When used with a FreeRDP client on Linux, a file copy operation from
the clipboard detects end-of-file by a read returning 0 bytes. This is
currently marked as an error.
It is assumed that mstsc.exe detects end-of-file in another way, which
is why this has not been found before.
(cherry picked from commit 0f6e731524)
The routine clipboard_get_files() parses a potentially long string,
and copies portions of it into a temporary buffer. This buffer is then
passed to clipboard_get_file() as pointer + length;
The buffer is inadequately sized for very long filenames which may
approach XFS_MAXFILENAMELEN in length. This can cause chansrv to fail
when the user copies such filenames.
It turns out the buffer is unnecessary, as the filenames can be
passed directly into clipboard_get_file() from the source string,
using pointer + length. This avoids the length limitation entirely.
(cherry picked from commit 34b5582460)
The limit of 256 characters for clipboard files is limiting for
many Asian locales, particularly as '%xx' notation is used to
communicate bytes with bit 7 set.
(cherry picked from commit a90228241d)
Replace the 256 byte buffer used for names in the XFS filesystem with a
dynamically allocated buffer.
The define XFS_MAXFILENAMELEN which used to be 255 has been retained,
but bumped to 1023. This value is no longer used for long-lived
allocations, but is used in chansrv_fuse.c for maintaining state
information for in-fligh I/O requests.
(cherry picked from commit d8b5435710)
These config files are intended to be substituted during the build
process. The substituted .ini files should not be included in release
tarballs.
Fixes: #3187
The state buffers used by the following structs in chansrv_fuse.c
are one byte too small for filenames of length XFS_MAXFILENAMELEN:-
- struct state_lookup
- struct state_create
- struct state_rename
In practice, there is no runtime danger, as XFS_MAXFILENAMELEN is 255,
and these buffers will be followed by non-byte aligned data. Nevertheless
this should be fixed to prevent problems if the value is changed.
(cherry picked from commit c9e84dc16c)
struct pre_session_item has an entry for the start_ip_addr which is not
being filled in. This is not normally needed, as the IP address of the
session is passed into the session another way, but it is needed if the
session selection Policy contains the 'I' selector.
(cherry picked from commit a4f57572e6)
The get_sorted_session_displays() is broken in that it
doesn't produce a sorted list of displays.
The problem is the qsort comparison function which has 2 errors in 4 lines:-
1) The test is the wrong way round (i.e. arg1 < arg2 produces a +ve
result instead of -ve)
2) Subtracting two unsigned ints in C will never return < 0
The broken function has been masked by other display checks which mean
that it is only visible in a few situations:-
1) Starting two sessions very closely to each other may allocate the
same display to both sessions.
2) If /tmp is namespaced, the other display checks do not work, and
more than two sessions cannot be started.
(cherry picked from commit 70f1b685ba)
1) [Regression] If the specified mountpoint is not immediately below an
existing directory, the directory is not created.
2) The message to ask the user to unmount an existing mounted directory
has been moved to the right place.
(cherry picked from commit e0a1339b34)
The user socket directory needs to be SGID so that they inherit
the group ownnership. Then xrdp can write to them.
(cherry picked from commit 200e4d84f4)
- Use clearenv() if it exists
- Don't rely on <limits.h> being pulled in by <sys/param.h>
- Rename the DEFAULT_TYPE macro in sesrun.c. This name appears to be
used on Solaris. It's not a good choice.
Now we've made the XRDP_SOCKET_PATH only writeable by root, it's
safe to move the sesman socket back into this directory. We no longer
need a separate sesmanruntimedir
The top level socket directory is now called XRDP_SOCKET_ROOT_PATH.
Below that are user-specific directories referred to with the
XRDP_SOCKET_PATH macro - this name is hard-coded into xorgxrdp and
the audio modules as an environment variable.
XRDP_SOCKET_PATH now looks like $XRDP_SOCKET_ROOT_PATH/<uid>
XRDP_SOCKET_PATH is only writeable by the user, and readable by the user
and the xrdp process.
The sockdir is only used when sesman is active. The
call g_mk_socket_path() is removed from os_calls and moved to
sesman.
We also change the permissions on this directory to
0755 rather than 01777 (01000 is the 'sticky bit', S_ISVTX).
The behaviour of g_create_dir() has been modified to not
set S_ISVTX on Linux directories. This is implementation-defined
behaviour according to 1003.1, and is no longer required for the
sockdir.
- added (temporary) suppression of Cppcheck `shiftTooManyBits` false positives in `libxrdp/xrdp_mppc_enc.c`
- added (temporary) suppression of Cppcheck `uninitMemberVar` true positives in `ulalaca/ulalaca.cpp` until fixes land downstream
- fix Cppcheck `nullPointerRedundantCheck` in `sesman/chansrv/clipboard.c`
- fix Cppcheck `syntaxError` in `fontutils/mkfv1.c` because it doesn't see the `freetype/fterrors.h` header / removed astyle workaround
Improve the built-in access checks for sesman/sesexec:-
- Group existence is checked for at login-time rather than program
start time
- The name of the group is now included in the message
Also, check for UID == 0 when checking for root, rather than just
checking the name (which might be an alias)
When significant amounts of data is coming from the client in a
fragmented CLIPRDR_DATA_RESPONSE PDU, this code provides a way to
start copying it to a requesting client before it is all read.
The only advantage of this code is to provide a slight speedup
before a paste is visible on the server.
There are significant problems with this code. Notably, it is
very difficult to parse Unicode text coming through this route. Each
UTF-16 character can occupy up to 4 bytes, and a fragmentation
boundary could occur at any point within a UTF-16 character.
Most of the Microsoft RDP documentation describes PDUs on-the-wire.
However, [MS-RDPESC] doesn't do this. It uses DCE IDL to describe the
contents of the PDUs sent over the File System Virtual Channel.
Ideally we'd use an IDL compiler to generate the interfaces in
[MS-RDPESC]. We don't have one though, so all PDUs are read and written
with the low-level streaming routines. It's not clear in the existing
code how IDL is mapped down to this level.
This commit updates the smartcard code with comments which will enable
maintainers to better understand the IDL-to-streaming mappings.
Use the official Windows clipboard format names where appropriate
Replace g_file_format_id with g_file_group_descriptor_format_id
as the latter name is more descriptive of what is described in
[MS-ECLIP]
This fixes the following errors:-
sesman/tools/authtest.c:64:14: error: syntax error [syntaxError]
g_printf("xrdp auth module tester v" PACKAGE_VERSION "\n");
^
sesman/tools/sesrun.c:165:14: error: syntax error [syntaxError]
g_printf("xrdp session starter v" PACKAGE_VERSION "\n");
^
vrplayer/decoder.h:35:12: error: There is an unknown macro here somewhere. Configuration is required. If slots is a macro then please configure it. [unknownMacro]
public slots:
^
vrplayer/playaudio.h:45:12: error: There is an unknown macro here somewhere. Configuration is required. If slots is a macro then please configure it. [unknownMacro]
public slots:
^
vrplayer/dlgabout.h:22:13: error: There is an unknown macro here somewhere. Configuration is required. If slots is a macro then please configure it. [unknownMacro]
private slots:
^
vrplayer/playvideo.h:49:12: error: There is an unknown macro here somewhere. Configuration is required. If slots is a macro then please configure it. [unknownMacro]
public slots:
^
Additionally, cppcheck now makes use of all available CPUs
