akallabeth [Thu, 30 Jul 2020 14:16:01 +0000 (16:16 +0200)]
Fix #6399: Call ConvertFromUnicode with length -1.
The input string has ensured NULL termination, so let the function
determine the correct length.
(cherry picked from commit
36499527e747283019c21dbc84c5eff0a564e1d8)
Zhu Qun-Ying [Fri, 24 Jul 2020 16:16:18 +0000 (09:16 -0700)]
cliprdr_common.c: fix memory leak in certain error condition
(cherry picked from commit
2b315e8bfa50cbf8adaf64a82307cc7d0dded395)
Armin Novak [Thu, 23 Jul 2020 08:48:39 +0000 (10:48 +0200)]
Set BIO data NULL on cleanup
Recursive BIO free could double free, if the BIO data is not set
NULL when removed.
(cherry picked from commit
76d10561bbf24b82df43771e93a1692790c3dbbc)
Martin Fleisz [Mon, 20 Jul 2020 13:38:46 +0000 (15:38 +0200)]
Merge pull request #6382 from bmiklautz/release_220
FreeRDP security and version 2.2.0 release
Bernhard Miklautz [Mon, 20 Jul 2020 12:21:59 +0000 (14:21 +0200)]
new: Changelog for 2.2.0
Norbert Federa [Mon, 20 Jul 2020 11:18:45 +0000 (13:18 +0200)]
core: fix invalid inttype and reference
The error message in tpdu_read_header() printed the pointer address and
used PRIu16 for an UINT8 type
(cherry picked from commit
54fdf7947d4d35589dab9ec3e37839606ffcc985)
Fixes #6380
akallabeth [Fri, 3 Jul 2020 08:29:13 +0000 (10:29 +0200)]
Fixed missing input sanitation for GFX surfaces.
Thanks to Sunglin and HuanGMz of the Knownsec 404 security team and pangzi of pwnzen
(cherry picked from commit
5592cb2e10da42592af98f5533d2e42181e86821)
akallabeth [Fri, 3 Jul 2020 08:26:38 +0000 (10:26 +0200)]
Fixed input sanitation in rdpgfx_recv_solid_fill_pdu
The input rectangle must be checked for plausibility.
Thanks to Sunglin and HuanGMz of the Knownsec 404 security team and pangzi of pwnzen
(cherry picked from commit
d862a03cbf88ec6e76e47b84eae7e214690cb607)
Giovanni Panozzo [Tue, 14 Jul 2020 22:08:15 +0000 (00:08 +0200)]
Fix seeking in Cache Brush and other Secondary Drawing Orders
(cherry picked from commit
9f7e475c1652c2b1e30e0406ec0bc7ea3f2330ff)
Fixes #6374
Bernhard Miklautz [Wed, 15 Jul 2020 14:42:24 +0000 (16:42 +0200)]
Merge pull request #6319 from akallabeth/stable-2.0-backports3
Stable 2 backports from master
Kobi Mizrachi [Wed, 8 Jul 2020 08:53:26 +0000 (11:53 +0300)]
server: proxy: add extern C for c++ plugins
(cherry picked from commit
755d20501bac9c935a88d0ba040a4410681c1aa7)
Kobi Mizrachi [Tue, 7 Jul 2020 12:31:31 +0000 (15:31 +0300)]
server: proxy: rail: Fix rail handshake flags sync issue at reconnect
(cherry picked from commit
cc9ef8f74e59f9351aca84a2a95048a4af274af6)
Kobi Mizrachi [Tue, 7 Jul 2020 12:31:20 +0000 (15:31 +0300)]
rail: server: add API to set railHandshakeExflags
(cherry picked from commit
004c2f49e4068270cbd5cfb9f44c015c6fb931ea)
Kobi Mizrachi [Sun, 5 Jul 2020 06:11:56 +0000 (09:11 +0300)]
server: proxy: fix race issue
Proxy server might receive input updates while client side being
redirected (and reset), then a heap-after-free might occur. To solve
this, we register server input/update callbacks only after client is
fully activated.
