Commit Graph

54 Commits

Author SHA1 Message Date
David FORT
7c3f8f33ab Fixes for malloc / calloc + other fixes
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
2015-06-22 19:21:47 +02:00
Norbert Federa
1eff1a345e free can handle NULL perfectly fine 2015-05-11 09:07:39 +02:00
David FORT
c03bf75896 Take in account @nfedera's comments 2015-04-07 21:06:53 +02:00
David FORT
edb915943f Treat return values in license.c
This patch changes functions that should not return void and also treat the
callers of these functions.
2015-04-01 11:38:53 +02:00
David FORT
0eb399a717 Treat return values for security.c
This patch make functions in security.c return values when they should instead of
beeing void. And it also fix the callers of these functions.
2015-04-01 11:11:37 +02:00
Marc-André Moreau
aa8b843250 libfreerdp-core: move stuff down from transport to tsg layer 2015-02-11 11:57:02 -05:00
Norbert Federa
765b25933e license: fix for corrupted licensing packets
Since commit a228952 FreeRDP generates corrupt licensing packets if the rdp
security layer is used and the peer did not indicate that it is capable of
processing encrypted licensing packets:
That commit changed rdp->sec_flags after the rdp stream was already initialized
with encryption enabled which placed the PDU payload at an incorrect offset.

Instead of directly modifying the rdp->sec_flags this patch temporarily
disables rdp->do_crypt during rdp stream initialization if the client has not
advertised support for encrypted licensing packets.
2015-01-12 11:31:18 +01:00
Marc-André Moreau
d102e746c8 Merge branch 'awakecoding' of github.com:vworkspace/FreeRDP
Conflicts:
	libfreerdp/core/license.c
	libfreerdp/core/nego.c
	winpr/libwinpr/synch/wait.c
2014-09-19 14:38:25 -04:00
Mike McDonald
a228952a69 Modified server code to honor the negotiated setting for SEC_LICENSE_ENCRYPT_SC in the security exchange PDU (which controls the encryption of license PDUs from the server to the client). 2014-09-18 19:43:28 -04:00
Armin Novak
2f519d7f16 Replaced logging in libfreerdp with wlog defines. 2014-09-15 08:48:46 +02:00
Armin Novak
6762d73ae1 Fixed winpr_HexDump calls. 2014-09-09 16:33:05 +02:00
Armin Novak
f4c133eaf8 Replaced custom logging mechanism with WLog wrapper. 2014-08-07 16:51:24 +02:00
Hardening
9c18ae5bee Print function name when emiting an error 2014-05-21 17:27:36 +02:00
Zhang Zhaolong
8ce32773f3 core: fix memory leak in case of error out. 2014-04-26 12:00:07 +08:00
Maks Naumov
c230fae097 Make certificate_read_server_certificate() return BOOL 2014-04-08 19:23:06 +03:00
Norbert Federa
18cb418c81 core: FIPS for fastpath and RDP security fixes
- fixed invalid stream position if extEncryptionMethods is not used
- enabled 56bit rdp security method
- fixed entropy reduction of the keys for 40 bit and 56 bit
- added rdp security incl. FIPS for fastpath output
- added FIPS encryption to fast path input
- fixed FIPS key generation in server mode
- fixed stream length correction in FIPS mode
- added rdp encryption for licensing packets (apparently some clients,
  specifically cetsc, require the license packets received from the
  server to be encrypted under certain RDP encryption levels)
- replace errnous virtual extended mouse event in focus in event
2014-04-02 14:17:39 +02:00
Hardening
ac7507ab8d Adds some check to treat OOM problems + RDP security fix
Malloc can fail so it will, this patch adds some check in some places
where malloc/strdup results were not checked.

