akallabeth
c81feb36b0
Refactored freerdp_image_copy_from_pointer_data
...
Split monochrome and color pointer handling to separate functions.
2020-04-22 14:21:47 +02:00
akallabeth
0a86090ff1
Fix initialization of LargePointer flags
...
Capability exchange is first reading server capabilities,
mask these with local settings and send only what both support.
2020-04-22 11:10:56 +02:00
akallabeth
a75280300a
Fixed [MS-RDPBCGR] 2.2.9.1.1.4.4 Color Pointer Update
...
The pointer size is limited to 32 pixel in width and height
unless LARGE_POINTER_FLAG_96x96 is set which increases the size
to 96 pixel.
2020-04-22 11:10:56 +02:00
David Fort
7733fe7a8a
Merge pull request #6060 from akallabeth/warnings
...
Fix some compiler warnings
2020-04-16 10:54:43 +02:00
Raul Fernandes
971be4fe9b
Cache the calculated color
...
In desktop area, the next color has high odds to be the same of previous color.
If we cache the value, it can be reused by the next pixel avoiding recalculation.
This optimization can halve the function's processing.
2020-04-15 13:25:52 +02:00
Martin Fleisz
9e1b2eb42e
Merge pull request #6081 from akallabeth/disable_spincount
...
Disable spincount
2020-04-15 13:24:26 +02:00
akallabeth
1a4f0badf7
Moved PROGRESSIVE_BLOCK_REGION to heap.
2020-04-14 18:27:05 +02:00
Armin Novak
9445552ecc
Fixed #6067 : Better CMake warning for deactivated image scaling
2020-04-13 09:56:19 +02:00
Armin Novak
24bd601f8d
Fixed data type warnings
2020-04-11 09:43:14 +02:00
Armin Novak
ebf44f80eb
Fixed format string warnings.
2020-04-11 09:43:01 +02:00
Linus Heckemann
89e4e24c31
tls: support non-RSA keys
2020-04-10 17:57:34 +02:00
akallabeth
a9daba0190
Check for int overflow in gdi_InvalidateRegion
2020-04-09 18:00:51 +02:00
akallabeth
6c0aeb10d2
Allow icon info with empty bitmap data.
2020-04-09 18:00:51 +02:00
akallabeth
232c7f4783
Abort order read on invalid element count.
2020-04-09 18:00:51 +02:00
akallabeth
acc6023643
Fixed possible NULL access.
2020-04-09 18:00:51 +02:00
akallabeth
a3996af062
Refactored gdi region
...
* Added a unit test
* Fixed const correctness of function arguments
* Added return values for all functions
2020-04-09 18:00:51 +02:00
akallabeth
b677b5db25
Proper error return from gdi_rect_str and gdi_regn_str
2020-04-09 18:00:51 +02:00
akallabeth
97efff4e90
Refactored order stream manipulation
...
* Use stream seek instead of setting pointer directly
* Add log messages in case of inconsistencies
* Fixed missing stream advance in update_decompress_brush
2020-04-09 18:00:51 +02:00
akallabeth
17f547ae11
Fixed CVE-2020-11521: Out of bounds write in planar codec.
...
Thanks to Sunglin and HuanGMz from Knownsec 404
2020-04-09 18:00:51 +02:00
akallabeth
907640a924
Fixed CVE-2020-11522: Limit number of DELTA_RECT to 45.
...
Thanks to Sunglin and HuanGMz from Knownsec 404
2020-04-09 18:00:51 +02:00
akallabeth
7b1d4b4939
Fix CVE-2020-11524: out of bounds access in interleaved
...
Thanks to Sunglin and HuanGMz from Knownsec 404
2020-04-09 18:00:51 +02:00
akallabeth
e075f348d2
Added debug logging and claping to all region functions
2020-04-09 18:00:51 +02:00
akallabeth
ce21b9d7ec
Fix CVE-2020-11523: clamp invalid rectangles to size 0
...
Thanks to Sunglin and HuanGMz from Knownsec 404
2020-04-09 18:00:51 +02:00
akallabeth
192856cb59
Fixed #6012 : CVE-2020-11526: Out of bounds read in update_recv_orders
...