(cherry picked from commit
db0196fd01faa4234a4b2cabadb5f4cb16edeef1)
akallabeth [Tue, 7 Jul 2020 08:56:21 +0000 (10:56 +0200)]
Updated version information for 2.2.0 release
Armin Novak [Mon, 6 Jul 2020 09:09:14 +0000 (11:09 +0200)]
Fixed urbdrc device path
(cherry picked from commit
63747000982f70bc169ff037bccb1bbcfd697747)
Armin Novak [Mon, 6 Jul 2020 07:59:15 +0000 (09:59 +0200)]
Fixed bDeviceClass check in udev_init
Use the proper constant 0xef (Miscellaneous) instead of
0xfe (Application Specific)
See https://www.usb.org/defined-class-codes
(cherry picked from commit
b97cb4c95dd085142cadf1645505264632d1af21)
akallabeth [Fri, 3 Jul 2020 14:20:12 +0000 (16:20 +0200)]
Replaced malloc in urbdrc channel
(cherry picked from commit
3ae6feeebe8638c3bea76fd270f3fd46ee768ff2)
akallabeth [Fri, 3 Jul 2020 14:04:23 +0000 (16:04 +0200)]
Fixed discrepancy in string descriptor default
(cherry picked from commit
747513d901ae50c8223a5ddd5b447436bb782a66)
akallabeth [Fri, 3 Jul 2020 13:47:53 +0000 (15:47 +0200)]
Replaced memset in urbdrc
(cherry picked from commit
e84c3829bf942b28cd6ef4d7cff4d5f8cca8a5f8)
akallabeth [Fri, 3 Jul 2020 13:14:15 +0000 (15:14 +0200)]
Unified logging for urbdrc libusb wrapper
(cherry picked from commit
a81001c3a33818561bf0e6193e219b1b3245391d)
akallabeth [Fri, 3 Jul 2020 12:59:03 +0000 (14:59 +0200)]
Initialize variable in func_instance_id_generate
(cherry picked from commit
a4a4992750085367e52623209c94ed3f1c66b25b)
akallabeth [Fri, 3 Jul 2020 12:48:07 +0000 (14:48 +0200)]
Improved error log for string descriptor read issues
(cherry picked from commit
dd2589cebcac5b39c6af9bbe9f444f6451e9ad4b)
akallabeth [Fri, 3 Jul 2020 11:33:08 +0000 (13:33 +0200)]
Reverted check for short usb descriptor
(cherry picked from commit
6ba67a07beeb44878912851cf6ed6c6bf7443e09)
akallabeth [Fri, 3 Jul 2020 10:50:11 +0000 (12:50 +0200)]
Added compile time urbdrc debug option
(cherry picked from commit
5244efadcfb158c813d79b8e8c068fc33198f79b)
akallabeth [Fri, 3 Jul 2020 10:41:59 +0000 (12:41 +0200)]
Dump USB channel data with log-level trace
(cherry picked from commit
e32ba76deb8e16834a5bb0d099cc08d1ed44c04d)
Kobi Mizrachi [Tue, 7 Jul 2020 07:16:46 +0000 (10:16 +0300)]
server: proxy: proxy rdp heartbeats
(cherry picked from commit
659e4c772bbc7e3807dc94628934e8982f8efcf7)
Kobi Mizrachi [Tue, 7 Jul 2020 07:16:28 +0000 (10:16 +0300)]
libfreerdp: core: add ServerHeartbeat callback
(cherry picked from commit
2096ede5cc8caa209c532438e3a1173f6b47e2c4)
Armin Novak [Mon, 6 Jul 2020 13:37:37 +0000 (15:37 +0200)]
Moved pthread non portable function checks before ASAN
(cherry picked from commit
4d529f6f952c3632e13ba43261c263e5b83eca68)
Armin Novak [Mon, 6 Jul 2020 11:51:08 +0000 (13:51 +0200)]
Refined asan checks
Find threads before ASAN checks as for android builds the check
might fail if done afterward.
(cherry picked from commit
44f2e869820c9a33e8875982d20e9bb561736ce1)
akallabeth [Fri, 3 Jul 2020 09:06:30 +0000 (11:06 +0200)]
Removed unnecessary checks for asan
check_c_compiler_flag is unreliable, only use where absolutely
necessary.
