mirrors
/
FreeRDP
mirror of https://github.com/FreeRDP/FreeRDP
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,453 Commits 6 Branches 74 Tags 84 MiB
Commit Graph

2662 Commits

Author SHA1 Message Date
Armin Novak 7d6e85a886 Fixed uninitialized value 2020-07-01 16:50:20 +02:00
akallabeth b971c5c97f Use CMake to detect availability of getlogin_r 2020-07-01 16:50:20 +02:00
akallabeth caff01877d Fixed fallback to getlogin for android 2020-06-22 12:09:36 +02:00
akallabeth 308c2c3544 Removed duplicate semicolon 2020-06-22 11:51:39 +02:00
akallabeth 58a3122250 Fixed OOB read in ntlm_av_pair_get 
CVE-2020-11097 thanks to @antonio-morales for finding this.
 2020-06-22 11:51:39 +02:00
akallabeth 05cd9ea229 Fixed TrioParse and trio_length limts. 
CVE-2020-4030 thanks to @antonio-morales for finding this.
 2020-06-22 11:51:38 +02:00
akallabeth a45afe9db7 Replaced gmtime with gmtime_r 2020-06-22 11:51:38 +02:00
akallabeth 36478d3d0b Replaced getlogin with getlogin_r 2020-06-22 11:51:38 +02:00
akallabeth 240fdd07b1 Replaced localtime with localtime_r 2020-06-22 11:51:38 +02:00
akallabeth 057b6df4ae Fixed memory leaks in ntlm 2020-06-22 11:51:38 +02:00
Armin Novak 8e45a2dd50 Respect SECBUFFER_READONLY flag in NTLM EncryptMessage 2020-06-19 11:31:13 +02:00
Bernhard Miklautz 529e30c273 Revert "winpr/library: Use RTLD_GLOBAL for dlopen" 
Using RTLD_GLOBAL in LoadLibraryA introduces a different behavior than
expected.

This reverts commit d566e00258.
 2020-06-17 12:59:41 +02:00
Patrick Chin 8515846317 MessageQueue write time to current message not the next 2020-06-09 08:51:53 +02:00
Kobi Mizrachi 920acd4c0e winpr: image: add API to construct bmp header 2020-06-05 09:22:26 +02:00
Ondrej Holy d566e00258 winpr/library: Use RTLD_GLOBAL for dlopen 
LoadLibraryA implementation uses the RTLD_LOCAL flag for dlopen currently.
This flag doesn't allow the symbols to be used by the subsequently loaded
libraries. This is a problem for the video channel when -DBUILTIN_CHANNELS=OFF
is used as it uses functions from the geometry channel. Let's use RTLD_GLOBAL
instead to prevent "undefined symbol" errors in such cases.

