github/FreeRDP
7
0
Fork 0
mirror of https://github.com/FreeRDP/FreeRDP.git synced 2025-06-03 00:00:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

[core] initialize stack variables, improve logging

Browse Source
This commit is contained in:
akallabeth 2023-01-19 14:31:45 +01:00 committed by Martin Fleisz
parent f2b934866a
commit 033ffff428
3 changed files with 24 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
libfreerdp/core/gcc.c
View File

@ -740,12 +740,7 @@ BOOL gcc_read_server_data_blocks(wStream* s, rdpMcs* mcs, UINT16 length)
case SC_SECURITY: case SC_SECURITY:
if (!gcc_read_server_security_data(sub, mcs)) if (!gcc_read_server_security_data(sub, mcs))
{
WLog_ERR(TAG,
"gcc_read_server_data_blocks: gcc_read_server_security_data failed");
return FALSE; return FALSE;
}
break; break;
case SC_NET: case SC_NET:
@ -1457,7 +1452,7 @@ BOOL gcc_read_client_security_data(wStream* s, rdpMcs* mcs, UINT16 blockLength)
{ {
Stream_Read_UINT32(s, settings->EncryptionMethods); /* encryptionMethods */ Stream_Read_UINT32(s, settings->EncryptionMethods); /* encryptionMethods */
if (settings->EncryptionMethods == 0) if (settings->EncryptionMethods == ENCRYPTION_METHOD_NONE)
Stream_Read_UINT32(s, settings->EncryptionMethods); /* extEncryptionMethods */ Stream_Read_UINT32(s, settings->EncryptionMethods); /* extEncryptionMethods */
else else
Stream_Seek(s, 4); Stream_Seek(s, 4);
@ -1505,10 +1500,11 @@ BOOL gcc_write_client_security_data(wStream* s, const rdpMcs* mcs)
BOOL gcc_read_server_security_data(wStream* s, rdpMcs* mcs) BOOL gcc_read_server_security_data(wStream* s, rdpMcs* mcs)
{ {
const BYTE* data; const BYTE* data = NULL;
UINT32 length; UINT32 length = 0;
BOOL validCryptoConfig = FALSE; BOOL validCryptoConfig = FALSE;
UINT32 serverEncryptionMethod; UINT32 EncryptionMethod = 0;
UINT32 EncryptionLevel = 0;
rdpSettings* settings = mcs_get_settings(mcs); rdpSettings* settings = mcs_get_settings(mcs);
WINPR_ASSERT(s); WINPR_ASSERT(s);
@ -1517,11 +1513,11 @@ BOOL gcc_read_server_security_data(wStream* s, rdpMcs* mcs)
if (!Stream_CheckAndLogRequiredLength(TAG, s, 8)) if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
return FALSE; return FALSE;
Stream_Read_UINT32(s, serverEncryptionMethod); /* encryptionMethod */ Stream_Read_UINT32(s, EncryptionMethod); /* encryptionMethod */
Stream_Read_UINT32(s, settings->EncryptionLevel); /* encryptionLevel */ Stream_Read_UINT32(s, EncryptionLevel); /* encryptionLevel */
/* Only accept valid/known encryption methods */ /* Only accept valid/known encryption methods */
switch (serverEncryptionMethod) switch (EncryptionMethod)
{ {
case ENCRYPTION_METHOD_NONE: case ENCRYPTION_METHOD_NONE:
WLog_DBG(TAG, "Server rdp encryption method: NONE"); WLog_DBG(TAG, "Server rdp encryption method: NONE");
@ -1544,20 +1540,19 @@ BOOL gcc_read_server_security_data(wStream* s, rdpMcs* mcs)
break; break;
default: default:
WLog_ERR(TAG, "Received unknown encryption method %08" PRIX32 "", WLog_ERR(TAG, "Received unknown encryption method %08" PRIX32 "", EncryptionMethod);
serverEncryptionMethod);
return FALSE; return FALSE;
} }
if (settings->UseRdpSecurityLayer && !(settings->EncryptionMethods & serverEncryptionMethod)) if (settings->UseRdpSecurityLayer && !(settings->EncryptionMethods & EncryptionMethod))
{ {
WLog_WARN(TAG, "Server uses non-advertised encryption method 0x%08" PRIX32 "", WLog_WARN(TAG, "Server uses non-advertised encryption method 0x%08" PRIX32 "",
serverEncryptionMethod); EncryptionMethod);
/* FIXME: Should we return FALSE; in this case ?? */ /* FIXME: Should we return FALSE; in this case ?? */
} }
settings->EncryptionMethods = serverEncryptionMethod; settings->EncryptionMethods = EncryptionMethod;
settings->EncryptionLevel = EncryptionLevel;
/* Verify encryption level/method combinations according to MS-RDPBCGR Section 5.3.2 */ /* Verify encryption level/method combinations according to MS-RDPBCGR Section 5.3.2 */
switch (settings->EncryptionLevel) switch (settings->EncryptionLevel)
{ {

