -04:00
Marc-André Moreau
a50e4d16fc libfreerdp-codec: integrate basic RDP8 decompression support 2014-06-03 14:29:55 -04:00
Marc-André Moreau
abd833c27e libfreerdp-codec: stub new ZGFX (RDP8) bulk compressor/decompressor 2014-06-03 13:38:10 -04:00