Commit Graph

1354 Commits

Author SHA1 Message Date
Bernhard Miklautz
68e8569110 winpr/synch: remove the dependency on winsock.h
winsock.h pulls in a lot of defines and dependencies that are not
required and partially unwanted in winpr's core (for parts that are not
related to network). In order to get rid of this dependency and have an
independent defines for extended winpr functions the WINPR_FD_* defines
are used internally (and for exposed functions). Where required, like in
WSAEventSelect, the FD_* is mapped to WINPR_FD_*.
2015-07-14 11:39:41 +02:00
Armin Novak
d18b0fbeb4 Handle API updated. 2015-07-03 09:52:52 +02:00
Hardening
ac93b26ba8 Merge pull request #2750 from realjiangms/fix_win32_wsaevent
Fix event created for WSAEventSelect
2015-07-02 09:26:13 +02:00
Armin Novak
3a9db563fd NLA: Fixed length check. 2015-07-01 16:05:11 +02:00
Armin Novak
8479c824fd Fixed handling of optional TSPasswordCreds field. 2015-07-01 15:30:38 +02:00
Armin Novak
6c0e1af4af NLA decrypt credentials fixed. 2015-07-01 14:31:55 +02:00
zihao.jiang
75407edf37 Fix event created for WSAEventSelect: The event we pass to WSAEventSelect should be WSAEVENT instead of normal event.
From MSDN, it looks same as CreateEvent(NULL, FALSE, FALSE, NULL):
	The WSACreateEvent function creates a manual-reset event object with an initial state of nonsignaled. The event object is unnamed.
However they are not really equivalent. When we use normal event, the WSAEventSelect still works but the event appears to be 'auto-reset'.
2015-07-01 01:52:59 +08:00
Bernhard Miklautz
1cee185e3c hardening: check fread and fwrite return values 2015-06-26 20:38:30 +02:00
Norbert Federa
20878e50fe Merge pull request #2724 from bmiklautz/leak_fix
Fix leaks in certificate and identity handling
2015-06-26 15:30:00 +02:00
Bernhard Miklautz
77ef5a80de nla: clear identity memory before releasing 2015-06-26 15:12:33 +02:00
Norbert Federa
ac95b7274e Merge pull request #2727 from akallabeth/leak_fixes_reformat
Fixed leaks, NULL dereferences and broken init.
2015-06-26 15:01:08 +02:00
Marc-André Moreau
ddf2519f1e Merge pull request #2719 from bmiklautz/pull/2481
OSS, tsmf, usb and BSD fixes and improvements
2015-06-26 08:27:22 -04:00
Hardening
b411c11f6e Merge pull request #2729 from akallabeth/win_reg_key_by_vendor_product_define
Replaced hard coded registry keys with cmake defines.
2015-06-26 11:15:09 +02:00
Bernhard Miklautz
28e63786cd Integrate pull request feedback
Use while instead of for with additional variable where appropriate.
2015-06-25 10:33:54 +02:00
Armin Novak
e8bfa29bd2 Replaced registry keys with cmake defines. 2015-06-24 14:02:48 +02:00
Bernhard Miklautz
9f6fa7ef4c Fix possible endless loops on cleanup.
Some cleanup code possibly create endless loops because an unsigned
type was used as run variable but the check was >= 0 in the for loop.
2015-06-24 12:26:13 +02:00
Armin Novak
ee221315db Fixed loop condition. 2015-06-24 10:08:04 +02:00
Armin Novak
6698e24228 Fixed leaks, NULL dereferences and broken init. 2015-06-23 21:29:21 +02:00
Bernhard Miklautz
2e87d0ee52 Fix leaks in certificate and identity handling 2015-06-23 15:40:37 +02:00
Armin Novak
24fed46cda Fixed grabage return value. 2015-06-23 12:08:47 +02:00
Armin Novak
212db120e0 Fixed NULL pointer dereference. 2015-06-23 12:07:38 +02:00
Bernhard Miklautz
ff8d172a12 core: use error instead of debug
When the function would return with an error print an error message
instead of a debug message
2015-06-23 11:15:13 +02:00
Bernhard Miklautz
09445c2b0e nla and cmdline: integrated feedback
* fix possible problems with 0 size lengths
* add return value checks
2015-06-23 10:14:11 +02:00
Bernhard Miklautz
af81a91ea7 windows: fix compilation and warnings 2015-06-22 19:31:25 +02:00
Bernhard Miklautz
06502e6a91 misc: integrate pull request feedback 2015-06-22 19:24:30 +02:00
David FORT
7c3f8f33ab Fixes for malloc / calloc + other fixes
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
2015-06-22 19:21:47 +02:00
Bernhard Miklautz
77927c213e android: fix misc compiler warnings
with gcc version arm-linux-androideabi-gcc (GCC) 4.8
2015-06-22 19:09:59 +02:00
Bernhard Miklautz
bf73f4e4f1 Fix unchecked strdups
* add missing checks
* adapt function return values where necessary
* add initial test for settings
2015-06-22 19:09:59 +02:00
Marc-André Moreau
3b3ffce042 Merge pull request #2705 from akallabeth/sspi_fix_v2
Sspi fix v2 - Fixes static build
2015-06-22 10:19:22 -04:00
Marc-André Moreau
9aabec73f5 Merge pull request #2713 from bmiklautz/divbyzero
core/metrics: prevent division by zero
2015-06-22 08:53:36 -04:00
Marc-André Moreau
1e39d7728c Merge pull request #2702 from akallabeth/nla_null_identity_support
NLA Use current users credentials if none provided.
2015-06-22 08:53:05 -04:00
Bernhard Miklautz
41ef7ca17c core/metrics: prevent division by zero 2015-06-19 17:21:16 +02:00
Norbert Federa
91a9b23b91 core: message channel pdu broken with rdp security
rdp_recv_message_channel_pdu always read the rdp security header
even if it was already previously read (which is the case if rdp
security is active)

