sesman: env_set_user, fix potential bof issues

Conflicts: sesman/env.c
X11rdp: update buildx.sh to pull files from server1.xrdp.org
2016-10-04 02:12:05 -04:00 · 2014-09-04 06:32:42 -07:00 · 2013-09-12 13:47:57 -07:00 · 2013-09-12 13:47:24 -07:00 · 2013-09-12 13:43:43 -07:00 · 2013-09-12 13:41:49 -07:00
17 changed files with 329 additions and 193 deletions
--- a/common/os_calls.c
+++ b/common/os_calls.c
@ -228,14 +228,17 @@ g_sprintf(char* dest, const char* format, ...)
 }
 /*****************************************************************************/
-void DEFAULT_CC
+int DEFAULT_CC
 g_snprintf(char* dest, int len, const char* format, ...)
 {
  int err;
  va_list ap;
  va_start(ap, format);
-  vsnprintf(dest, len, format, ap);
+  err = vsnprintf(dest, len, format, ap);
  va_end(ap);
  return err;
 }
 /*****************************************************************************/
@ -2335,10 +2338,11 @@ g_sigterm(int pid)
 /*****************************************************************************/
 /* returns 0 if ok */
 /* the caller is responsible to free the buffs */
 /* does not work in win32 */
 int APP_CC
-g_getuser_info(const char* username, int* gid, int* uid, char* shell,
+g_getuser_info(const char *username, int *gid, int *uid, char **shell,
-               char* dir, char* gecos)
+               char **dir, char **gecos)
 {
 #if defined(_WIN32)
  return 1;
@ -2358,15 +2362,15 @@ g_getuser_info(const char* username, int* gid, int* uid, char* shell,
    }
    if (dir != 0)
    {
-      g_strcpy(dir, pwd_1->pw_dir);
+      *dir = g_strdup(pwd_1->pw_dir);
    }
    if (shell != 0)
    {
-      g_strcpy(shell, pwd_1->pw_shell);
+      *shell = g_strdup(pwd_1->pw_shell);
    }
    if (gecos != 0)
    {
-      g_strcpy(gecos, pwd_1->pw_gecos);
+      *gecos = g_strdup(pwd_1->pw_gecos);
    }
    return 0;
  }
--- a/common/os_calls.h
+++ b/common/os_calls.h
@ -47,7 +47,7 @@ void DEFAULT_CC
 g_printf(const char *format, ...);
 void DEFAULT_CC
 g_sprintf(char* dest, const char* format, ...);
-void DEFAULT_CC
+int DEFAULT_CC
 g_snprintf(char* dest, int len, const char* format, ...);
 void DEFAULT_CC
 g_writeln(const char* format, ...);
@ -259,8 +259,8 @@ g_getpid(void);
 int APP_CC
 g_sigterm(int pid);
 int APP_CC
-g_getuser_info(const char* username, int* gid, int* uid, char* shell,
+g_getuser_info(const char* username, int* gid, int* uid, char** shell,
-               char* dir, char* gecos);
+               char** dir, char** gecos);
 int APP_CC
 g_getgroup_info(const char* groupname, int* gid);
 int APP_CC
--- a/common/parse.h
+++ b/common/parse.h
@ -59,6 +59,9 @@ struct stream
 /******************************************************************************/
 #define s_check_rem(s, n) ((s)->p + (n) <= (s)->end)
 /******************************************************************************/
 #define s_check_rem_out(s, n) ((s)->p + (n) <= (s)->data + (s)->size)
 /******************************************************************************/
 #define s_check_end(s) ((s)->p == (s)->end)
--- a/common/trans.c
+++ b/common/trans.c
@ -202,6 +202,11 @@ trans_force_read_s(struct trans* self, struct stream* in_s, int size)
  }
  while (size > 0)
  {
    /* make sure stream has room */
    if ((in_s->end + size) > (in_s->data + in_s->size))
    {
      return 1;
    }
    rcvd = g_tcp_recv(self->sck, in_s->end, size, 0);
    if (rcvd == -1)
    {
--- a/common/xrdp_constants.h
+++ b/common/xrdp_constants.h
@ -558,4 +558,7 @@
 #define CMDTYPE_FRAME_MARKER           0x0004
 #define CMDTYPE_STREAM_SURFACE_BITS    0x0006
 #define XRDP_MAX_BITMAP_CACHE_ID  3
 #define XRDP_MAX_BITMAP_CACHE_IDX 2000
 #endif
--- a/libxrdp/xrdp_iso.c
+++ b/libxrdp/xrdp_iso.c
@ -68,18 +68,34 @@ xrdp_iso_recv_msg(struct xrdp_iso* self, struct stream* s, int* code)
  }
  in_uint8s(s, 1);
  in_uint16_be(s, len);
  if (len < 4)
  {
    return 1;
  }