Thanks to @hac425xxx and Sunglin and HuanGMz from Knownsec 404
2020-04-09 18:00:51 +02:00
akallabeth
0b6b92a25a
Fixed CVE-2020-11525: Out of bounds read in bitmap_cache_new
...
Thanks to Sunglin and HuanGMz from Knownsec 404
2020-04-09 18:00:51 +02:00
akallabeth
e6d10041c1
Fix #6033 : freeaddrinfo must not be called with NULL arguments.
2020-04-09 14:26:46 +02:00
Norbert Federa
c367f65d42
Merge pull request #6019 from akallabeth/bound_access_fixes
...
Fix issues with boundary access.
2020-04-06 13:53:28 +02:00
akallabeth
6f00add067
Export remaining packet length from rdp_read_share_control_header
2020-04-06 13:18:35 +02:00
akallabeth
0ad894adbc
Fixed substream read in rdp_recv_tpkt_pdu
2020-04-06 11:58:48 +02:00
akallabeth
0533c05be3
Fixed rdp_recv_tpkt_pdu parsing, use substream.
2020-04-06 11:22:18 +02:00
akallabeth
df55f40ecf
Fixed incorrect parser error message.
2020-04-06 10:42:06 +02:00
akallabeth
a022958ddf
Better error message for partial parsed capability
2020-04-03 15:10:49 +02:00
akallabeth
cba63b6d43
Added fallback to CMDTYPE_STREAM_SURFACE_BITS
...
Since our samples were incorrect, add a fallback with a log warnings
to the old CMDTYPE_STREAM_SURFACE_BITS by default behaviour.
2020-04-03 12:18:59 +02:00
akallabeth
88ad9ca56b
Fix sending/receiving surface bits command.
...
* Pass on proper command type to application
* On send let the server implementation decide to send
2.2.9.2.1 Set Surface Bits Command (TS_SURFCMD_SET_SURF_BITS) or
2.2.9.2.2 Stream Surface Bits Command (TS_SURFCMD_STREAM_SURF_BITS)
Thanks to @viniciusjarina for tracing the issue down.
2020-04-03 12:00:53 +02:00
akallabeth
2a379bfe09
Fixed invalid seek size in patrial pdu parse case
2020-04-02 17:41:49 +02:00
akallabeth
21320d973c
Use safe seek for capability parsing
...
thanks to @hardening for pointing that one out.
2020-04-02 17:39:51 +02:00
akallabeth
ddfd0cdccf
Use substreams to parse gcc_read_server_data_blocks
2020-04-02 17:39:43 +02:00
akallabeth
6b2bc41935
Fix #6010 : Check length in read_icon_info
2020-04-02 17:34:02 +02:00
akallabeth
67c2aa52b2
Fixed #6013 : Check new length is > 0
2020-04-02 17:33:54 +02:00
akallabeth
3627aaf7d2
Fixed #6011 : Bounds check in rdp_read_font_capability_set
2020-04-02 17:28:17 +02:00
akallabeth
f8890a645c
Fixed #6005 : Bounds checks in update_read_bitmap_data
2020-04-02 17:28:10 +02:00
akallabeth
ed53cd148f
Fixed #6006 : bounds checks in update_read_synchronize
2020-04-02 17:28:04 +02:00
akallabeth
f5e73cc7c9
Fixed #6009 : Bounds checks in autodetect_recv_bandwidth_measure_results
2020-04-02 17:27:59 +02:00
akallabeth
9301bfe730
Fixed #6007 : Boundary checks in rdp_read_flow_control_pdu
2020-04-02 17:27:53 +02:00
akallabeth
58dc36b3c8
Fixed possible NULL dereference
2020-04-02 17:27:10 +02:00
akallabeth
bc33a50c5a
Treat NULL and empty string as the same for credentials.
2020-03-24 12:34:35 +01:00
akallabeth
cf2f674283
Initialize KeyboardHook with define instead of magic number
2020-03-18 17:22:08 +01:00
Armin Novak
4216646746
Fixed length checks for compressed rdp data.
2020-03-10 14:05:10 +01:00
Armin Novak
297ad536a2
Cleaned up bulk_compress/decompress, prettified log.
2020-03-10 14:05:10 +01:00
Armin Novak
49b17e4e03
Refactored bulk compression
...
* Arguments now opaque
* Removed internal functions from external interface
2020-03-10 14:05:10 +01:00