(cherry picked from commit
7864a985d48f0fba4d431b196464f2075ebacd4b)
Kobi Mizrachi [Mon, 6 Jul 2020 07:32:59 +0000 (10:32 +0300)]
rail: server: rename rail_send_pdu -> rail_server_send_pdu
(cherry picked from commit
ec06a98e84690a9cf64d080145b71ca9a2e084fa)
Kobi Mizrachi [Mon, 6 Jul 2020 05:37:14 +0000 (08:37 +0300)]
rail_common.c: Fix rail_get_order_type_string
(cherry picked from commit
5438b94c979728feeccd13374c77c4881eda8137)
Kobi Mizrachi [Mon, 6 Jul 2020 05:27:13 +0000 (08:27 +0300)]
rail: server: mark rail_send_pdu as static function
(cherry picked from commit
c3b28e8bced83dd992854e18b8f82eef7af9e54d)
Armin Novak [Mon, 6 Jul 2020 07:16:55 +0000 (09:16 +0200)]
Fixed #6335: windows client title length
(cherry picked from commit
dfbeeb1e16d61734319dd32d25ee12e8715a1bc1)
akallabeth [Mon, 29 Jun 2020 06:04:15 +0000 (08:04 +0200)]
Added hint for errors due to missing offscreen-cache
(cherry picked from commit
57e7a99393fd3db79cd2a78e6a447aaf2540c521)
akallabeth [Fri, 26 Jun 2020 08:57:05 +0000 (10:57 +0200)]
Use CMake to detect availability of getlogin_r
(cherry picked from commit
3a5bfd2bd0eee134dbac4a98dcb3ed5227a8c6dc)
Armin Novak [Tue, 23 Jun 2020 09:53:45 +0000 (11:53 +0200)]
Fixed uninitialized value
(cherry picked from commit
dc112d19355491f1b5e23631c15c5d960746bfac)
akallabeth [Mon, 29 Jun 2020 11:26:15 +0000 (13:26 +0200)]
Filter GSM codec for microphone redirection
(cherry picked from commit
c5984ff811f40b0382a251e76fc5f3690339f80a)
Pascal Nowack [Fri, 26 Jun 2020 14:33:19 +0000 (16:33 +0200)]
nsc: Fix memory leak
Fixes the following memory leak:
==115716== 16,662,960 bytes in 459 blocks are definitely lost in loss record 3,504 of 3,504
==115716== at 0x48396AF: malloc (vg_replace_malloc.c:306)
==115716== by 0x4C6A4E2: nsc_context_initialize_encode (nsc_encode.c:77)
==115716== by 0x4C6A4E2: nsc_compose_message (nsc_encode.c:497)
(cherry picked from commit
9bd457405095c94a24175bc54bd99947fcf6a33d)
Armin Novak [Mon, 22 Jun 2020 10:57:26 +0000 (12:57 +0200)]
Fixed creating release zip from folder
(cherry picked from commit
16350dcdda73767c7012a2c8f09405944b39d09a)
Armin Novak [Tue, 23 Jun 2020 07:24:35 +0000 (09:24 +0200)]
Fixed #6298: Mask CACHED_BRUSH when checking brush style
(cherry picked from commit
ce1a9d8d1969ecbb4d24b9f4812654638a44abc2)
Armin Novak [Tue, 23 Jun 2020 07:32:19 +0000 (09:32 +0200)]
Fixed spelling, print errors to stderr
(cherry picked from commit
b50525d1fb47aa6b07450c10f8ad7b5245e523fa)
Armin Novak [Tue, 23 Jun 2020 07:30:08 +0000 (09:30 +0200)]
Fixed bug with creating release source_version
(cherry picked from commit
5490ce50992716d9230bd3ac84b3e819f1c5649f)
Martin Fleisz [Mon, 22 Jun 2020 10:44:36 +0000 (12:44 +0200)]
Merge pull request #6285 from akallabeth/stable-backports2
Stable backports
Armin Novak [Mon, 22 Jun 2020 10:26:08 +0000 (12:26 +0200)]
Updated versions to 2.1.2
Armin Novak [Mon, 22 Jun 2020 09:58:07 +0000 (11:58 +0200)]
Added changelog for 2.1.2
(cherry picked from commit
5dc50f64183755862cca75cf151933c42fabbb90)
akallabeth [Mon, 15 Jun 2020 06:57:21 +0000 (08:57 +0200)]
Fixed possible integer overflow in crypto_rsa_common
Thanks @anticomputer for pointing this out
(cherry picked from commit
02c5ec66e5b47fe4cf2fc96e2cd387a18e3f2bb6)
akallabeth [Tue, 2 Jun 2020 12:41:37 +0000 (14:41 +0200)]
Fixed fallback to getlogin for android
(cherry picked from commit
caff01877d4df5f25a983b3aa5e57dde6a16a62f)
akallabeth [Tue, 2 Jun 2020 11:19:26 +0000 (13:19 +0200)]
Removed duplicate semicolon
(cherry picked from commit
308c2c3544763873a5bea4d18c72c9f62e1584cb)
akallabeth [Tue, 2 Jun 2020 10:26:40 +0000 (12:26 +0200)]
Fixed OOB read in ntlm_av_pair_get
CVE-2020-11097 thanks to @antonio-morales for finding this.