  if (xrdp_tcp_recv(self->tcp_layer, s, len - 4) != 0)
  {
    return 1;
  }
  if (!s_check_rem(s, 2))
  {
    return 1;
  }
  in_uint8s(s, 1);
  in_uint8(s, *code);
  if (*code == ISO_PDU_DT)
  {
    if (!s_check_rem(s, 1))
    {
      return 1;
    }
    in_uint8s(s, 1);
  }
  else
  {
    if (!s_check_rem(s, 5))
    {
      return 1;
    }
    in_uint8s(s, 5);
  }
  return 0;
--- a/libxrdp/xrdp_mcs.c
+++ b/libxrdp/xrdp_mcs.c
@ -124,6 +124,10 @@ xrdp_mcs_recv(struct xrdp_mcs* self, struct stream* s, int* chan)
      DEBUG(("  out xrdp_mcs_recv xrdp_iso_recv returned non zero"));
      return 1;
    }
    if (!s_check_rem(s, 1))
    {
      return 1;
    }
    in_uint8(s, opcode);
    appid = opcode >> 2;
    if (appid == MCS_DPUM) /* Disconnect Provider Ultimatum */
@ -136,6 +140,10 @@ xrdp_mcs_recv(struct xrdp_mcs* self, struct stream* s, int* chan)
    if (appid == MCS_CJRQ)
    {
      g_writeln("channel join request received");
      if (!s_check_rem(s, 4))
      {
        return 1;
      }
      in_uint16_be(s, userid);
      in_uint16_be(s, chanid);
      DEBUG(("xrdp_mcs_recv  adding channel %4.4x", chanid));
@ -160,12 +168,20 @@ xrdp_mcs_recv(struct xrdp_mcs* self, struct stream* s, int* chan)
    DEBUG(("  out xrdp_mcs_recv err got 0x%x need MCS_SDRQ", appid));
    return 1;
  }
  if (!s_check_rem(s, 6))
  {
    return 1;
  }
  in_uint8s(s, 2);
  in_uint16_be(s, *chan);
  in_uint8s(s, 1);
  in_uint8(s, len);
  if (len & 0x80)
  {
    if (!s_check_rem(s, 1))
    {
      return 1;
    }
    in_uint8s(s, 1);
  }
  DEBUG(("  out xrdp_mcs_recv"));
@ -184,16 +200,28 @@ xrdp_mcs_ber_parse_header(struct xrdp_mcs* self, struct stream* s,
  if (tag_val > 0xff)
  {
    if (!s_check_rem(s, 2))
    {
      return 1;
    }
    in_uint16_be(s, tag);
  }
  else
  {
    if (!s_check_rem(s, 1))
    {
      return 1;
    }
    in_uint8(s, tag);
  }
  if (tag != tag_val)
  {
    return 1;
  }
  if (!s_check_rem(s, 1))
  {
    return 1;
  }
  in_uint8(s, l);
  if (l & 0x80)
  {
@ -201,6 +229,10 @@ xrdp_mcs_ber_parse_header(struct xrdp_mcs* self, struct stream* s,
    *len = 0;
    while (l > 0)
    {
      if (!s_check_rem(s, 1))
      {
        return 1;
      }
      in_uint8(s, i);
      *len = (*len << 8) | i;
      l--;
@ -231,6 +263,10 @@ xrdp_mcs_parse_domain_params(struct xrdp_mcs* self, struct stream* s)
  {
    return 1;
  }
  if (!s_check_rem(s, len))
  {
    return 1;
  }
  in_uint8s(s, len);
  if (s_check(s))
  {
@ -251,7 +287,7 @@ xrdp_mcs_recv_connect_initial(struct xrdp_mcs* self)
  struct stream* s;
  make_stream(s);
-  init_stream(s, 8192);
+  init_stream(s, 16 * 1024);
  if (xrdp_iso_recv(self->iso_layer, s) != 0)
  {
    free_stream(s);
@ -300,6 +336,16 @@ xrdp_mcs_recv_connect_initial(struct xrdp_mcs* self)
    free_stream(s);
    return 1;
  }
  if ((len <= 0) || (len > 16 * 1024))
  {
    free_stream(s);
    return 1;
  }
  if (!s_check_rem(s, len))
  {
    free_stream(s);
    return 1;
  }
  /* make a copy of client mcs data */
  init_stream(self->client_mcs_data, len);
  out_uint8a(self->client_mcs_data, s->p, len);
@ -332,16 +378,31 @@ xrdp_mcs_recv_edrq(struct xrdp_mcs* self)
    free_stream(s);
    return 1;
  }
  if (!s_check_rem(s, 1))
  {
    free_stream(s);
    return 1;
  }
  in_uint8(s, opcode);
  if ((opcode >> 2) != MCS_EDRQ)
  {
    free_stream(s);
    return 1;
  }
  if (!s_check_rem(s, 4))
  {
    free_stream(s);
    return 1;
  }
  in_uint8s(s, 2);
  in_uint8s(s, 2);
  if (opcode & 2)
  {
    if (!s_check_rem(s, 2))
    {
      free_stream(s);
      return 1;
    }
    in_uint16_be(s, self->userid);
  }
  if (!(s_check_end(s)))
@ -368,6 +429,11 @@ xrdp_mcs_recv_aurq(struct xrdp_mcs* self)
    free_stream(s);
    return 1;
  }
  if (!s_check_rem(s, 1))
  {
    free_stream(s);
    return 1;
  }
  in_uint8(s, opcode);
  if ((opcode >> 2) != MCS_AURQ)
  {
@ -376,6 +442,11 @@ xrdp_mcs_recv_aurq(struct xrdp_mcs* self)
