mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,875 Commits 6 Branches 74 Tags 84 MiB
e69ecadba5
Commit Graph

2449 Commits

Author SHA1 Message Date
Armin Novak
a4048b7d11 Fixed problematic cast of integer mask to bool 
(cherry picked from commit 8c353e9292)
 2021-02-25 09:51:41 +01:00
Martin Fleisz
ce61bc41cb core: Remove error code from string returned by rpc_error_to_string 
This PR removes the error code from the error string returned by
rpc_error_to_string. The error code is passed into the function so it is
not necessary to append it to the returned string as well.

The PR also fixes the screwed formatting of the error code tables.

(cherry picked from commit c78566d2a2)
 2021-02-25 09:51:41 +01:00
akallabeth
6522361760 Fixed #6656: invalid read of proxy port. 
(cherry picked from commit 3c237fd687)
 2020-12-10 07:39:41 +01:00
Armin Novak
e4b30a5cb6 Removed obsolete connectErrorCode 
(cherry picked from commit 3b63903d3f)
 2020-12-02 14:17:54 +01:00
akallabeth
67d404c783 Fixed remarks. 
(cherry picked from commit c0284239a7)
 2020-12-02 09:43:22 +01:00
Bernhard Miklautz
c94e9ea14b new [orders]: BMF_24BPP support and some comments 
* cached brush orders missed the BMF_24BPP documented case
  ([MS-RDPEGDI] 2.2.2.2.1.2.7)
* add some comments on secondary (brush) order details

(cherry picked from commit efdc99528f)
 2020-12-02 09:43:22 +01:00
akallabeth
f00d7aa644 Fix warning #6515 
(cherry picked from commit 6d8f355633)
 2020-12-02 08:57:00 +01:00
kubistika
39f56443f2 reset codecs in gdi_pipeline_init 
(cherry picked from commit 42e63cbf98)
 2020-12-01 15:10:23 +01:00
akallabeth
6c74c84f28 Refactored reading of optional order bytes 
(cherry picked from commit ef8f1fd9f0)
 2020-12-01 15:10:23 +01:00
akallabeth
ce788af28a Fixed parsing of FastGlyph order. 
(cherry picked from commit 0456fc307c)
 2020-12-01 15:10:23 +01:00
akallabeth
87f1ed1f2d Use settings string setter to overwrite computername 
(cherry picked from commit 4d7cddd7c6)
 2020-12-01 15:10:23 +01:00
Armin Novak
b0843b68b3 Refactored rdg_read_http_unicode_string warning fixes 
(cherry picked from commit bfa07e701d)
 2020-12-01 15:10:23 +01:00
Armin Novak
507fecf50e Fixed warnings. 
(cherry picked from commit e50a8e09ee)
 2020-12-01 15:10:23 +01:00
Armin Novak
e805752c4e Fixed compilation warnings. 
(cherry picked from commit 57b405ca26)
 2020-12-01 15:10:23 +01:00
Armin Novak
ab1f6d8792 Fixed #6418: Warning due to invalid const qualifier 
(cherry picked from commit 226b072af8)
 2020-12-01 15:10:23 +01:00
Armin Novak
d27d31e496 Improve NLA auth token debugging 
(cherry picked from commit 10ed4ec422)
 2020-12-01 15:10:23 +01:00
Armin Novak
81180aff65 Improve NLA error code logging. 
(cherry picked from commit 32c9a519df)
 2020-12-01 15:10:23 +01:00
akallabeth
92488d5a3c Use freerdp_settings_[s|g]et* api to access proxy vaiables. 
Fixes #6414

(cherry picked from commit 44ea09e7ad)
 2020-08-05 11:48:39 +02:00
Martin Fleisz
3522179074 Add GatewayMessageType to public API 
(cherry picked from commit 174f3257c9)
 2020-08-05 10:59:50 +02:00
Martin Fleisz
18c05a1d5f gateway: Add processing of consent and service messages with HTTP gateway 
(cherry picked from commit 130494e34a)
 2020-08-05 10:59:50 +02:00
akallabeth
5f3ba52de6 Fix #6399: Call ConvertFromUnicode with length -1. 
The input string has ensured NULL termination, so let the function
determine the correct length.