(cherry picked from commit
58a3122250d54de3a944c487776bcd4d1da4721e)
akallabeth [Tue, 2 Jun 2020 09:33:48 +0000 (11:33 +0200)]
Fixed broken const variable.
(cherry picked from commit
1c6a6923f87dcfb295c508963f21bebbbc4292ae)
akallabeth [Tue, 2 Jun 2020 07:28:47 +0000 (09:28 +0200)]
Reset freed HGDI_DC
CVE-2020-4031 thanks to @antonio-morales for finding this.
(cherry picked from commit
f753c25ad3d5dae7890fe73cfb3c091c015d97ed)
akallabeth [Tue, 2 Jun 2020 06:45:09 +0000 (08:45 +0200)]
Fixed out of bound read in RLEDECOMPRESS
CVE-2020-4033 thanks to @antonio-morales for finding this.
(cherry picked from commit
0a98c450c58ec150e44781c89aa6f8e7e0f571f5)
akallabeth [Wed, 27 May 2020 06:10:11 +0000 (08:10 +0200)]
Fixed OOB read in update_recv_secondary_order
CVE-2020-4032 thanks to @antonio-morales for finding this.
(cherry picked from commit
e7bffa64ef5ed70bac94f823e2b95262642f5296)
akallabeth [Tue, 26 May 2020 14:12:58 +0000 (16:12 +0200)]
Fixed TrioParse and trio_length limts.
CVE-2020-4030 thanks to @antonio-morales for finding this.
(cherry picked from commit
05cd9ea2290d23931f615c1b004d4b2e69074e27)
akallabeth [Tue, 26 May 2020 05:50:55 +0000 (07:50 +0200)]
Fixed OOB read in update_read_cache_bitmap_v3_order
CVE-2020-11096 thanks @antonio-morales for finding this.
(cherry picked from commit
b8beb55913471952f92770c90c372139d78c16c0)
akallabeth [Tue, 26 May 2020 05:28:33 +0000 (07:28 +0200)]
Fixed invalid access in update_recv_primary_order
CVE-2020-11095 thanks @antonio-morales for finding this.
(cherry picked from commit
733ee3208306b1ea32697b356c0215180fc3f049)
akallabeth [Mon, 25 May 2020 12:20:23 +0000 (14:20 +0200)]
Use localtime_s on windows
(cherry picked from commit
c3a1ed780cc4aed639e3391d7cafb9edc9dc623c)
akallabeth [Mon, 25 May 2020 12:07:31 +0000 (14:07 +0200)]
Replaced gmtime with gmtime_r
(cherry picked from commit
a45afe9db77a19e5a177fe1dc3e85119013f9587)
akallabeth [Mon, 25 May 2020 12:04:17 +0000 (14:04 +0200)]
Fixed codition with side effects
(cherry picked from commit
1a02af5a12b400fcb6ad121a0a71e4440c2e9152)
akallabeth [Mon, 25 May 2020 12:03:35 +0000 (14:03 +0200)]
Fixed pcap cleanup
(cherry picked from commit
3ac7bb5d6a743b19e8686410d5ec6dcf74869ebe)
akallabeth [Mon, 25 May 2020 12:03:12 +0000 (14:03 +0200)]
Fixed double free
(cherry picked from commit
6d86e20e1e7caaab4f0c7f89e36d32914dbccc52)
akallabeth [Mon, 25 May 2020 12:01:23 +0000 (14:01 +0200)]
Replaced getlogin with getlogin_r
(cherry picked from commit
36478d3d0b3d7fa378a875f60170a08e94747226)
akallabeth [Mon, 25 May 2020 11:56:24 +0000 (13:56 +0200)]
Replaced localtime with localtime_r
(cherry picked from commit
240fdd07b123594a1f7a460de7e6877b1963d09e)
akallabeth [Mon, 25 May 2020 08:05:57 +0000 (10:05 +0200)]
Fixed memory leaks in ntlm
(cherry picked from commit
057b6df4aebbe8e739139087dfaab15104ca5ba7)
akallabeth [Mon, 25 May 2020 07:42:02 +0000 (09:42 +0200)]
Fixed Out-of-bound read in glyph_cache_put
CVE-2020-11098 thanks to @antonio-morales for finding this.