  }
  if (opcode & 2)
  {
    if (!s_check_rem(s, 2))
    {
      free_stream(s);
      return 1;
    }
    in_uint16_be(s, self->userid);
  }
  if (!(s_check_end(s)))
@ -433,15 +504,30 @@ xrdp_mcs_recv_cjrq(struct xrdp_mcs* self)
    free_stream(s);
    return 1;
  }
  if (!s_check_rem(s, 1))
  {
    free_stream(s);
    return 1;
  }
  in_uint8(s, opcode);
  if ((opcode >> 2) != MCS_CJRQ)
  {
    free_stream(s);
    return 1;
  }
  if (!s_check_rem(s, 4))
  {
    free_stream(s);
    return 1;
  }
  in_uint8s(s, 4);
  if (opcode & 2)
  {
    if (!s_check_rem(s, 2))
    {
      free_stream(s);
      return 1;
    }
    in_uint8s(s, 2);
  }
  if (!(s_check_end(s)))
--- a/libxrdp/xrdp_rdp.c
+++ b/libxrdp/xrdp_rdp.c
@ -864,13 +864,27 @@ static int APP_CC
 xrdp_process_capset_bmpcache(struct xrdp_rdp* self, struct stream* s,
                             int len)
 {
  int i;
  self->client_info.bitmap_cache_version |= 1;
  in_uint8s(s, 24);
-  in_uint16_le(s, self->client_info.cache1_entries);
+  /* cache 1 */
  in_uint16_le(s, i);
  i = MIN(i, XRDP_MAX_BITMAP_CACHE_IDX);
  i = MAX(i, 0);
  self->client_info.cache1_entries = i;
  in_uint16_le(s, self->client_info.cache1_size);
-  in_uint16_le(s, self->client_info.cache2_entries);
+  /* cache 2 */
  in_uint16_le(s, i);
  i = MIN(i, XRDP_MAX_BITMAP_CACHE_IDX);
  i = MAX(i, 0);
  self->client_info.cache2_entries = i;
  in_uint16_le(s, self->client_info.cache2_size);
-  in_uint16_le(s, self->client_info.cache3_entries);
+  /* caceh 3 */
  in_uint16_le(s, i);
  i = MIN(i, XRDP_MAX_BITMAP_CACHE_IDX);
  i = MAX(i, 0);
  self->client_info.cache3_entries = i;
  in_uint16_le(s, self->client_info.cache3_size);
  DEBUG(("cache1 entries %d size %d", self->client_info.cache1_entries,
         self->client_info.cache1_size));
@ -896,16 +910,19 @@ xrdp_process_capset_bmpcache2(struct xrdp_rdp* self, struct stream* s,
  self->client_info.bitmap_cache_persist_enable = i;
  in_uint8s(s, 2); /* number of caches in set, 3 */
  in_uint32_le(s, i);
-  i = MIN(i, 2000);
+  i = MIN(i, XRDP_MAX_BITMAP_CACHE_IDX);
  i = MAX(i, 0);
  self->client_info.cache1_entries = i;
  self->client_info.cache1_size = 256 * Bpp;
  in_uint32_le(s, i);
-  i = MIN(i, 2000);
+  i = MIN(i, XRDP_MAX_BITMAP_CACHE_IDX);
  i = MAX(i, 0);
  self->client_info.cache2_entries = i;
  self->client_info.cache2_size = 1024 * Bpp;
  in_uint32_le(s, i);
  i = i & 0x7fffffff;
-  i = MIN(i, 2000);
+  i = MIN(i, XRDP_MAX_BITMAP_CACHE_IDX);
  i = MAX(i, 0);
  self->client_info.cache3_entries = i;
  self->client_info.cache3_size = 4096 * Bpp;
  DEBUG(("cache1 entries %d size %d", self->client_info.cache1_entries,
@ -1220,11 +1237,19 @@ xrdp_rdp_process_data_input(struct xrdp_rdp* self, struct stream* s)
  int param2;
  int time;
  if (!s_check_rem(s, 4))
  {
    return 1;
  }
  in_uint16_le(s, num_events);
  in_uint8s(s, 2); /* pad */
  DEBUG(("in xrdp_rdp_process_data_input %d events", num_events));
  for (index = 0; index < num_events; index++)
  {
    if (!s_check_rem(s, 12))
    {
      return 1;
    }
    in_uint32_le(s, time);
    in_uint16_le(s, msg_type);
    in_uint16_le(s, device_flags);
--- a/libxrdp/xrdp_sec.c
+++ b/libxrdp/xrdp_sec.c
@ -739,15 +739,27 @@ xrdp_sec_process_mcs_data_channels(struct xrdp_sec* self, struct stream* s)
    g_writeln("Processing channel data from client - The channel is off");  
    return 0;
  }
  if (!s_check_rem(s, 4))
  {
    return 1;
  }
  in_uint32_le(s, num_channels);
  if (num_channels > 31)
  {
    return 1;
  }
  for (index = 0; index < num_channels; index++)
  {
    channel_item = (struct mcs_channel_item*)
             g_malloc(sizeof(struct mcs_channel_item), 1);
    if (!s_check_rem(s, 12))
    {
      return 1;
    }
    in_uint8a(s, channel_item->name, 8);
    in_uint32_le(s, channel_item->flags);
    channel_item->chanid = MCS_GLOBAL_CHANNEL + (index + 1);
