akallabeth
caff01877d
Fixed fallback to getlogin for android
2020-06-22 12:09:36 +02:00
akallabeth
308c2c3544
Removed duplicate semicolon
2020-06-22 11:51:39 +02:00
akallabeth
58a3122250
Fixed OOB read in ntlm_av_pair_get
...
CVE-2020-11097 thanks to @antonio-morales for finding this.
2020-06-22 11:51:39 +02:00
akallabeth
05cd9ea229
Fixed TrioParse and trio_length limts.
...
CVE-2020-4030 thanks to @antonio-morales for finding this.
2020-06-22 11:51:38 +02:00
akallabeth
a45afe9db7
Replaced gmtime with gmtime_r
2020-06-22 11:51:38 +02:00
akallabeth
36478d3d0b
Replaced getlogin with getlogin_r
2020-06-22 11:51:38 +02:00
akallabeth
240fdd07b1
Replaced localtime with localtime_r
2020-06-22 11:51:38 +02:00
akallabeth
057b6df4ae
Fixed memory leaks in ntlm
2020-06-22 11:51:38 +02:00
Armin Novak
8e45a2dd50
Respect SECBUFFER_READONLY flag in NTLM EncryptMessage
2020-06-19 11:31:13 +02:00
Bernhard Miklautz
529e30c273
Revert "winpr/library: Use RTLD_GLOBAL for dlopen"
...
Using RTLD_GLOBAL in LoadLibraryA introduces a different behavior than
expected.
This reverts commit d566e00258
.
2020-06-17 12:59:41 +02:00
Patrick Chin
8515846317
MessageQueue write time to current message not the next
2020-06-09 08:51:53 +02:00
Kobi Mizrachi
920acd4c0e
winpr: image: add API to construct bmp header
2020-06-05 09:22:26 +02:00
Ondrej Holy
d566e00258
winpr/library: Use RTLD_GLOBAL for dlopen
...
LoadLibraryA implementation uses the RTLD_LOCAL flag for dlopen currently.
This flag doesn't allow the symbols to be used by the subsequently loaded
libraries. This is a problem for the video channel when -DBUILTIN_CHANNELS=OFF
is used as it uses functions from the geometry channel. Let's use RTLD_GLOBAL
instead to prevent "undefined symbol" errors in such cases.
Fixes: https://github.com/FreeRDP/FreeRDP/issues/6236
2020-05-27 13:06:12 +02:00
akallabeth
58ef235bc5
Removed unused variable warnings
2020-05-20 15:10:07 +02:00
akallabeth
aea795eecf
Fixed invalid argument to strtok_s
2020-05-20 15:10:07 +02:00
akallabeth
45860a5561
Fixed issues with clang sanitizers and alignemt offsets.
2020-05-20 15:10:07 +02:00
akallabeth
7540384db1
utf8 behaviour fixes
2020-05-20 15:10:07 +02:00
akallabeth
401bb836fb
Fixed memory leak in NTLM test
2020-05-20 15:10:07 +02:00
akallabeth
b9149df1e6
Fixed BehaviourSanitizer warnings in streams.
2020-05-20 15:10:07 +02:00
akallabeth
1baf67d881
Fixed memory leak in ini parser and test functions.
2020-05-20 15:10:07 +02:00
akallabeth
a887c890f2
Fixed BehaviorSanitizer warnings.
2020-05-20 15:10:07 +02:00
akallabeth
0502bfcfbc
Fixed BehaviorSanitizer warnings
2020-05-20 15:10:07 +02:00
akallabeth
535ef57e2e
Fixed BehaviorSantizer warnings.
2020-05-20 15:10:07 +02:00
akallabeth
b37d8c9be1
Fixed GHSL-2020-100: oob read in ntlm_read_ChallengeMessage
...