(cherry picked from commit
c0fd449ec0870b050d350d6d844b1ea6dad4bc7d)
akallabeth [Mon, 25 May 2020 07:37:48 +0000 (09:37 +0200)]
Fixed OOB Read in license_read_new_or_upgrade_license_packet
CVE-2020-11099 thanks to @antonio-morales for finding this.
(cherry picked from commit
6ade7b4cbfd71c54b3d724e8f2d6ac76a58e879a)
Armin Novak [Wed, 17 Jun 2020 10:18:42 +0000 (12:18 +0200)]
Respect SECBUFFER_READONLY flag in NTLM EncryptMessage
(cherry picked from commit
8e45a2dd50d5db6ac6125e0f60e833b6c6c6ea1b)
Armin Novak [Wed, 17 Jun 2020 10:10:33 +0000 (12:10 +0200)]
Added missing SECBUFFER_READONLY flag in rpc_client_write_call
(cherry picked from commit
0d80353bf30de860dcf86285c4e5e2770bc036f7)
Armin Novak [Wed, 17 Jun 2020 06:41:21 +0000 (08:41 +0200)]
TSG improvements
* Respect connection timeout during connect
* Better debug output
* Cleaned up data types,
(cherry picked from commit
ff79636d3311269ec35fc1d6cc4246eef500ad5e)
akallabeth [Thu, 18 Jun 2020 06:42:24 +0000 (08:42 +0200)]
Fixed missing lock during buffer submit.
(cherry picked from commit
c902f583d0911c1e8938c5f14f3f257eb9737745)
Bernhard Miklautz [Tue, 16 Jun 2020 14:39:36 +0000 (16:39 +0200)]
Revert "winpr/library: Use RTLD_GLOBAL for dlopen"
Using RTLD_GLOBAL in LoadLibraryA introduces a different behavior than
expected.
This reverts commit
d566e00258daffcb4c703afc3685e9a42ad01453.
(cherry picked from commit
529e30c273ba67e3924b9fe4419410888314d31f)
Bernhard Miklautz [Tue, 16 Jun 2020 14:35:36 +0000 (16:35 +0200)]
fix [client channels]: move exported API calls to client/common
The functions mappedGeometryRef and mappedGeometryUnref are API
functions ([1]) but were implemented in the geometry channel.
In case FreeRDP was built with BUILTIN_CHANNELS=OFF those functions
weren't available globally but used by the video channel.
Now the functions are fixed part of the freerdp-client library and
therefore available for all channels.
[1] exported in freerdp/client/geometry.h
Fixes #6236
(cherry picked from commit
1628939227fa82fa492f068f178f0cc0a42c518b)
akallabeth [Tue, 16 Jun 2020 11:54:12 +0000 (13:54 +0200)]
Fixed double free for uwac buffers
(cherry picked from commit
1bc48b058f013a8c88db2a1d7da2ad25dcd3bc4c)
akallabeth [Mon, 15 Jun 2020 13:49:21 +0000 (15:49 +0200)]
Lock wayland buffer updates
(cherry picked from commit
7361f75d11b77f998cf7dee08c8aa619df98754a)
Kubistika [Wed, 3 Jun 2020 10:56:52 +0000 (13:56 +0300)]
server: proxy: cap plugin: fix var and func declaration
(cherry picked from commit
0cf764f170384b1f65aa4950f54c668f8212ac11)
Kobi Mizrachi [Mon, 1 Jun 2020 06:37:53 +0000 (09:37 +0300)]
server: proxy: implement session capture plugin
(cherry picked from commit
19809bf338e5503a33664440d0de9313dca038a3)
Kobi Mizrachi [Mon, 1 Jun 2020 06:33:12 +0000 (09:33 +0300)]
winpr: image: add API to construct bmp header
(cherry picked from commit
920acd4c0ee7f9112d77756b0c41474212446609)
akallabeth [Tue, 16 Jun 2020 12:02:49 +0000 (14:02 +0200)]
Fixed compilation issue with shadow pam code
(cherry picked from commit
e1e0f965e8636c587aea7762a94d611e193e07f3)
akallabeth [Wed, 27 May 2020 08:01:04 +0000 (10:01 +0200)]
Fixed surface locking for shadow server.