-    list_add_item(self->mcs_layer->channel_list, (long)channel_item);
+    list_add_item(self->mcs_layer->channel_list, (tintptr)channel_item);
    DEBUG(("got channel flags %8.8x name %s", channel_item->flags,
           channel_item->name));
  }
@ -765,10 +777,14 @@ xrdp_sec_process_mcs_data(struct xrdp_sec* self)
  int tag = 0;
  int size = 0;
-  s = &self->client_mcs_data;
+  s = &(self->client_mcs_data);
  /* set p to beginning */
  s->p = s->data;
  /* skip header */
  if (!s_check_rem(s, 23))
  {
    return 1;
  }
  in_uint8s(s, 23);
  while (s_check_rem(s, 4))
  {
@ -788,7 +804,10 @@ xrdp_sec_process_mcs_data(struct xrdp_sec* self)
      case SEC_TAG_CLI_CRYPT:
        break;
      case SEC_TAG_CLI_CHANNELS:
-        xrdp_sec_process_mcs_data_channels(self, s);
+        if (xrdp_sec_process_mcs_data_channels(self, s) != 0)
        {
          return 1;
        }
        break;
      case SEC_TAG_CLI_4:
        break;
@ -893,7 +912,7 @@ xrdp_sec_out_mcs_data(struct xrdp_sec* self)
 /*****************************************************************************/
 /* process the mcs client data we received from the mcs layer */
-static void APP_CC
+static int APP_CC
 xrdp_sec_in_mcs_data(struct xrdp_sec* self)
 {
  struct stream* s = (struct stream *)NULL;
@ -905,12 +924,20 @@ xrdp_sec_in_mcs_data(struct xrdp_sec* self)
  s = &(self->client_mcs_data);
  /* get hostname, its unicode */
  s->p = s->data;
  if (!s_check_rem(s, 47))
  {
    return 1;
  }
  in_uint8s(s, 47);
  g_memset(client_info->hostname, 0, 32);
  c = 1;
  index = 0;
  while (index < 16 && c != 0)
  {
    if (!s_check_rem(s, 2))
    {
      return 1;
    }
    in_uint8(s, c);
    in_uint8s(s, 1);
    client_info->hostname[index] = c;
@ -918,13 +945,22 @@ xrdp_sec_in_mcs_data(struct xrdp_sec* self)
  }
  /* get build */
  s->p = s->data;
  if (!s_check_rem(s, 43 + 4))
  {
    return 1;
  }
  in_uint8s(s, 43);
  in_uint32_le(s, client_info->build);
  /* get keylayout */
  s->p = s->data;
  if (!s_check_rem(s, 39 + 4))
  {
    return 1;
  }
  in_uint8s(s, 39);
  in_uint32_le(s, client_info->keylayout);
  s->p = s->data;
  return 0;
 }
 /*****************************************************************************/
@ -991,7 +1027,10 @@ xrdp_sec_incoming(struct xrdp_sec* self)
            (int)(self->server_mcs_data.end - self->server_mcs_data.data));
 #endif
  DEBUG((" out xrdp_sec_incoming"));
-  xrdp_sec_in_mcs_data(self);
+  if (xrdp_sec_in_mcs_data(self) != 0)
  {
    return 1;
  }
  return 0;
 }
--- a/sesman/env.c
+++ b/sesman/env.c
@ -59,19 +59,21 @@ env_check_password_file(char* filename, char* password)
 /******************************************************************************/
 int DEFAULT_CC
-env_set_user(char* username, char* passwd_file, int display)
+env_set_user(char* username, char** passwd_file, int display)
 {
  int error;
  int pw_uid;
  int pw_gid;
  int uid;
-  char pw_shell[256];
+  int len;
-  char pw_dir[256];
+  char *pw_shell;
-  char pw_gecos[256];
+  char *pw_dir;
  char text[256];
-  error = g_getuser_info(username, &pw_gid, &pw_uid, pw_shell, pw_dir,
+  pw_shell = 0;
-                         pw_gecos);
+  pw_dir = 0;
  error = g_getuser_info(username, &pw_gid, &pw_uid, &pw_shell, &pw_dir, 0);
  if (error == 0)
  {
    g_rm_temp_dir();
@ -105,16 +107,36 @@ env_set_user(char* username, char* passwd_file, int display)
          /* if no auth_file_path is set, then we go for
             $HOME/.vnc/sesman_username_passwd */
          g_mkdir(".vnc");
-          g_sprintf(passwd_file, "%s/.vnc/sesman_%s_passwd", pw_dir, username);
+
          len = g_snprintf(NULL, 0, "%s/.vnc/sesman_%s_passwd", pw_dir, username);
          *passwd_file = (char *) g_malloc(len + 1, 1);
          if (*passwd_file != NULL)
          {
            g_sprintf(*passwd_file, "%s/.vnc/sesman_%s_passwd", pw_dir, username);
          }
        }
        else