(cherry picked from commit 36499527e7)
 2020-07-31 11:30:43 +02:00
Norbert Federa
8526965eef core: fix invalid inttype and reference 
The error message in tpdu_read_header() printed the pointer address and
used PRIu16 for an UINT8 type

(cherry picked from commit 54fdf7947d)

Fixes #6380
 2020-07-20 14:12:34 +02:00
Giovanni Panozzo
138256fbc5 Fix seeking in Cache Brush and other Secondary Drawing Orders 
(cherry picked from commit 9f7e475c16)

Fixes #6374
 2020-07-15 16:45:14 +02:00
Kobi Mizrachi
db2d8b11e9 libfreerdp: core: add ServerHeartbeat callback 
(cherry picked from commit 2096ede5cc)
 2020-07-07 09:59:41 +02:00
akallabeth
0c58e0b6dc Added hint for errors due to missing offscreen-cache 
(cherry picked from commit 57e7a99393)
 2020-07-06 11:14:05 +02:00
Armin Novak
62530e2d9d Fixed #6298: Mask CACHED_BRUSH when checking brush style 
(cherry picked from commit ce1a9d8d19)
 2020-06-26 11:01:45 +02:00
akallabeth
12800786a8 Fixed OOB read in update_recv_secondary_order 
CVE-2020-4032 thanks to @antonio-morales for finding this.

(cherry picked from commit e7bffa64ef)
 2020-06-22 12:13:05 +02:00
akallabeth
746d10179c Fixed OOB read in update_read_cache_bitmap_v3_order 
CVE-2020-11096 thanks @antonio-morales for finding this.

(cherry picked from commit b8beb55913)
 2020-06-22 12:12:50 +02:00
akallabeth
c687b8c267 Fixed invalid access in update_recv_primary_order 
CVE-2020-11095 thanks @antonio-morales for finding this.

(cherry picked from commit 733ee32083)
 2020-06-22 12:12:41 +02:00
akallabeth
d5609e5467 Fixed OOB Read in license_read_new_or_upgrade_license_packet 
CVE-2020-11099 thanks to @antonio-morales for finding this.

(cherry picked from commit 6ade7b4cbf)
 2020-06-22 12:11:35 +02:00
Armin Novak
da15d1a3a1 Added missing SECBUFFER_READONLY flag in rpc_client_write_call 
(cherry picked from commit 0d80353bf3)
 2020-06-22 09:31:02 +02:00
Armin Novak
2d166aea89 TSG improvements 
* Respect connection timeout during connect
* Better debug output
* Cleaned up data types,