(cherry picked from commit
a38d6c53a62cdea302fbeb4e466bce22c006d20c)
Armin Novak [Wed, 3 Jun 2020 06:24:17 +0000 (08:24 +0200)]
Do not remove transfer data on usb cancel transfer
(cherry picked from commit
a5e2d62e48619d5502f5334d431ee7d66ae9e4aa)
Armin Novak [Wed, 3 Jun 2020 06:37:45 +0000 (08:37 +0200)]
Fixed double free in urb_isoch_transfer_cb
(cherry picked from commit
ef4de12887486857f7eec37ef93df692b2ecedf0)
Armin Novak [Wed, 3 Jun 2020 07:53:18 +0000 (09:53 +0200)]
Fixed sign compare warnings with constants.
(cherry picked from commit
5ec66cc6c79dadf4c3426060d5bb30ddb360f292)
makki_d [Thu, 4 Jun 2020 09:22:55 +0000 (18:22 +0900)]
fix +unmap-buttons option having the opposite effect
(cherry picked from commit
4607a2766afd2875696b7b7febd9dc63f778b8d7)
akallabeth [Wed, 27 May 2020 09:53:28 +0000 (11:53 +0200)]
Improve X11 shadow authentication reason failure log
(cherry picked from commit
e66ee477c00b91cddc228adaf1577be602e4f725)
Martin Fleisz [Mon, 15 Jun 2020 13:06:02 +0000 (15:06 +0200)]
Fix usage of DsMakeSpn with IP address hostnames
(cherry picked from commit
4e7b60b0028f5d33139065fb965c5cd9d2f6ec1d)
Patrick Chin [Mon, 8 Jun 2020 18:17:35 +0000 (19:17 +0100)]
MessageQueue write time to current message not the next
(cherry picked from commit
ea4df3f91a63c17f6a9bbf8d1b54f462004a992c)
akallabeth [Mon, 8 Jun 2020 05:09:07 +0000 (07:09 +0200)]
Fixed #6267: adjust write_pixel_16 endian handling
(cherry picked from commit
51d3e07c8a4bca32bf82538075e4518b63e8ed4d)
Kyle Evans [Mon, 8 Jun 2020 04:13:58 +0000 (23:13 -0500)]
uwac: don't try to use O_TMPFILE on FreeBSD
Currently, this sets an invalid open flag and attempts to open(), which
will fail. Instead of doing that, don't try to define O_TMPFILE where
such a definition can't exist and force the fallback rather than making
an always-fail open() call.
(cherry picked from commit
082ddb3d2bd068536c17a4dbddcafd465ffcba3a)
Kubistika [Wed, 3 Jun 2020 16:45:18 +0000 (19:45 +0300)]
drdynvc: client: fix #6252 use-after-free
(cherry picked from commit
6ed765c96052c65f16fb1964705bd5c894b51b78)
akallabeth [Thu, 4 Jun 2020 05:44:08 +0000 (07:44 +0200)]
Fixed formatting.
(cherry picked from commit
d1b310d970592226b2f0a70710ad3ae3da61c4bc)
Ondrej Holy [Wed, 3 Jun 2020 11:03:11 +0000 (13:03 +0200)]
smartcard: Teoretical fix of uninitialized values
This tries to fixes the following defects reported by covscan tool:
- channels/smartcard/client/smartcard_operations.c:958: uninit_use_in_call: Using uninitialized value "ret.cReaders" when calling "smartcard_pack_locate_cards_return".
- channels/smartcard/client/smartcard_operations.c:932: uninit_use_in_call: Using uninitialized value "ret.cReaders" when calling "smartcard_pack_locate_cards_return".
