Commit Graph

14242 Commits

Author SHA1 Message Date
akallabeth
52dd312e11 Fixed various input buffer length checks in URBDRC
Thanks to hac425 CVE-2020-11039
2020-05-08 11:04:03 +02:00
akallabeth
af79aafbba Fixed int overflow in smartcard_ndr_read
Thanks to hac425
2020-05-08 11:04:03 +02:00
akallabeth
9f77fc3dd2 Fixed int overflow in msusb_mspipes_read
Thanks to hac425
2020-05-08 11:04:03 +02:00
akallabeth
8e9b0a625b Fixed int overflow in printer_write_setting
Thanks to hac425
2020-05-08 11:04:03 +02:00
akallabeth
06c32f1700 Fixed int overflow in PresentationContext_new
Thanks to hac425 CVE-2020-11038
2020-05-08 11:04:03 +02:00
akallabeth
dffd893dc5 Fixed integer overflow in winpr_image_bitmap_read_buffer
Thanks to hac425
2020-05-08 11:04:03 +02:00
akallabeth
a73adecaf4 Fixed #6112: Segfault in update_decompress_brush
The iterators need to be signed for the loop check to work.
2020-05-06 13:31:57 +02:00
akallabeth
3a06ce058f Fixed oob read in rfx_process_message_tileset
Check input data length
Thanks to hac425 CVE-2020-11043
2020-05-06 13:31:57 +02:00
akallabeth
363d7046df Fixed oob read in clear_decompress_subcode_rlex
Fixed length checks before stream read.
Thanks to hac425 CVE-2020-11040
2020-05-06 13:31:57 +02:00
akallabeth
2215fef975 Fixed oob read in rdpsnd_recv_wave2_pdu
Check format index before using it.
Thanks to hac425 CVE-2020-11041
2020-05-06 13:31:57 +02:00
akallabeth
0332cad015 Fixed oob read in update_recv
properly use update_type_to_string to print update type.
Thanks to hac425 CVE-2020-11019
2020-05-06 13:31:57 +02:00
akallabeth
66d3b77d88 update_decompress_brush: explicit output length checks
The output length was just assumed to be >= 256 bytes, with this
commit it is explicitly checked.
2020-05-06 13:31:57 +02:00
akallabeth
cbee45aace Fixed clipboard 'called with invalid type' warning 2020-05-06 13:31:57 +02:00
akallabeth
8ec50b6cc1 Fix short format name configuration and format list return. 2020-05-06 13:31:57 +02:00
akallabeth
a167f3b779 Fixed possible int overflow. 2020-05-06 13:31:57 +02:00
akallabeth
873ed92a84 Remove unnecessary cast. 2020-05-06 13:31:57 +02:00
akallabeth
5305d62b72 Fix oob read in msusb_msconfig_read 2020-05-06 13:31:57 +02:00
akallabeth
6b485b146a Fixed oob read in irp_write and similar 2020-05-06 13:31:57 +02:00
akallabeth
795842f409 Fixed oob read in parallel_process_irp_create 2020-05-06 13:31:57 +02:00
akallabeth
6efa8290d8 Fixed oob read in parallel_process_irp_read 2020-05-06 13:31:57 +02:00
akallabeth
917daa8b56 Fixed oob read in parallel_process_irp_write 2020-05-06 13:31:57 +02:00
akallabeth
8241ab42fd Fixed oob read in ntlm_read_AuthenticateMessage 2020-05-06 13:31:57 +02:00
akallabeth
afdffac4b5 Fixed oob read in ntlm_read_ntlm_v2_response 2020-05-06 13:31:57 +02:00
akallabeth
8fa3835963 Fixed oob read in ntlm_read_NegotiateMessage 2020-05-06 13:31:57 +02:00
akallabeth
b230ac98e9 Fixed oob read in cliprdr_read_format_list 2020-05-06 13:31:57 +02:00
akallabeth
8e1a1b4075 Fixed cliprdr_server_receive_capabilities
Thanks to hac425 CVE-2020-11017, CVE-2020-11018
2020-05-06 13:31:57 +02:00
Bernhard Miklautz
fd5bdee8b3
Merge pull request #6147 from akallabeth/rdpsnd_thread
Use dedicated sound decoder thread.
2020-05-06 13:19:29 +02:00
Bernhard Miklautz
27f2eb13c7 new: add a simple issue template for backports 2020-05-05 18:03:03 +02:00
Bernhard Miklautz
c50c23743b fix: cleanup bug_report template 2020-05-05 18:03:03 +02:00
akallabeth
f016f1ec09 Create data copy in case of dynamic sound channel. 2020-05-05 17:03:14 +02:00
Bernhard Miklautz
ecc9f12733
Merge pull request #6140 from akallabeth/smartcard_silence
Silence SCARD_E_TIMEOUT warnings
2020-05-05 15:41:04 +02:00
Bernhard Miklautz
3e89574205
Merge pull request #6124 from akallabeth/speedup
Unify inline and some warning fixes
2020-05-05 15:34:38 +02:00
akallabeth
af554b5a54 Use dedicated sound decoder thread. 2020-05-05 14:25:54 +02:00
Martin Fleisz
953fc03031
Merge pull request #6138 from akallabeth/rdp_file_message_fix
Fixed warning messages for RDP file options
2020-05-05 12:21:15 +02:00
David Fort
1a058ed8f6
Merge pull request #6146 from akallabeth/wayland_fs_fix
Wayland fullscreen fix
2020-05-05 11:35:28 +02:00
akallabeth
5f5bf10703 Fixed warning messages for RDP file options
networkautodetect and bandwidthautodetect are both boolean options
which must match each other. Added adequate warnings.
2020-05-05 10:43:33 +02:00
akallabeth
79522d7e2f Fixed primary monitor index for wayland fullscreen 2020-05-05 10:31:26 +02:00
akallabeth
9900e52073 Fixed UwacDisplayGetOutput and UwacOutputGetResolution checks
return proper error conditions if arguments are invalid.
2020-05-05 10:29:25 +02:00
Linus Heckemann
5ce0ab909f
shadow_server: allow specifying IP addresses to listen on (#6050)
* shadow_server: allow specifying IP addresses to listen on