        {
          /* we use auth_file_path as requested */
-          g_sprintf(passwd_file, g_cfg->auth_file_path, username);
+          len = g_snprintf(NULL, 0, g_cfg->auth_file_path, username);
          *passwd_file = (char *) g_malloc(len + 1, 1);
          if (*passwd_file != NULL)
          {
            g_sprintf(*passwd_file, g_cfg->auth_file_path, username);
          }
        }
        if (*passwd_file != NULL)
        {
          LOG_DBG(&(g_cfg->log), "pass file: %s", *passwd_file);
        }
        LOG_DBG("pass file: %s", passwd_file);
      }
    }
    g_free(pw_dir);
    g_free(pw_shell);
  }
  else
  {
--- a/sesman/env.h
+++ b/sesman/env.h
@ -49,7 +49,7 @@ env_check_password_file(char* filename, char* password);
 *
 */
 int DEFAULT_CC
-env_set_user(char* username, char* passwd_file, int display);
+env_set_user(char* username, char** passwd_file, int display);
 #endif
--- a/sesman/session.c
+++ b/sesman/session.c
@ -365,7 +365,7 @@ session_start_fork(int width, int height, int bpp, char* username,
  char depth[32];
  char screen[32];
  char text[256];
-  char passwd_file[256];
+  char *passwd_file;
  char ** pp1 = (char **)NULL;
  struct session_chain * temp = (struct session_chain *)NULL;
  struct list * xserver_params = (struct list *)NULL;
@ -380,7 +380,8 @@ session_start_fork(int width, int height, int bpp, char* username,
  g_memset(depth,0,sizeof(char) * 32);
  g_memset(screen,0,sizeof(char) * 32);
  g_memset(text,0,sizeof(char) * 256);
-  g_memset(passwd_file,0,sizeof(char) * 256);
+
  passwd_file = 0;
  /* check to limit concurrent sessions */
  if (g_session_count >= g_cfg->sess.max_sessions)
@ -512,7 +513,7 @@ session_start_fork(int width, int height, int bpp, char* username,
      }
      else if (xpid == 0) /* child */
      {
-        env_set_user(username, passwd_file, display);
+        env_set_user(username, &passwd_file, display);
        env_check_password_file(passwd_file, password);
        if (type == SESMAN_SESSION_TYPE_XVNC)
        {
@ -527,6 +528,7 @@ session_start_fork(int width, int height, int bpp, char* username,
          list_add_item(xserver_params, (long)g_strdup(depth));
          list_add_item(xserver_params, (long)g_strdup("-rfbauth"));
          list_add_item(xserver_params, (long)g_strdup(passwd_file));
          g_free(passwd_file);
          /* additional parameters from sesman.ini file */
          //config_read_xserver_params(SESMAN_SESSION_TYPE_XVNC,
@ -550,6 +552,7 @@ session_start_fork(int width, int height, int bpp, char* username,
          list_add_item(xserver_params, (long)g_strdup(geometry));
          list_add_item(xserver_params, (long)g_strdup("-depth"));
          list_add_item(xserver_params, (long)g_strdup(depth));
          g_free(passwd_file);
          /* additional parameters from sesman.ini file */
          //config_read_xserver_params(SESMAN_SESSION_TYPE_XRDP,
--- a/xorg/X11R7.6/buildx.sh
+++ b/xorg/X11R7.6/buildx.sh
@ -1,7 +1,8 @@
 #!/bin/sh
-# build.sh: a script for building X11R7.6 X server for use with xrdp #
+# buildx.sh: a script for building X11R7.6 X server for use with xrdp
-# Copyright 2011-2012 Jay Sorg Jay.Sorg@gmail.com
+#
 # Copyright 2011-2013 Jay Sorg Jay.Sorg@gmail.com
 #
 # Authors
 #       Jay Sorg Jay.Sorg@gmail.com
@ -24,107 +25,27 @@
 download_file()
 {
    local file url status
    file=$1
-    # if we already have the file, don't re-download it
+    # if we already have the file, don't download it
-       if [ -r downloads/$file ]; then
+    if [ -r downloads/$file ]; then
-         return 0
+        return 0
-       fi
+    fi
    echo "downloading file $download_url/$file"
    cd downloads
-    echo "downloading file $file"
+    wget -cq $download_url/$file
-    if [ "$file" = "pixman-0.15.20.tar.bz2" ]; then
+    status=$?
-        wget -cq http://ftp.x.org/pub/individual/lib/$file
+    cd ..
-        status=$?