8
libfreerdp/core/rdp.c
View File

@ -1298,10 +1298,10 @@ BOOL rdp_read_flow_control_pdu(wStream* s, UINT16* type, UINT16* channel_id)
BOOL rdp_decrypt(rdpRdp* rdp, wStream* s, UINT16* pLength, UINT16 securityFlags) BOOL rdp_decrypt(rdpRdp* rdp, wStream* s, UINT16* pLength, UINT16 securityFlags)
{ {
BYTE cmac[8]; BYTE cmac[8] = { 0 };
BYTE wmac[8]; BYTE wmac[8] = { 0 };
BOOL status; BOOL status = FALSE;
INT32 length; INT32 length = 0;
WINPR_ASSERT(rdp); WINPR_ASSERT(rdp);
WINPR_ASSERT(rdp->settings); WINPR_ASSERT(rdp->settings);

14
libfreerdp/core/security.c
View File

@ -327,9 +327,9 @@ BOOL security_mac_signature(rdpRdp* rdp, const BYTE* data, UINT32 length, BYTE*
{ {
WINPR_DIGEST_CTX* sha1 = NULL; WINPR_DIGEST_CTX* sha1 = NULL;
WINPR_DIGEST_CTX* md5 = NULL; WINPR_DIGEST_CTX* md5 = NULL;
BYTE length_le[4]; BYTE length_le[4] = { 0 };
BYTE md5_digest[WINPR_MD5_DIGEST_LENGTH]; BYTE md5_digest[WINPR_MD5_DIGEST_LENGTH] = { 0 };
BYTE sha1_digest[WINPR_SHA1_DIGEST_LENGTH]; BYTE sha1_digest[WINPR_SHA1_DIGEST_LENGTH] = { 0 };
BOOL result = FALSE; BOOL result = FALSE;
WINPR_ASSERT(rdp); WINPR_ASSERT(rdp);
@ -394,10 +394,10 @@ BOOL security_salted_mac_signature(rdpRdp* rdp, const BYTE* data, UINT32 length,
{ {
WINPR_DIGEST_CTX* sha1 = NULL; WINPR_DIGEST_CTX* sha1 = NULL;
WINPR_DIGEST_CTX* md5 = NULL; WINPR_DIGEST_CTX* md5 = NULL;
BYTE length_le[4]; BYTE length_le[4] = { 0 };
BYTE use_count_le[4]; BYTE use_count_le[4] = { 0 };
BYTE md5_digest[WINPR_MD5_DIGEST_LENGTH]; BYTE md5_digest[WINPR_MD5_DIGEST_LENGTH] = { 0 };
BYTE sha1_digest[WINPR_SHA1_DIGEST_LENGTH]; BYTE sha1_digest[WINPR_SHA1_DIGEST_LENGTH] = { 0 };
BOOL result = FALSE; BOOL result = FALSE;
WINPR_ASSERT(rdp); WINPR_ASSERT(rdp);