From fe3c12d44ae266e54574b7960898f17509ba4f84 Mon Sep 17 00:00:00 2001
From: Mads Kiilerich <mads@kiilerich.com>
Date: Fri, 16 Mar 2012 18:12:49 +0100
Subject: [PATCH] rdp redirect: do the necessary layering violation to avoid
 leaks

---
 libfreerdp-core/connection.c  | 12 ++++++++++++
 libfreerdp-core/rdp.c         |  2 +-
 libfreerdp-core/redirection.c |  6 ------
 3 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/libfreerdp-core/connection.c b/libfreerdp-core/connection.c
index 236077b..86a724d 100644
--- a/libfreerdp-core/connection.c
+++ b/libfreerdp-core/connection.c
@@ -128,10 +128,22 @@ boolean rdp_client_redirect(rdpRdp* rdp)
 
 	rdp_client_disconnect(rdp);
 
+	/* FIXME: this is a subset of rdp_free */
+	crypto_rc4_free(rdp->rc4_decrypt_key);
+	crypto_rc4_free(rdp->rc4_encrypt_key);
+	crypto_des3_free(rdp->fips_encrypt);
+	crypto_des3_free(rdp->fips_decrypt);
+	crypto_hmac_free(rdp->fips_hmac);
 	mcs_free(rdp->mcs);
 	nego_free(rdp->nego);
 	license_free(rdp->license);
 	transport_free(rdp->transport);
+
+	/* FIXME: this is a subset of settings_free */
+	freerdp_blob_free(settings->server_random);
+	freerdp_blob_free(settings->server_certificate);
+	xfree(settings->ip_address);
+
 	rdp->transport = transport_new(settings);
 	rdp->license = license_new(rdp);
 	rdp->nego = nego_new(rdp->transport);
diff --git a/libfreerdp-core/rdp.c b/libfreerdp-core/rdp.c
index 13ecae8..94d81bd 100644
--- a/libfreerdp-core/rdp.c
+++ b/libfreerdp-core/rdp.c
@@ -941,8 +941,8 @@ void rdp_free(rdpRdp* rdp)
 		crypto_des3_free(rdp->fips_encrypt);
 		crypto_des3_free(rdp->fips_decrypt);
 		crypto_hmac_free(rdp->fips_hmac);
-		extension_free(rdp->extension);
 		settings_free(rdp->settings);
+		extension_free(rdp->extension);
 		transport_free(rdp->transport);
 		license_free(rdp->license);
 		input_free(rdp->input);
diff --git a/libfreerdp-core/redirection.c b/libfreerdp-core/redirection.c
index 113c65a..3ca8ff8 100644
--- a/libfreerdp-core/redirection.c
+++ b/libfreerdp-core/redirection.c
@@ -193,12 +193,6 @@ void redirection_free(rdpRedirection* redirection)
 {
 	if (redirection != NULL)
 	{
-		//these four have already been freed in settings_free() and freerdp_string_free() checks for NULL
-		redirection->username.ascii = NULL;
-		redirection->domain.ascii = NULL;
-		redirection->targetNetAddress.ascii = NULL;
-		redirection->targetNetBiosName.ascii = NULL;
-
 		freerdp_string_free(&redirection->tsvUrl);
 		freerdp_string_free(&redirection->username);
 		freerdp_string_free(&redirection->domain);
-- 
2.7.4