+    return $status
        cd ..
        return $status
    elif [ "$file" = "libdrm-2.4.26.tar.bz2" ]; then
        wget -cq http://dri.freedesktop.org/libdrm/$file
        status=$?
        cd ..
        return $status
    elif [ "$file" = "MesaLib-7.10.3.tar.bz2" ]; then
        wget -cq ftp://ftp.freedesktop.org/pub/mesa/7.10.3/$file
        status=$?
        cd ..
        return $status
    elif [ "$file" = "expat-2.0.1.tar.gz" ]; then
        wget -cq http://server1.xrdp.org/xrdp/expat-2.0.1.tar.gz
        status=$?
        cd ..
        return $status
    elif [ "$file" = "freetype-2.4.6.tar.bz2" ]; then
        wget -cq http://download.savannah.gnu.org/releases/freetype/freetype-2.4.6.tar.bz2
        status=$?
        cd ..
        return $status
    elif [ "$file" = "xkeyboard-config-2.0.tar.bz2" ]; then
        wget -cq http://www.x.org/releases/individual/data/xkeyboard-config/xkeyboard-config-2.0.tar.bz2
        status=$?
        cd ..
        return $status
    elif [ "$file" = "makedepend-1.0.3.tar.bz2" ]; then
        wget -cq http://xorg.freedesktop.org/releases/individual/util/makedepend-1.0.3.tar.bz2
        status=$?
        cd ..
        return $status
    elif [ "$file" = "libxml2-sources-2.7.8.tar.gz" ]; then
        wget -cq ftp://ftp.xmlsoft.org/libxml2/libxml2-sources-2.7.8.tar.gz
        status=$?
        cd ..
        return $status
    elif [ "$file" = "Python-2.5.tar.bz2" ]; then
        wget -cq http://www.python.org/ftp/python/2.5/Python-2.5.tar.bz2
        status=$?
        cd ..
        return $status
    elif [ "$file" = "Python-2.7.tar.bz2" ]; then
        wget -cq http://www.python.org/ftp/python/2.7/Python-2.7.tar.bz2
        status=$?
        cd ..
        return $status
    elif [ "$file" = "expat-2.0.1.tar.gz" ]; then
        wget -cq http://server1.xrdp.org/xrdp/expat-2.0.1.tar.gz
        status=$?
        cd ..
        return $status
    elif [ "$file" = "cairo-1.8.8.tar.gz" ]; then
        wget -cq http://server1.xrdp.org/xrdp/cairo-1.8.8.tar.gz
        status=$?
        cd ..
        return $status
    elif [ "$file" = "libpng-1.2.46.tar.gz" ]; then
        wget -cq http://server1.xrdp.org/xrdp/libpng-1.2.46.tar.gz
        status=$?
        cd ..
        return $status
    elif [ "$file" = "intltool-0.41.1.tar.gz" ]; then
        wget -cq http://launchpad.net/intltool/trunk/0.41.1/+download/intltool-0.41.1.tar.gz
        status=$?
        cd ..
        return $status
    elif [ "$file" = "libxslt-1.1.26.tar.gz" ]; then
        wget -cq ftp://xmlsoft.org/libxslt/libxslt-1.1.26.tar.gz
        status=$?
        cd ..
        return $status
    elif [ "$file" = "fontconfig-2.8.0.tar.gz" ]; then
        wget -cq http://server1.xrdp.org/xrdp/fontconfig-2.8.0.tar.gz
        status=$?
        cd ..
        return $status
    else
        wget -cq $download_url/$file
        status=$?
        cd ..
        return $status
    fi
 }
 remove_modules()
 {
    local mod_file mod_dir mod_args
    if [ -d cookies ]; then
        rm cookies/*
    fi
@ -136,21 +57,15 @@ remove_modules()
        exit 0
    fi
-    cd build_dir
+    while IFS=: read mod_file mod_dir mod_args
    while read line
    do
-        mod_dir=`echo $line | cut -d':' -f2`
+        (cd build_dir; [ -d $mod_dir ] && rm -rf $mod_dir)
-        if [ -d $mod_dir ]; then
+    done < $data_file
            rm -rf $mod_dir
        fi
    done < ../$data_file
    cd ..
 }
 extract_it()
 {
    local mod_file mod_name mod_args comp
    mod_file=$1
    mod_name=$2
    mod_args=$3
@ -160,8 +75,8 @@ extract_it()
    fi
    # download file
-    download_file $mod_file
+    if ! download_file $mod_file
-    if [ $? -ne 0 ]; then
+    then
        echo ""
        echo "failed to download $mod_file - aborting build"
        echo ""
@ -172,13 +87,15 @@ extract_it()
    # if pkg has not yet been extracted, do so now
    if [ ! -d $mod_name ]; then
-        echo $mod_file | grep -q tar.bz2
+        case "$mod_file" in
-        if [ $? -eq 0 ]; then
+        *.tar.bz2) comp=j ;;
-            tar xjf ../downloads/$mod_file > /dev/null 2>&1
+        *.tar.gz) comp=z ;;
-        else
+        *.tar.xz) comp=J ;;
-            tar xzf ../downloads/$mod_file > /dev/null 2>&1
+        *.tar) comp= ;;
-        fi
+        *) echo "unknown compressed module $mod_name" ; exit 1 ;;
-        if [ $? -ne 0 ]; then
