FreeRDP/libfreerdp/cache/pointer.c
David FORT 7c3f8f33ab Fixes for malloc / calloc + other fixes
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
2015-06-22 19:21:47 +02:00

254 lines
6.3 KiB
C

/**
* FreeRDP: A Remote Desktop Protocol Implementation
* Glyph Cache
*
* Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <stdio.h>
#include <winpr/crt.h>
#include <winpr/stream.h>
#include <freerdp/log.h>
#include <freerdp/cache/pointer.h>
#define TAG FREERDP_TAG("cache.pointer")
BOOL update_pointer_position(rdpContext* context, POINTER_POSITION_UPDATE* pointer_position)
{
return Pointer_SetPosition(context, pointer_position->xPos, pointer_position->yPos);
}
BOOL update_pointer_system(rdpContext* context, POINTER_SYSTEM_UPDATE* pointer_system)
{
switch (pointer_system->type)
{
case SYSPTR_NULL:
Pointer_SetNull(context);
break;
case SYSPTR_DEFAULT:
Pointer_SetDefault(context);
break;
default:
WLog_ERR(TAG, "Unknown system pointer type (0x%08X)", pointer_system->type);
}
return TRUE;
}
BOOL update_pointer_color(rdpContext* context, POINTER_COLOR_UPDATE* pointer_color)
{
rdpPointer* pointer;
rdpCache* cache = context->cache;
pointer = Pointer_Alloc(context);
if (pointer != NULL)
{
pointer->xorBpp = 24;
pointer->xPos = pointer_color->xPos;
pointer->yPos = pointer_color->yPos;
pointer->width = pointer_color->width;
pointer->height = pointer_color->height;
pointer->lengthAndMask = pointer_color->lengthAndMask;
pointer->lengthXorMask = pointer_color->lengthXorMask;
if (pointer->lengthAndMask && pointer_color->xorMaskData)
{
pointer->andMaskData = (BYTE*) malloc(pointer->lengthAndMask);
if (!pointer->andMaskData)
goto out_fail;
CopyMemory(pointer->andMaskData, pointer_color->andMaskData, pointer->lengthAndMask);
}
if (pointer->lengthXorMask && pointer_color->xorMaskData)
{
pointer->xorMaskData = (BYTE*) malloc(pointer->lengthXorMask);
if (!pointer->xorMaskData)
goto out_fail;
CopyMemory(pointer->xorMaskData, pointer_color->xorMaskData, pointer->lengthXorMask);
}
pointer->New(context, pointer);
pointer_cache_put(cache->pointer, pointer_color->cacheIndex, pointer);
Pointer_Set(context, pointer);
return TRUE;
}
return FALSE;
out_fail:
free(pointer->andMaskData);
free(pointer->xorMaskData);
free(pointer);
return FALSE;
}
BOOL update_pointer_new(rdpContext* context, POINTER_NEW_UPDATE* pointer_new)
{
rdpPointer* pointer;
rdpCache* cache = context->cache;
pointer = Pointer_Alloc(context);
if (!pointer)
return FALSE;
pointer->xorBpp = pointer_new->xorBpp;
pointer->xPos = pointer_new->colorPtrAttr.xPos;
pointer->yPos = pointer_new->colorPtrAttr.yPos;
pointer->width = pointer_new->colorPtrAttr.width;
pointer->height = pointer_new->colorPtrAttr.height;
pointer->lengthAndMask = pointer_new->colorPtrAttr.lengthAndMask;
pointer->lengthXorMask = pointer_new->colorPtrAttr.lengthXorMask;
if (pointer->lengthAndMask)
{
pointer->andMaskData = (BYTE*) malloc(pointer->lengthAndMask);
if (!pointer->andMaskData)
goto out_fail;
CopyMemory(pointer->andMaskData, pointer_new->colorPtrAttr.andMaskData, pointer->lengthAndMask);
}
if (pointer->lengthXorMask)
{
pointer->xorMaskData = (BYTE*) malloc(pointer->lengthXorMask);
if (!pointer->xorMaskData)
goto out_fail;
CopyMemory(pointer->xorMaskData, pointer_new->colorPtrAttr.xorMaskData, pointer->lengthXorMask);
}
if (!pointer->New(context, pointer))
goto out_fail;
pointer_cache_put(cache->pointer, pointer_new->colorPtrAttr.cacheIndex, pointer);
return Pointer_Set(context, pointer);
out_fail:
free(pointer->andMaskData);
free(pointer->xorMaskData);
free(pointer);
return FALSE;
}
BOOL update_pointer_cached(rdpContext* context, POINTER_CACHED_UPDATE* pointer_cached)
{
rdpPointer* pointer;
rdpCache* cache = context->cache;
pointer = pointer_cache_get(cache->pointer, pointer_cached->cacheIndex);
if (pointer != NULL)
{
Pointer_Set(context, pointer);
return TRUE;
}
return FALSE;
}
rdpPointer* pointer_cache_get(rdpPointerCache* pointer_cache, UINT32 index)
{
rdpPointer* pointer;
if (index >= pointer_cache->cacheSize)
{
WLog_ERR(TAG, "invalid pointer index:%d", index);
return NULL;
}
pointer = pointer_cache->entries[index];
return pointer;
}
void pointer_cache_put(rdpPointerCache* pointer_cache, UINT32 index, rdpPointer* pointer)
{
rdpPointer* prevPointer;
if (index >= pointer_cache->cacheSize)
{
WLog_ERR(TAG, "invalid pointer index:%d", index);
return;
}
prevPointer = pointer_cache->entries[index];
if (prevPointer != NULL)
Pointer_Free(pointer_cache->update->context, prevPointer);
pointer_cache->entries[index] = pointer;
}
void pointer_cache_register_callbacks(rdpUpdate* update)
{
rdpPointerUpdate* pointer = update->pointer;
pointer->PointerPosition = update_pointer_position;
pointer->PointerSystem = update_pointer_system;
pointer->PointerColor = update_pointer_color;
pointer->PointerNew = update_pointer_new;
pointer->PointerCached = update_pointer_cached;
}
rdpPointerCache* pointer_cache_new(rdpSettings* settings)
{
rdpPointerCache* pointer_cache;
pointer_cache = (rdpPointerCache*) calloc(1, sizeof(rdpPointerCache));
if (!pointer_cache)
return NULL;
pointer_cache->settings = settings;
pointer_cache->cacheSize = settings->PointerCacheSize;
pointer_cache->update = ((freerdp*) settings->instance)->update;
pointer_cache->entries = (rdpPointer**) calloc(pointer_cache->cacheSize, sizeof(rdpPointer*));
if (!pointer_cache->entries)
{
free(pointer_cache);
return NULL;
}
return pointer_cache;
}
void pointer_cache_free(rdpPointerCache* pointer_cache)
{
if (pointer_cache != NULL)
{
int i;
rdpPointer* pointer;
for (i = 0; i < (int) pointer_cache->cacheSize; i++)
{
pointer = pointer_cache->entries[i];
if (pointer != NULL)
{
Pointer_Free(pointer_cache->update->context, pointer);
pointer_cache->entries[i] = NULL;
}
}
free(pointer_cache->entries);
free(pointer_cache);
}
}