If VerifyX509Certificate is set use it also when doing internal
certificate management. Added flags to ensure it is possible to
find out which type of connection is being made.
[libfreerdp/crypto/certificate.c:315] -> [libfreerdp/crypto/certificate.c:316]: (warning) Either the condition 'if(fingerprint&&fprint)' is redundant or there is possible null pointer dereference: fingerprint.
- fixed invalid, missing or additional arguments
- removed all type casts from arguments
- added missing (void*) typecasts for %p arguments
- use inttypes defines where appropriate
This patch contains:
* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
If no entry for the <host> <port> combination
was found in the v2 file and there is a legacy file
check if a matching <host> entry can be found.
In case there is a matching entry and the <fingerprint>
also matches, create a new entry in the v2 file using the
current port.
Malloc can fail so it will, this patch adds some check in some places
where malloc/strdup results were not checked.
This patch also contains a server side fix for RDP security (credit to nfedera).
The signature len was badly set in the GCC packet. And some other RDP security
oriented fixes are also there.