This allows using IPv6 as well as listening only on specific
interfaces. Additionally, it enables listening on local and TCP
sockets simultaneously.

* listener: log address with square brackets

This disambiguates IPv6 addresses.

* shadow_server: check error on each socket binding

* Refactored shadow /bind-address for 2.0 compiatibility.

* Made /ipc-socket and /bind-address incompatible arguments.

* Fixed shadow /bind-address handling and description

* Allow multiple bind addresses for shadow server.

Co-authored-by: akallabeth <akallabeth@posteo.net>
2020-05-05 08:35:19 +02:00
Armin Novak
e80316cf9a Silence SCARD_E_TIMEOUT warnings
These occur quite often for status calls, so reduce log verbosity.
2020-05-04 17:32:55 +02:00
David Fort
5b98aa7515
Merge pull request #6063 from akallabeth/expert_settings
Added expert settings /tune and /tune-list
2020-05-04 12:09:39 +02:00
David Fort
6fb771e401
Merge pull request #6123 from akallabeth/cert_fix
Fixed #6122: Allow SSL server and client purpose
2020-05-04 12:04:08 +02:00
Andrey
f14373172d
Android client version bump (#6126)
Library names update

Co-authored-by: Andrey Rankov <andreyr@appcard.com>
2020-05-04 09:38:31 +02:00
akallabeth
77b38d9375 Fixed #6087: Inconsistend scroll on wayland
Thanks to @yol and @SaschaWessel a bug in scroll step conversion
was uncovered. The RDP value ranges are inverted when scrolling
in negative direction.
2020-05-04 08:57:56 +02:00
qarmin
fe8bad1698 Don't allow to overflow dev_array array 2020-05-01 20:34:59 +02:00
qarmin
ceec2cf1a0 Fixed copy paste error in MessagePipe.c 2020-05-01 19:42:46 +02:00
Sascha Wessel
ff618f53f7 libuwac/input: Fix memory leak
`create_pointer_buffer()` allocates memory with `mmap` and never frees it.

Adding a corresponding `munmap` fixes this issue.
2020-04-29 22:31:02 +02:00
akallabeth
9379f93034 Fixed #6121: Use correct destination color format 2020-04-28 12:40:03 +02:00
akallabeth
ca6d2d1b2c Workaround #6072: FFMPEG AAC encoding graded experimental
Due to many reporing issues with different AAC encoder configurations
deactivate support by default. Can be enabled by compiling with
experimental codec support.
2020-04-28 12:39:32 +02:00
akallabeth
9d014fe1ea Fixed compiler warnings for usb channel 2020-04-27 08:19:42 +02:00