+        esac
        if ! tar x${comp}f ../downloads/$mod_file > /dev/null
        then
            echo "error extracting module $mod_name"
            exit 1
        fi
@ -188,13 +105,13 @@ extract_it()
    cd $mod_name
    # check for patches
    if [ -e ../../$mod_name.patch ]; then
-      patch -p1 < ../../$mod_name.patch
+        patch -p1 < ../../$mod_name.patch
    fi
    # now configure
    echo "executing ./configure --prefix=$PREFIX_DIR $mod_args"
-    ./configure --prefix=$PREFIX_DIR $mod_args
+    if ! ./configure --prefix=$PREFIX_DIR $mod_args
-    if [ $? -ne 0 ]; then
+    then
-        echo "configuration failed for module $mn"
+        echo "configuration failed for module $mod_name"
        exit 1
    fi
@ -205,6 +122,7 @@ extract_it()
 make_it()
 {
    local mod_file mod_name mod_args
    mod_file=$1
    mod_name=$2
    mod_args=$3
@ -221,8 +139,8 @@ make_it()
    echo "*** processing module $mod_name ($count of $num_modules) ***"
    echo ""
-    extract_it $mod_file $mod_name "$mod_args"
+    if ! extract_it $mod_file $mod_name "$mod_args"
-    if [ $? -ne 0 ]; then
+    then
        echo ""
        echo "extract failed for module $mod_name"
        echo ""
@ -231,8 +149,8 @@ make_it()
    # make module
    if [ ! -e cookies/$mod_name.made ]; then
-        (cd build_dir/$mod_name ; make)
+        if ! make -C build_dir/$mod_name
-        if [ $? -ne 0 ]; then
+        then
            echo ""
            echo "make failed for module $mod_name"
            echo ""
@ -242,8 +160,8 @@ make_it()
    fi
    # install module
-    (cd build_dir/$mod_name ; make install)
+    if ! make -C build_dir/$mod_name install
-    if [ $? -ne 0 ]; then
+    then
        echo ""
        echo "make install failed for module $mod_name"
        echo ""
@ -253,9 +171,9 @@ make_it()
    # special case after installing python make this sym link
    # so Mesa builds using this python version
    case "$mod_name" in
-      *Python-2*)
+    *Python-2*)
-      (cd build_dir/$mod_name ; ln -s python $PREFIX_DIR/bin/python2)
+        ln -s python build_dir/$mod_name/$PREFIX_DIR/bin/python2
-      ;;
+        ;;
    esac
    touch cookies/$mod_name.installed
@ -266,7 +184,9 @@ make_it()
 data_file=x11_file_list.txt
 # this is the default download location for most modules
-download_url=http://www.x.org/releases/X11R7.6/src/everything
+# changed now to server1.xrdp.org
 # was www.x.org/releases/X11R7.6/src/everything
 download_url=http://server1.xrdp.org/xrdp/X11R7.6
 num_modules=`cat $data_file | wc -l`
 count=0
@ -277,10 +197,10 @@ count=0
 if [ $# -lt 1 ]; then
    echo ""
-    echo "usage: build.sh <installation dir>"
+    echo "usage: buildx.sh <installation dir>"
-    echo "usage: build.sh <clean>"
+    echo "usage: buildx.sh <clean>"
-    echo "usage: build.sh default"
+    echo "usage: buildx.sh default"
-    echo "usage: build.sh <installation dir> drop - set env and run bash in rdp dir"
+    echo "usage: buildx.sh <installation dir> drop - set env and run bash in rdp dir"
    echo ""
    exit 1
 fi
@ -299,9 +219,9 @@ else
 fi
 if ! test -d $PREFIX_DIR; then
-    echo "dir does not exit, creating [$PREFIX_DIR]"
+    echo "dir does not exist, creating [$PREFIX_DIR]"
-    mkdir $PREFIX_DIR
+    if ! mkdir $PREFIX_DIR
-    if ! test $? -eq 0; then
+    then
        echo "mkdir failed [$PREFIX_DIR]"
        exit 0
    fi
@ -316,8 +236,8 @@ export CFLAGS="-I$PREFIX_DIR/include -fPIC -O2"
 # prefix dir must exist...
 if [ ! -d $PREFIX_DIR ]; then
-    mkdir -p $PREFIX_DIR
+    if ! mkdir -p $PREFIX_DIR
-    if [ $? -ne 0 ]; then
+    then
        echo "$PREFIX_DIR does not exist; failed to create it - cannot continue"
        exit 1
    fi
@ -331,8 +251,8 @@ fi
 # create a downloads dir
 if [ ! -d downloads ]; then
-    mkdir downloads
+    if ! mkdir downloads
-    if [ $? -ne 0 ]; then
+    then
        echo "error creating downloads directory"
        exit 1
    fi
@ -340,8 +260,8 @@ fi
 # this is where we do the actual build
 if [ ! -d build_dir ]; then
-    mkdir build_dir
+    if ! mkdir build_dir
-    if [ $? -ne 0 ]; then
+    then
        echo "error creating build_dir directory"
        exit 1
    fi
@ -349,22 +269,18 @@ fi
 # this is where we store cookie files
 if [ ! -d cookies ]; then
-    mkdir cookies
+    if ! mkdir cookies
-    if [ $? -ne 0 ]; then