(cherry picked from commit ff79636d33)
 2020-06-22 09:30:57 +02:00
Martin Fleisz
cb07d5a4f6 Fix usage of DsMakeSpn with IP address hostnames 
(cherry picked from commit 4e7b60b002)
 2020-06-16 09:09:33 +02:00
akallabeth
d2c653baf3 Lock remaining occurances of security_encrypt/security_decrypt variables 
(cherry picked from commit f01ae7d257)
 2020-06-16 09:07:04 +02:00
akallabeth
4f80017786 Lock security_decrypt to avoid simultaneous counter manipulation 
(cherry picked from commit 164c00f68b)
 2020-06-16 09:06:56 +02:00
akallabeth
ece877b515 Fixed some more resource cleanup leaks in nla 
(cherry picked from commit 354bb7d6ae)
 2020-05-20 15:41:24 +02:00
akallabeth
df63cfb55f Reformatted to satisfy clang-format 
(cherry picked from commit a4e95f8e65)
 2020-05-20 15:41:24 +02:00
Armin Novak
c6bcfb0736 Fixed #6200: Arraysize check 
(cherry picked from commit 06c48df0df)
 2020-05-20 15:41:24 +02:00
Armin Novak
87bca1088a Fixed #6199: Reading version information in tsg 
(cherry picked from commit e501c56e5c)
 2020-05-20 15:41:24 +02:00
akallabeth
442ac71ec7 Renamed variable to avoid MSVC define collission 
(cherry picked from commit f9e1f21b0ce47d8eeea40314ce6b8b666964dc7d)
 2020-05-20 15:41:24 +02:00
akallabeth
fba85da673 Ensure buffers are NULL before reuse in NLA 
(cherry picked from commit 5f53b2b7c7109016b7127d595e13bd333ac77613)
 2020-05-20 15:41:24 +02:00
akallabeth
9d5bb41445 Removed unused variable warnings 
(cherry picked from commit 8052708f3354a686de98b62d641e9d0eb61a74db)
 2020-05-20 15:41:24 +02:00
akallabeth
d6cd14059b Fixed GHSL-2020-101 missing NULL check 
(cherry picked from commit b207dbba35c505bbc3ad5aadc10b34980c6b7e8e)
 2020-05-20 15:41:24 +02:00
akallabeth
a58129346d Fixed extended info packet alignment. 
(cherry picked from commit 03ebaf2dc1547c75f8693dd5087ce2e8dc17765a)
 2020-05-18 17:10:01 +02:00
akallabeth
4e24cca056 Fixed rdp_read_info_packet unaligned access and size checks 
(cherry picked from commit c75d08d70e878d35cd12ffac2aefcda405576092)
 2020-05-18 17:10:01 +02:00
akallabeth
f2d836cd94 Fixed memory leak in test 
(cherry picked from commit 2d630cccf7b1e566f99b74a224805fc25f85d6c1)
 2020-05-18 17:10:01 +02:00
akallabeth
1a11f129ab Fixed unaligned access 
(cherry picked from commit cb2ed7f09ad68242bfdfad8967024b063f785d97)
 2020-05-18 17:10:01 +02:00
akallabeth
47c456c39f Rewritten rdp_recv_logon_info_v2 to remove unaligned access 
(cherry picked from commit 66d182a84bed7bf19b6a99d71a4e4c7c6856f583)
 2020-05-18 17:10:01 +02:00
akallabeth
5cf27e3969 Rewritten check to satisfy BehaviouralSanitizer 
(cherry picked from commit 14829de866b43e7f2740b46f0c736b9adf5067eb)
 2020-05-18 17:10:01 +02:00
akallabeth
c060089a2b Refactored settings clone/free, extended tests 
(cherry picked from commit 773ad6e9791844ca3ccdc40d378a37fc0238ef0a)
 2020-05-18 17:10:01 +02:00
akallabeth
064a90c8b3 Fixed BehaviorSanitizer warnings 
(cherry picked from commit afdd81dab5c484ab95b977a0d71f3809c8fa89a3)
 2020-05-18 17:10:00 +02:00
Kobi Mizrachi
efecbf41a9 change use of strtok to strtok_s 
(cherry picked from commit 6013a96bff)
 2020-05-18 16:56:03 +02:00
akallabeth
2f75c4ac8d Ensure all NLA structs are freed up 
(cherry picked from commit 477ad675f3)
 2020-05-18 16:40:33 +02:00
akallabeth
5fc0ddeff5 Fixed #6156: Enforce synchronized encrypt count 
Old style RDP encryption uses a counter, synchronize this for
packets send from different threads.

(cherry picked from commit 873a9bef42)
 2020-05-18 16:38:42 +02:00
akallabeth
1178381809 Silence valgrind in rdp_read_header 
If a disconnect message is received, we returned success but did
not initialize the return arguments.

(cherry picked from commit b45336f51febb4c34b5bf33fdf8d63ce44fe9e99)
 2020-05-08 11:11:12 +02:00
Linus Heckemann
3c24e10bf3 shadow_server: allow specifying IP addresses to listen on (#6050) 
* shadow_server: allow specifying IP addresses to listen on

This allows using IPv6 as well as listening only on specific
interfaces. Additionally, it enables listening on local and TCP
sockets simultaneously.

* listener: log address with square brackets

This disambiguates IPv6 addresses.