But I am not sure about it...
(cherry picked from commit
53459883529bf659488c4da81c30707ff3662820)
Ondrej Holy [Wed, 3 Jun 2020 10:28:32 +0000 (12:28 +0200)]
smartcard: Fix usage of uninitialized values
This fixes the following defect reported by covscan tool:
- channels/smartcard/client/smartcard_pack.c:942: uninit_use_in_call: Using uninitialized value "tmp" when calling "ConvertFromUnicode".
- channels/smartcard/client/smartcard_pack.c:894: uninit_use_in_call: Using uninitialized value "tmp" when calling "ConvertFromUnicode".
- channels/smartcard/client/smartcard_pack.c:475: uninit_use_in_call: Using uninitialized value "tmp" when calling "ConvertFromUnicode".
(cherry picked from commit
e70e25715f89aac823281d7c0674d2387f70f8a6)
Ondrej Holy [Wed, 3 Jun 2020 10:03:44 +0000 (12:03 +0200)]
wlfreerdp: Fix array overrun
This fixes the following defects reported by covscan tool:
- client/Wayland/wlf_input.c:251: overrun-local: Overrunning array "contacts" of 10 32-byte elements at element index 10 (byte offset 351) using index "i" (which evaluates to 10).
- client/Wayland/wlf_input.c:308: overrun-local: Overrunning array "contacts" of 10 32-byte elements at element index 10 (byte offset 351) using index "i" (which evaluates to 10).
- client/Wayland/wlf_input.c:360: overrun-local: Overrunning array "contacts" of 10 32-byte elements at element index 10 (byte offset 351) using index "i" (which evaluates to 10).
- client/Wayland/wlf_input.c:251: error[arrayIndexOutOfBounds]: Array 'contacts[10]' accessed at index 10, which is out of bounds.
- client/Wayland/wlf_input.c:308: error[arrayIndexOutOfBounds]: Array 'contacts[10]' accessed at index 10, which is out of bounds.
- client/Wayland/wlf_input.c:360: error[arrayIndexOutOfBounds]: Array 'contacts[10]' accessed at index 10, which is out of bounds.
- client/Wayland/wlf_input.c:246: uninit_use_in_call: Using uninitialized value "y" when calling "wlf_scale_coordinates".
- client/Wayland/wlf_input.c:246: uninit_use_in_call: Using uninitialized value "x" when calling "wlf_scale_coordinates".
The maximal number of touches can be higher then 10, see:
https://wayland.freedesktop.org/libinput/doc/latest/touchpads.html
Let's increse the MAX_CONTACTS count and add checks to prevent usage of
uninitialized values.
(cherry picked from commit
6ab79961ef09bc0340633319c388b6b7517b1f3d)
Ondrej Holy [Thu, 28 May 2020 06:32:17 +0000 (08:32 +0200)]
gdi: Fix missing unlock
This fixes the following defect reported by covscan tool:
libfreerdp/gdi/gfx.c:144: missing_unlock: Returning without unlocking "update->mux".
(cherry picked from commit
914808f62cd2ac4a6984ee638112e8dc3aad9e52)
Simon Tatham [Sat, 30 May 2020 09:57:10 +0000 (10:57 +0100)]
[generate_argument_docbook] Fix typo in XML entity.
The character '>' was being rendered as < instead of >.
(cherry picked from commit
98930bf2759905f2290e5d777f57a79e7589f220)
Patrick Chin [Fri, 29 May 2020 22:29:58 +0000 (23:29 +0100)]
Fix memory leaks in client/encomsp_main.c and client/remdesk_main.c
(cherry picked from commit
28e29f8ad568b195a9d6a1d785eaa81da13f93ff)
Armin Novak [Fri, 29 May 2020 15:24:15 +0000 (17:24 +0200)]
Fixed #6245: Added additional tests to assistance parser
(cherry picked from commit
69141aa830b6e73e859f907b9bd2a4cac2777d8f)
Florian Staudacher [Fri, 29 May 2020 00:20:15 +0000 (02:20 +0200)]
report only actual bytes received, not allocated buffer size (interrupt produces data, timeout doesn't)
(cherry picked from commit
2e4f27ac9f7bcecb3c3f453341818e538386207f)
projects / platform / upstream / freerdp.git / log