Fixes: https://github.com/FreeRDP/FreeRDP/issues/6236
 2020-05-27 13:06:12 +02:00
akallabeth 58ef235bc5 Removed unused variable warnings 2020-05-20 15:10:07 +02:00
akallabeth aea795eecf Fixed invalid argument to strtok_s 2020-05-20 15:10:07 +02:00
akallabeth 45860a5561 Fixed issues with clang sanitizers and alignemt offsets. 2020-05-20 15:10:07 +02:00
akallabeth 7540384db1 utf8 behaviour fixes 2020-05-20 15:10:07 +02:00
akallabeth 401bb836fb Fixed memory leak in NTLM test 2020-05-20 15:10:07 +02:00
akallabeth b9149df1e6 Fixed BehaviourSanitizer warnings in streams. 2020-05-20 15:10:07 +02:00
akallabeth 1baf67d881 Fixed memory leak in ini parser and test functions. 2020-05-20 15:10:07 +02:00
akallabeth a887c890f2 Fixed BehaviorSanitizer warnings. 2020-05-20 15:10:07 +02:00
akallabeth 0502bfcfbc Fixed BehaviorSanitizer warnings 2020-05-20 15:10:07 +02:00
akallabeth 535ef57e2e Fixed BehaviorSantizer warnings. 2020-05-20 15:10:07 +02:00
akallabeth b37d8c9be1 Fixed GHSL-2020-100: oob read in ntlm_read_ChallengeMessage 
* Added length checks for data read from stream
* Unified function resource cleanup
 2020-05-20 15:10:07 +02:00
Armin Novak 24a8a56694 Fixed #6202: Missing NULL checks 2020-05-20 15:02:24 +02:00
Armin Novak 50278f7076 Fixed #6201: event handler count check 2020-05-20 15:02:24 +02:00
akallabeth ddb388e152 Refactored sam functions to utilize strtok_s 2020-05-18 12:07:59 +02:00
akallabeth 7890833af8 Replaced strtok with strtok_s 2020-05-18 11:39:22 +02:00
Kobi Mizrachi fddda159d9 change use of strtok to strtok_s 2020-05-18 11:08:20 +02:00
akallabeth 7b1d440945 Refactored StreamPool 2020-05-13 17:11:17 +02:00
akallabeth 8d70a3492b Added warning to all collection structs 2020-05-12 14:05:28 +02:00
akallabeth 844ec8f74c Fixed #6136: Cleaned up Stack API 2020-05-12 14:05:28 +02:00
Kentaro Hayashi 148f3c675d Fixed typos (Otherweise) 
Otherweise ->
Otherw ise
      ^
 2020-05-10 16:35:20 +09:00
akallabeth bc0a2c277d Silence valgrind in unicode conversion functions 
Only check destination buffer for NULL if length argument did not
already indicate the buffer needs to be allocated.
 2020-05-08 11:04:03 +02:00
akallabeth dffd893dc5 Fixed integer overflow in winpr_image_bitmap_read_buffer 
Thanks to hac425
 2020-05-08 11:04:03 +02:00
akallabeth 8241ab42fd Fixed oob read in ntlm_read_AuthenticateMessage 2020-05-06 13:31:57 +02:00
akallabeth afdffac4b5 Fixed oob read in ntlm_read_ntlm_v2_response 2020-05-06 13:31:57 +02:00
akallabeth 8fa3835963 Fixed oob read in ntlm_read_NegotiateMessage 2020-05-06 13:31:57 +02:00
qarmin ceec2cf1a0 Fixed copy paste error in MessagePipe.c 2020-05-01 19:42:46 +02:00
Zhu Qun-Ying 5553be0983
possible memory leak when various functions return failure. (#6110) 
* possible memory leak when allocation failed.

* Use initialization in stead of ZeroMemory

* Format with clang-format
 2020-04-25 16:07:12 +02:00
Zhu Qun-Ying a1e421c93d use WINPR_MD5_DIGEST_LENGTH in stead of magic number for hash array 2020-04-24 08:33:30 +02:00
Zhu Qun-Ying 8cc9b09ba1 Use NTOWFv2FromHashW() in NTOWFv2W() to avoid duplicate code 2020-04-24 08:33:30 +02:00
Alex Wilson 40f23e2728 SCardReadCache/SCardWriteCache should actually cache data 
Currently since the hash/keyCompare/keyClone members on the
context->cache were never being set, we were using the
HashTable_Pointer* variants, meaning that lookup always
failed (since we never ask for the same *pointer* twice).

This also revealed that the logic for autoallocate on these ops
was a bit backwards, and some error codes and support for the
"freshness" counter were missing.

In Win10 (at least with some card minidrivers) the freshness
counter is load-bearing and smartcard login won't work without
implementing a very basic version of it.
 2020-04-21 08:11:54 +02:00
David Fort 7733fe7a8a
Merge pull request #6060 from akallabeth/warnings 
Fix some compiler warnings
 2020-04-16 10:54:43 +02:00
Martin Fleisz 9e1b2eb42e
Merge pull request #6081 from akallabeth/disable_spincount 
Disable spincount
 2020-04-15 13:24:26 +02:00
Martin Haimberger 7b6b9a9675 removed unnecessary casts, use sizeof for debug printing 2020-04-15 13:20:03 +02:00
Martin Haimberger 85e49aa601 fix: server side ntlmv2 implementation 
- in the case no mic was present, but the user was found,
  the enterd password was ignored and the user authenticated
 2020-04-15 13:20:03 +02:00
Armin Novak a161bafa5f Fix #6066, #6045: Disable spincount by default. 2020-04-13 09:56:19 +02:00