* Added length checks for data read from stream
* Unified function resource cleanup
2020-05-20 15:10:07 +02:00
Armin Novak
24a8a56694
Fixed #6202 : Missing NULL checks
2020-05-20 15:02:24 +02:00
Armin Novak
50278f7076
Fixed #6201 : event handler count check
2020-05-20 15:02:24 +02:00
akallabeth
ddb388e152
Refactored sam functions to utilize strtok_s
2020-05-18 12:07:59 +02:00
akallabeth
7890833af8
Replaced strtok with strtok_s
2020-05-18 11:39:22 +02:00
Kobi Mizrachi
fddda159d9
change use of strtok to strtok_s
2020-05-18 11:08:20 +02:00
akallabeth
7b1d440945
Refactored StreamPool
2020-05-13 17:11:17 +02:00
akallabeth
8d70a3492b
Added warning to all collection structs
2020-05-12 14:05:28 +02:00
akallabeth
844ec8f74c
Fixed #6136 : Cleaned up Stack API
2020-05-12 14:05:28 +02:00
Kentaro Hayashi
148f3c675d
Fixed typos (Otherweise)
...
Otherweise ->
Otherw ise
^
2020-05-10 16:35:20 +09:00
akallabeth
bc0a2c277d
Silence valgrind in unicode conversion functions
...
Only check destination buffer for NULL if length argument did not
already indicate the buffer needs to be allocated.
2020-05-08 11:04:03 +02:00
akallabeth
dffd893dc5
Fixed integer overflow in winpr_image_bitmap_read_buffer
...
Thanks to hac425
2020-05-08 11:04:03 +02:00
akallabeth
8241ab42fd
Fixed oob read in ntlm_read_AuthenticateMessage
2020-05-06 13:31:57 +02:00
akallabeth
afdffac4b5
Fixed oob read in ntlm_read_ntlm_v2_response
2020-05-06 13:31:57 +02:00
akallabeth
8fa3835963
Fixed oob read in ntlm_read_NegotiateMessage
2020-05-06 13:31:57 +02:00
qarmin
ceec2cf1a0
Fixed copy paste error in MessagePipe.c
2020-05-01 19:42:46 +02:00
Zhu Qun-Ying
5553be0983
possible memory leak when various functions return failure. ( #6110 )
...
* possible memory leak when allocation failed.
* Use initialization in stead of ZeroMemory
* Format with clang-format
2020-04-25 16:07:12 +02:00
Zhu Qun-Ying
a1e421c93d
use WINPR_MD5_DIGEST_LENGTH in stead of magic number for hash array
2020-04-24 08:33:30 +02:00
Zhu Qun-Ying
8cc9b09ba1
Use NTOWFv2FromHashW() in NTOWFv2W() to avoid duplicate code
2020-04-24 08:33:30 +02:00
Alex Wilson
40f23e2728
SCardReadCache/SCardWriteCache should actually cache data
...
Currently since the hash/keyCompare/keyClone members on the
context->cache were never being set, we were using the
HashTable_Pointer* variants, meaning that lookup always
failed (since we never ask for the same *pointer* twice).
This also revealed that the logic for autoallocate on these ops
was a bit backwards, and some error codes and support for the
"freshness" counter were missing.
In Win10 (at least with some card minidrivers) the freshness
counter is load-bearing and smartcard login won't work without
implementing a very basic version of it.
2020-04-21 08:11:54 +02:00
David Fort
7733fe7a8a
Merge pull request #6060 from akallabeth/warnings
...
Fix some compiler warnings
2020-04-16 10:54:43 +02:00
Martin Fleisz
9e1b2eb42e
Merge pull request #6081 from akallabeth/disable_spincount
...
Disable spincount
2020-04-15 13:24:26 +02:00
Martin Haimberger
7b6b9a9675
removed unnecessary casts, use sizeof for debug printing
2020-04-15 13:20:03 +02:00
Martin Haimberger
85e49aa601
fix: server side ntlmv2 implementation
...
- in the case no mic was present, but the user was found,
the enterd password was ignored and the user authenticated
2020-04-15 13:20:03 +02:00
Armin Novak
a161bafa5f
Fix #6066 , #6045 : Disable spincount by default.
2020-04-13 09:56:19 +02:00
Armin Novak
ebf44f80eb
Fixed format string warnings.
2020-04-11 09:43:01 +02:00
akallabeth
08fd2876b9
Started 3.0 development cycle.
2020-04-10 15:01:15 +02:00