Commit Graph

4184 Commits

Author SHA1 Message Date
Peter Harris
63ef97a2b3 core/nla: fix order of operations
The order of evaluation of the two sides of addition is undefined in C.
Since there is no sequence point between ber_write_contextual_tag and
ber_write_octet_string, these two functions can be called in any order.

Force the correct order by breaking the two function calls into two
separate statements.
2020-10-06 17:19:38 +02:00
Kobi
dd7f70c0be
Merge pull request #6484 from kubistika/proxy_improve_logs
improve proxy logs
2020-09-21 14:26:34 +03:00
kubistika
508ba9201f core: server: add API to get peer accepted channel names 2020-09-21 14:16:22 +03:00
akallabeth
dbe5b69223 Fixed NULL checks (#6474) 2020-09-21 08:30:54 +00:00
Armin Novak
3b63903d3f Removed obsolete connectErrorCode 2020-09-16 10:21:15 +02:00
Nathan Loewen
a5ba0bbdf0 let freerdp_image_scale() determine step size 2020-09-14 09:21:33 +02:00
Alexandr
cf2daeb01d
cleanup of https://github.com/FreeRDP/FreeRDP/pull/6448 (#6455)
* Implemented switchable transport layer

Co-authored-by: akallabeth <akallabeth@posteo.net>
2020-09-02 13:37:04 +02:00
Martin Fleisz
223c42a0c7
Merge pull request #6453 from akallabeth/settings_refactor
Use settings string setter to overwrite computername
2020-09-02 12:49:22 +02:00
akallabeth
4d7cddd7c6 Use settings string setter to overwrite computername 2020-09-02 12:13:20 +02:00
akallabeth
70881d3957 Fixed #6442: Use cmake to provide source directory for test pem 2020-08-25 09:48:29 +02:00
Martin Fleisz
0f64e07444
Merge pull request #6424 from akallabeth/warning_fixes
Fixed #6418: Warning due to invalid const qualifier
2020-08-11 08:25:38 +02:00
Armin Novak
10ed4ec422 Improve NLA auth token debugging 2020-08-10 17:10:42 +02:00
Armin Novak
bfa07e701d Refactored rdg_read_http_unicode_string warning fixes 2020-08-10 16:39:49 +02:00
Armin Novak
32c9a519df Improve NLA error code logging. 2020-08-10 14:35:40 +02:00
Armin Novak
e50a8e09ee Fixed warnings. 2020-08-10 12:26:46 +02:00
Armin Novak
47d02a76ce Fixed missing input length check for color pointer. 2020-08-10 12:26:33 +02:00
Armin Novak
57b405ca26 Fixed compilation warnings. 2020-08-10 12:14:11 +02:00
Armin Novak
226b072af8 Fixed #6418: Warning due to invalid const qualifier 2020-08-10 11:47:52 +02:00
Martin Fleisz
0f70aa2f43
Merge pull request #6415 from akallabeth/proxy_settings_api
Use freerdp_settings_[s|g]et* api to access proxy vaiables.
2020-08-05 11:47:05 +02:00
akallabeth
44ea09e7ad Use freerdp_settings_[s|g]et* api to access proxy vaiables.
Fixes #6414
2020-08-05 11:29:00 +02:00
Martin Fleisz
d87d351c00 Add GatewayMessageType to public API 2020-08-04 15:58:48 +02:00
Martin Fleisz
e8c99f3a00 gateway: Add processing of consent and service messages with HTTP gateway 2020-08-04 15:58:48 +02:00
akallabeth
fde4867574 Fix #6399: Call ConvertFromUnicode with length -1.
The input string has ensured NULL termination, so let the function
determine the correct length.
2020-07-31 09:14:38 +02:00
Zhu Qun-Ying
0627357d66 remove wrong initialization value 2020-07-29 08:47:12 +02:00
Armin Novak
76d10561bb Set BIO data NULL on cleanup
Recursive BIO free could double free, if the BIO data is not set
NULL when removed.
2020-07-23 10:48:39 +02:00
Bernhard Miklautz
7f7a8f4d2f fix: code formatting 2020-07-20 15:29:44 +02:00
akallabeth
e08a23f931 Fixed missing input sanitation for GFX surfaces.
Thanks to Sunglin and HuanGMz of the Knownsec 404 security team and pangzi of pwnzen
2020-07-20 14:11:36 +02:00
Bernhard Miklautz
efdc99528f new [orders]: BMF_24BPP support and some comments
* cached brush orders missed the BMF_24BPP documented case
  ([MS-RDPEGDI] 2.2.2.2.1.2.7)
* add some comments on secondary (brush) order details
2020-07-20 14:11:36 +02:00
Norbert Federa
54fdf7947d core: fix invalid inttype and reference
The error message in tpdu_read_header() printed the pointer address and
used PRIu16 for an UINT8 type
2020-07-20 13:18:45 +02:00
Giovanni Panozzo
9f7e475c16 Fix seeking in Cache Brush and other Secondary Drawing Orders 2020-07-15 00:11:03 +02:00
Kobi Mizrachi
5d39200cd7 libfreerdp: core: add ServerHeartbeat callback 2020-07-07 09:57:53 +02:00
Martin Fleisz
1996fde3d4
Merge pull request #6321 from akallabeth/extended_order_warn
Added hint for errors due to missing offscreen-cache
2020-07-06 16:28:40 +02:00
akallabeth
c5984ff811 Filter GSM codec for microphone redirection 2020-06-29 13:26:15 +02:00
akallabeth
57e7a99393 Added hint for errors due to missing offscreen-cache 2020-06-29 08:12:51 +02:00
Pascal Nowack
f25fbaee9c nsc: Fix memory leak
Fixes the following memory leak:

==115716== 16,662,960 bytes in 459 blocks are definitely lost in loss record 3,504 of 3,504
==115716==    at 0x48396AF: malloc (vg_replace_malloc.c:306)
==115716==    by 0x4C6A4E2: nsc_context_initialize_encode (nsc_encode.c:77)
==115716==    by 0x4C6A4E2: nsc_compose_message (nsc_encode.c:497)
2020-06-29 08:12:13 +02:00
Armin Novak
ce1a9d8d19 Fixed #6298: Mask CACHED_BRUSH when checking brush style 2020-06-23 09:24:35 +02:00
akallabeth
02c5ec66e5 Fixed possible integer overflow in crypto_rsa_common
Thanks @anticomputer for pointing this out
2020-06-22 12:09:36 +02:00
akallabeth
f753c25ad3 Reset freed HGDI_DC
CVE-2020-4031 thanks to @antonio-morales for finding this.
2020-06-22 11:51:39 +02:00
akallabeth
0a98c450c5 Fixed out of bound read in RLEDECOMPRESS
CVE-2020-4033 thanks to @antonio-morales for finding this.
2020-06-22 11:51:39 +02:00
akallabeth
e7bffa64ef Fixed OOB read in update_recv_secondary_order
CVE-2020-4032 thanks to @antonio-morales for finding this.
2020-06-22 11:51:39 +02:00
akallabeth
b8beb55913 Fixed OOB read in update_read_cache_bitmap_v3_order
CVE-2020-11096 thanks @antonio-morales for finding this.
2020-06-22 11:51:38 +02:00
akallabeth
733ee32083 Fixed invalid access in update_recv_primary_order
CVE-2020-11095 thanks @antonio-morales for finding this.
2020-06-22 11:51:38 +02:00
akallabeth
3ac7bb5d6a Fixed pcap cleanup 2020-06-22 11:51:38 +02:00
akallabeth
c0fd449ec0 Fixed Out-of-bound read in glyph_cache_put
CVE-2020-11098 thanks to @antonio-morales for finding this.
2020-06-22 11:51:38 +02:00
akallabeth
6ade7b4cbf Fixed OOB Read in license_read_new_or_upgrade_license_packet
CVE-2020-11099 thanks to @antonio-morales for finding this.
2020-06-22 11:51:38 +02:00
Armin Novak
0d80353bf3 Added missing SECBUFFER_READONLY flag in rpc_client_write_call 2020-06-19 11:31:13 +02:00
Armin Novak
ff79636d33 TSG improvements
* Respect connection timeout during connect
* Better debug output
* Cleaned up data types,
2020-06-19 11:31:13 +02:00
Martin Fleisz
cf7b9ca055 Fix usage of DsMakeSpn with IP address hostnames 2020-06-15 15:38:54 +02:00
akallabeth
733026dada Fixed #6267: adjust write_pixel_16 endian handling 2020-06-08 15:10:24 +02:00
Ondrej Holy
230d83b319 gdi: Fix missing unlock
This fixes the following defect reported by covscan tool:
libfreerdp/gdi/gfx.c:144: missing_unlock: Returning without unlocking "update->mux".
2020-06-04 07:55:12 +02:00