+    then
        echo "error creating cookies directory"
        exit 1
    fi
 fi
-while read line
+while IFS=: read mod_file mod_dir mod_args
 do
    mod_file=`echo $line | cut -d':' -f1`
    mod_dir=`echo $line | cut -d':' -f2`
    mod_args=`echo $line | cut -d':' -f3`
    mod_args=`eval echo $mod_args`
    make_it $mod_file $mod_dir "$mod_args"
 done < $data_file
 echo "build for X OK"
@ -372,22 +288,22 @@ echo "build for X OK"
 X11RDPBASE=$PREFIX_DIR
 export X11RDPBASE
-cd rdp
+if ! make -C rdp
-make
+then
 if [ $? -ne 0 ]; then
    echo "error building rdp"
    exit 1
 fi
 # this will copy the build X server with the other X server binaries
 cd rdp
 strip X11rdp
 cp X11rdp $X11RDPBASE/bin
 if [ "$2" = "drop" ]; then
-  echo ""
+    echo ""
-  echo "dropping you in dir, type exit to get out"
+    echo "dropping you in dir, type exit to get out"
-  bash
+    bash
-  exit 1
+    exit 1
 fi
 echo "All done"
--- a/xrdp/xrdp.h
+++ b/xrdp/xrdp.h
@ -29,8 +29,8 @@
 #include "trans.h"
 #include "list.h"
 #include "libxrdpinc.h"
 #include "xrdp_types.h"
 #include "xrdp_constants.h"
 #include "xrdp_types.h"
 #include "defines.h"
 #include "os_calls.h"
 #include "ssl_calls.h"
--- a/xrdp/xrdp_cache.c
+++ b/xrdp/xrdp_cache.c
@ -34,12 +34,22 @@ xrdp_cache_create(struct xrdp_wm* owner,
  self->wm = owner;
  self->session = session;
  self->use_bitmap_comp = client_info->use_bitmap_comp;
-  self->cache1_entries = client_info->cache1_entries;
+
  self->cache1_entries = MIN(XRDP_MAX_BITMAP_CACHE_IDX,
                             client_info->cache1_entries);
  self->cache1_entries = MAX(self->cache1_entries, 0);
  self->cache1_size = client_info->cache1_size;
-  self->cache2_entries = client_info->cache2_entries;
+
  self->cache2_entries = MIN(XRDP_MAX_BITMAP_CACHE_IDX,
                             client_info->cache2_entries);
  self->cache2_entries = MAX(self->cache2_entries, 0);
  self->cache2_size = client_info->cache2_size;
-  self->cache3_entries = client_info->cache3_entries;
+
  self->cache3_entries = MIN(XRDP_MAX_BITMAP_CACHE_IDX,
                             client_info->cache3_entries);
  self->cache3_entries = MAX(self->cache3_entries, 0);
  self->cache3_size = client_info->cache3_size;
  self->bitmap_cache_persist_enable = client_info->bitmap_cache_persist_enable;
  self->bitmap_cache_version = client_info->bitmap_cache_version;
  self->pointer_cache_entries = client_info->pointer_cache_entries;
--- a/xrdp/xrdp_process.c
+++ b/xrdp/xrdp_process.c
@ -190,6 +190,9 @@ xrdp_process_main_loop(struct xrdp_process* self)
  else
  {
    g_writeln("xrdp_process_main_loop: libxrdp_process_incomming failed");
    /* this will try to send a disconnect,
       maybe should check that connection got far enough */
    libxrdp_disconnect(self->session);
  }
  xrdp_process_mod_end(self);
  libxrdp_exit(self->session);
--- a/xrdp/xrdp_types.h
+++ b/xrdp/xrdp_types.h
@ -193,7 +193,8 @@ struct xrdp_cache
  struct xrdp_palette_item palette_items[6];
  /* bitmap */
  int bitmap_stamp;
-  struct xrdp_bitmap_item bitmap_items[3][2000];
+  struct xrdp_bitmap_item bitmap_items[XRDP_MAX_BITMAP_CACHE_ID]
                                      [XRDP_MAX_BITMAP_CACHE_IDX];
  int use_bitmap_comp;
  int cache1_entries;
  int cache1_size;
Author	SHA1	Message	Date
speidy	33c7f1038c	sesman: env_set_user, fix potential bof issues Conflicts: sesman/env.c	2016-10-04 02:12:05 -04:00
Jay Sorg	4fe4b436d7	X11rdp: update buildx.sh to pull files from server1.xrdp.org	2014-09-04 06:32:42 -07:00
Jay Sorg	64e2291274	VUL: check bytes remaining in xrdp_rdp_process_data_input	2013-09-12 13:47:57 -07:00
Jay Sorg	7ea609e91a	VUL: make sure cache entries are in range Conflicts: common/xrdp_constants.h libxrdp/xrdp_rdp.c xrdp/xrdp_cache.c	2013-09-12 13:47:24 -07:00
Jay Sorg	44d8b601ba	VUL: call libxrdp_disconnect if libxrdp_process_incomming fails Conflicts: xrdp/xrdp_process.c	2013-09-12 13:43:43 -07:00
Jay Sorg	04f121f214	VUL: if xrdp_sec_process_mcs_data_channels fails, xrdp_sec_process_mcs_data should fail	2013-09-12 13:41:49 -07:00
Jay Sorg	bc6b29ae88	VUL: channels are limited to 31	2013-09-12 13:41:13 -07:00
Jay Sorg	9533e7fa2e	VUL: fix some possible buffer overruns	2013-09-12 13:40:35 -07:00
Jay Sorg	0bc3ee2cd7	VUL: fix some possible buffer overruns Conflicts: libxrdp/xrdp_mcs.c	2013-09-12 13:39:30 -07:00