transport_write did not check if transport or bio are
set. The transport read checks it. In using fastpath
and for example a mouse input is sent, the transport
is never checked and can cause a segfault.
1. Fix stream leak in rdpgfx
2. Make src data const in zgfx. Harden zgfx to be independent to byte order
3. Fix written bytes return value in channel write
4. Add check for return value in shadow_client.c
5. Add gfx callback to send surface command with frame marker pdu.
6. Check remain length for recv subroutine
7. Fix compile errors
According to [MS-RDPBCGR 2.2.1.3.4.1 Channel Definition Structure]
the channel name must be an 8-byte array containing a null-terminated
collection of seven ANSI characters that uniquely identify the channel.
We did not check if the transmitted name was null-terminated which
could have the usual severe effects on stabiliy and security since
the channel name is used in several functions expecting a null-
terminated string (strlen, printf, etc.)
Compression doesn't work on big endian machines currently. The recieved
data are stored as little endian. Use conversion macros from endian.h to
load and store the data properly.
The patch fixes following error (so -compression option is no more needed
on big endian machines):
[06:42:14:782] [13772:13773] [ERROR][com.freerdp.core] - Decompression failure!
[06:42:14:782] [13772:13773] [ERROR][com.freerdp.core.fastpath] - bulk_decompress() failed
[06:42:14:782] [13772:13773] [ERROR][com.freerdp.core.fastpath] - fastpath_recv_update_data() fail
[06:42:14:782] [13772:13773] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1
https://github.com/FreeRDP/FreeRDP/issues/2520
win32/msvc cc does not recognize the %z format specifier which caused
invalid references and segfaults on win32.
Until FreeRDP gets format specifier macros we'll cast size_t to
unsigned long and use the %lu specifier.
Also simplified winpr_backtrace_symbols() a little bit and fixed it
to allocate the correct amount of bytes for the return buffer.
Details: cbSecurityTrailer was assumed to be a fixed length for all signatures, however for Kerberos authentication the signature may generate smaller than this value
If support for multi layout PDUs is advertised there are known issues
with Windows 7 and Windows 2008R2. Until those are resolved generally
disable multi layout PDUs.
See #3114 for details.
According to [MS-RDPBCGR 2.2.1.11.1.1.1] the TS_EXTENDED_INFO_PACKET
structure's cbClientAddress field must include the _mandatory_ NULL
terminator of the clientAddress field in its byte count.
However, connections proxied via Microsoft's TS Gateway set the
cbClientDir value to 0.
According to [MS-RDPBCGR 2.2.1.11.1.1.1] the TS_EXTENDED_INFO_PACKET
structure's cbClientDir field must include the _mandatory_ NULL
terminator of the ClientDir field.
However, since version 8.1.31.44, the Microsoft Remote Desktop Client
for Android sets cbClientDir to 0.
If a target is linked against libraries with cmake
(target_link_libraries) and the libraries are not marked as PRIVATE
they are "exported" and in case a other target is linked against this
target it is also linked against *all* (not private) libraries.
Without declaring private libraries PRIVATE a lot of over linking
(linking against unneeded libraries) was done.
since there have been reports that certain windows versions send
zero values in the cbDomain field of the Logon Info Version 2
(TS_LOGON_INFO_VERSION_2) struct we allow zero values for cbUserName
and cbDomain in rdp_recv_logon_info_v1 and rdp_recv_logon_info_v2.
- Added missing ConvertFromUnicode checks
- If ConvertToUnicode allocates memory, guarantee the null termination
similar to ConvertFromUnicode's implementation
- Fixed some TestUnicodeConversion.c CTest return values
- Added some CTests for ConvertFromUnicode and ConvertToUnicode
- Misc code and protocol hardening fixes in the surrounding code regions
that have been touched
When nothing is declared, only export symbols defined
with WINPR_API or FREERDP_API defined.
Override this setting if BUILD_TESTING to allow tests
access to internal functions usually not exposed.