This caused malfunctions and disconnects when heartbeat or bandwidth
autodetect packets were sent/received in rdp security mode.

Credit goes to @MartinHaimberger for identifying the broken code
part.
2015-06-19 14:49:17 +02:00
Vic Lee
2e11eac79a Merge pull request #2675 from akallabeth/path_make_path
Added PathMakePath function.
2015-06-18 02:43:47 +00:00
Armin Novak
3c329aa207 Using InitSecurityInterfaceEx(0) now. 2015-06-17 13:23:44 +02:00
Armin Novak
34253f2664 Let SSPI module choose which implementation to use. 2015-06-15 15:21:21 +02:00
Armin Novak
219ca1c02b NLA identity now a pointer, allowing NULL.
When NLA identity is NULL, the current user context
is used on windows.
2015-06-15 15:03:13 +02:00
Vic Lee
145fc10412 Merge pull request #2687 from akallabeth/known_hosts_v2
Store SSL fingerprints with host and port
2015-06-12 12:52:53 +00:00
Armin Novak
acc96388a5 Added certificate_get_fingerprint function to read out old one. 2015-06-11 09:14:15 +02:00
Vic Lee
d75ac1ec12 autodetect: use high-precision timer. 2015-06-11 15:12:27 +08:00
Armin Novak
5b7a44cd4a Removed CreateDirectoryA, handled by PathMakePath 2015-06-09 13:17:15 +02:00
Armin Novak
6b4cc2ff25 Fixed size of string buffer. 2015-06-02 12:45:35 +02:00
Armin Novak
ea1dae219d Added config compatibility for default builds. 2015-06-02 12:00:52 +02:00
Armin Novak
d3a88014da Fixed directory creation checks. 2015-06-02 10:01:10 +02:00
Armin Novak
dd1a03191d Fixed settings path creation. 2015-06-02 09:51:05 +02:00
Armin Novak
8f68b9c261 Using vendor/product scheme for settings now. 2015-06-02 09:50:53 +02:00
Hardening
29de9b6d4e Merge pull request #2658 from hardening/fix_2657
Fix for #2657
2015-05-29 17:58:30 +02:00
David FORT
84ae1d1cfb Take in account nfedera's remarks 2015-05-29 14:24:14 +02:00
David FORT
a9709a62cc Check some return values 2015-05-29 14:24:14 +02:00
David FORT
909a965fe9 Added misc checks in rdg.c 2015-05-29 14:24:14 +02:00