* shadow_server: check error on each socket binding

* Refactored shadow /bind-address for 2.0 compiatibility.

* Made /ipc-socket and /bind-address incompatible arguments.

* Fixed shadow /bind-address handling and description

* Allow multiple bind addresses for shadow server.

Co-authored-by: akallabeth <akallabeth@posteo.net>
 2020-05-08 11:06:02 +02:00
akallabeth
0f266b5362 Fixed #6112: Segfault in update_decompress_brush 
The iterators need to be signed for the loop check to work.
 2020-05-05 07:46:10 +02:00
akallabeth
738d4bff00 Fixed oob read in update_recv 
properly use update_type_to_string to print update type.
Thanks to hac425 CVE-2020-11019
 2020-05-05 07:46:10 +02:00
akallabeth
f5b838de37 update_decompress_brush: explicit output length checks 
The output length was just assumed to be >= 256 bytes, with this
commit it is explicitly checked.
 2020-05-05 07:46:10 +02:00
akallabeth
09d0124418 Remove unnecessary cast. 2020-05-05 07:46:10 +02:00
akallabeth
a1a6790f99 Fixed oob read in irp_write and similar 2020-05-05 07:46:10 +02:00
Armin Novak
bc4615e5ed Added expert settings /tune and /tune-list 2020-05-05 07:46:10 +02:00
akallabeth
28e6c2e1d9 Fixed #6101: POINTER_LARGE_UPDATE serialization 
The length check and field sizes in _update_read_pointer_large
were off, corrected according to [MS-RDPBCGR] 2.2.9.1.2.1.11
Fast-Path Large Pointer Update (TS_FP_LARGEPOINTERATTRIBUTE)
 2020-04-28 14:03:19 +02:00
akallabeth
ccaad04876 Fix initialization of LargePointer flags 
Capability exchange is first reading server capabilities,
mask these with local settings and send only what both support.
 2020-04-28 14:03:19 +02:00
akallabeth
150343978d Fixed [MS-RDPBCGR] 2.2.9.1.1.4.4 Color Pointer Update 
The pointer size is limited to 32 pixel in width and height
unless LARGE_POINTER_FLAG_96x96 is set which increases the size
to 96 pixel.
 2020-04-28 14:03:19 +02:00
Armin Novak
4cfc5b25ef Fixed data type warnings 2020-04-28 14:03:19 +02:00
akallabeth
6c0aeb10d2 Allow icon info with empty bitmap data. 2020-04-09 18:00:51 +02:00
akallabeth
232c7f4783 Abort order read on invalid element count. 2020-04-09 18:00:51 +02:00
akallabeth
97efff4e90 Refactored order stream manipulation 
* Use stream seek instead of setting pointer directly
* Add log messages in case of inconsistencies
* Fixed missing stream advance in update_decompress_brush
 2020-04-09 18:00:51 +02:00
akallabeth
17f547ae11 Fixed CVE-2020-11521: Out of bounds write in planar codec. 
Thanks to Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
907640a924 Fixed CVE-2020-11522: Limit number of DELTA_RECT to 45. 
Thanks to Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
192856cb59 Fixed #6012: CVE-2020-11526: Out of bounds read in update_recv_orders 
Thanks to @hac425xxx and Sunglin and HuanGMz from Knownsec 404
 2020-04-09 18:00:51 +02:00
akallabeth
e6d10041c1 Fix #6033: freeaddrinfo must not be called with NULL arguments. 2020-04-09 14:26:46 +02:00
Norbert Federa
c367f65d42
Merge pull request #6019 from akallabeth/bound_access_fixes 
Fix issues with boundary access.
 2020-04-06 13:53:28 +02:00
akallabeth
6f00add067 Export remaining packet length from rdp_read_share_control_header 2020-04-06 13:18:35 +02:00
akallabeth
0ad894adbc Fixed substream read in rdp_recv_tpkt_pdu 2020-04-06 11:58:48 +02:00
akallabeth