This patch also contains a server side fix for RDP security (credit to nfedera).
The signature len was badly set in the GCC packet. And some other RDP security
oriented fixes are also there.
2014-03-25 23:13:08 +01:00
Marc-André Moreau
de3156512c libfreerdp-core: start including wtsapi.h 2014-02-16 18:02:50 -05:00
Hardening
f1d6afca6a Fix CVE-2014-0791
This patch fixes CVE-2014-0791, the remaining length in the stream is checked
before doing some malloc().
2014-01-08 16:57:56 +01:00
Marc-André Moreau
3d339b04d9 libfreerdp-core: modify parsing functions to return int instead of BOOL to propagate session redirection return code 2013-11-04 15:52:29 -05:00
Marc-André Moreau
a0e09e6273 libfreerdp-core: fix server-side licensing sequence 2013-09-05 18:53:55 -04:00
Daryl Poe
f71f179c28 fix per-device CAL licensing
(cherry picked from commit d6d0d81d08)
2013-08-26 09:37:48 +02:00
Armin Novak
6e6581ab87 Fix for Issue #1349 2013-07-15 10:20:24 +02:00
Marc-André Moreau
5c37356506 libfreerdp-core: reduce reuse of the same send buffer 2013-05-15 13:17:29 -04:00
Marc-André Moreau
367ebf32a3 freerdp: make use of stream macros to access members 2013-05-15 12:14:26 -04:00
Marc-André Moreau
fd230443c5 freerdp: purge old stream utils 2013-05-08 16:27:21 -04:00
Marc-André Moreau
5b92413843 freerdp: purge deprecated stream utils 2013-05-08 16:09:16 -04:00
Marc-André Moreau
51715636a5 freerdp: remove some deprecated stream utils 2013-04-29 22:35:15 -04:00
Hardening
7701c9d934 Replace printf(...) by fprintf(stderr, ...) 2013-03-28 23:06:34 +01:00
Marc-André Moreau
a8201b0d1b libwinpr-utils: combine old and new stream utils 2013-03-21 15:19:33 -04:00
Marc-André Moreau
62eec0c2b5 libfreerdp-utils: rename internal members of STREAM to match new wStream 2013-03-21 15:01:46 -04:00
Marc-André Moreau
593a9030d3 libfreerdp-core: cleanup licensing RSA public key code 2013-02-05 10:02:06 -05:00
Marc-André Moreau
0de89ab4c9 libfreerdp-core: enable non-null licensing client random 2013-02-05 09:46:25 -05:00
Marc-André Moreau
d2873081ea libfreerdp-core: fix licensing key length 2013-02-05 09:30:53 -05:00
Marc-André Moreau
4cd720416a libfreerdp-core: added more licensing debug output 2013-02-05 01:07:34 -05:00
Marc-André Moreau
04c329cc53 libfreerdp-core: added more licensing debug output 2013-02-05 00:19:57 -05:00
Marc-André Moreau
1b97663de8 libfreerdp-core: license refactoring 2013-02-04 23:57:04 -05:00
Marc-André Moreau
1070931479 libfreerdp-core: fix decryption of encrypted error info PDU in license sequence 2013-02-04 16:39:05 -05:00
Marc-André Moreau
abca3f8c10 libfreerdp-core: fix check for null certificate 2013-01-25 13:47:56 -05:00
rdp.effort
0abf945a18 check or propagate return values when writing 2013-01-14 23:40:34 +01:00
rdp.effort
81c0e99ceb Misc fixes and result checks 2013-01-13 23:37:50 +01:00
rdp.effort
4d90284657 Renamed CODEC_ID_NONE to RDP_CODEC_ID_NONE as it is already defined in
avcodecs.h
Fixed a warning in schannel_openssl.c
Added checks for: input, mcs, tpdu, certificate, license
2013-01-12 14:49:01 +01:00
Marc-André Moreau
808fc210e3 libfreerdp-utils: remove hexdump utils in favor of WinPR utils 2012-12-13 23:54:54 -05:00
Marc-André Moreau
b2c3ca8cc4 libfreerdp-utils: replace all calls to deprecated function xzalloc 2012-11-21 19:22:41 -05:00
Marc-André Moreau
98dcdcfb8f libfreerdp-core: transport refactoring to split in/out channels 2012-11-14 20:46:51 -05:00
Marc-André Moreau
6427c9dd90 libfreerdp-core: rdpSettings refactoring (part 2) 2012-11-07 15:13:14 -05:00
Marc-André Moreau
9d064171a7 freerdp: get rid of old types 2012-10-09 03:26:39 -04:00
Marc-André Moreau
1bf8a45519 freerdp: change uint8, sint8, uint16, sint16 to BYTE, INT8, UINT16, INT16 2012-10-09 03:01:37 -04:00
Marc-André Moreau
1ed644786c freerdp: change boolean type to BOOL type 2012-10-09 02:38:39 -04:00
Marc-André Moreau
5612bc43f8 freerdp: change true/false to TRUE/FALSE 2012-10-09 02:31:28 -04:00