0533c05be3 Fixed rdp_recv_tpkt_pdu parsing, use substream. 2020-04-06 11:22:18 +02:00
akallabeth
df55f40ecf Fixed incorrect parser error message. 2020-04-06 10:42:06 +02:00
akallabeth
a022958ddf Better error message for partial parsed capability 2020-04-03 15:10:49 +02:00
akallabeth
cba63b6d43 Added fallback to CMDTYPE_STREAM_SURFACE_BITS 
Since our samples were incorrect, add a fallback with a log warnings
to the old CMDTYPE_STREAM_SURFACE_BITS by default behaviour.
 2020-04-03 12:18:59 +02:00
akallabeth
88ad9ca56b Fix sending/receiving surface bits command. 
* Pass on proper command type to application
* On send let the server implementation decide to send
   2.2.9.2.1 Set Surface Bits Command (TS_SURFCMD_SET_SURF_BITS) or
   2.2.9.2.2 Stream Surface Bits Command (TS_SURFCMD_STREAM_SURF_BITS)
Thanks to @viniciusjarina for tracing the issue down.
 2020-04-03 12:00:53 +02:00
akallabeth
2a379bfe09 Fixed invalid seek size in patrial pdu parse case 2020-04-02 17:41:49 +02:00
akallabeth
21320d973c Use safe seek for capability parsing 
thanks to @hardening for pointing that one out.
 2020-04-02 17:39:51 +02:00
akallabeth
ddfd0cdccf Use substreams to parse gcc_read_server_data_blocks 2020-04-02 17:39:43 +02:00
akallabeth
6b2bc41935 Fix #6010: Check length in read_icon_info 2020-04-02 17:34:02 +02:00
akallabeth
67c2aa52b2 Fixed #6013: Check new length is > 0 2020-04-02 17:33:54 +02:00
akallabeth
3627aaf7d2 Fixed #6011: Bounds check in rdp_read_font_capability_set 2020-04-02 17:28:17 +02:00
akallabeth
f8890a645c Fixed #6005: Bounds checks in update_read_bitmap_data 2020-04-02 17:28:10 +02:00
akallabeth
ed53cd148f Fixed #6006: bounds checks in update_read_synchronize 2020-04-02 17:28:04 +02:00
akallabeth
f5e73cc7c9 Fixed #6009: Bounds checks in autodetect_recv_bandwidth_measure_results 2020-04-02 17:27:59 +02:00
akallabeth
9301bfe730 Fixed #6007: Boundary checks in rdp_read_flow_control_pdu 2020-04-02 17:27:53 +02:00
akallabeth
bc33a50c5a Treat NULL and empty string as the same for credentials. 2020-03-24 12:34:35 +01:00
akallabeth
cf2f674283 Initialize KeyboardHook with define instead of magic number 2020-03-18 17:22:08 +01:00
Armin Novak
4216646746 Fixed length checks for compressed rdp data. 2020-03-10 14:05:10 +01:00
Armin Novak
297ad536a2 Cleaned up bulk_compress/decompress, prettified log. 2020-03-10 14:05:10 +01:00
Armin Novak
49b17e4e03 Refactored bulk compression 
* Arguments now opaque
* Removed internal functions from external interface
 2020-03-10 14:05:10 +01:00
Armin Novak
3ba66db99d Unify pReceiveChannelData and psPeerReceiveChannelData 
Fix definitions of the two function pointers.
Use and definition did not match, fix that.
Will create warnings in external projects
 2020-03-10 12:21:14 +01:00
Armin Novak
d5b5088eac Fixed misinterpretation of SendChannelData 
SendChannelData was defined with a return value of type int, but
used as BOOL everywhere. Fix the definition to match use.
 2020-03-10 12:21:14 +01:00
Armin Novak
c7187928e9 Fix tpkt header length checks for encrypted packets 
If securityFlag SEC_ENCRYPT is set, remove the encryption headers from
the TPKT header length on comparison.
 2020-03-10 12:20:50 +01:00
Armin Novak
cc49a212bd Default to positive return for missing callbacks 
When using +async-update, default to positive return if some
client callback is not implemented.
 2020-03-10 08:59:52 +01:00