From 37d0a9e2b77acbe2fe4cd4fce85df84c148a9735 Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Fri, 15 Apr 2022 09:48:07 +0200
Subject: [PATCH] Assert function pointers in proxy

---
 server/proxy/channels/pf_channel_drdynvc.c | 12 ++++++++++
 server/proxy/channels/pf_channel_rdpdr.c   |  6 +++++
 server/proxy/pf_channel.c                  | 27 +++++++++++++++++-----
 server/proxy/pf_client.c                   |  1 +
 server/proxy/pf_server.c                   |  3 ++-
 5 files changed, 42 insertions(+), 7 deletions(-)

diff --git a/server/proxy/channels/pf_channel_drdynvc.c b/server/proxy/channels/pf_channel_drdynvc.c
index ccc42a881..c2e914c82 100644
--- a/server/proxy/channels/pf_channel_drdynvc.c
+++ b/server/proxy/channels/pf_channel_drdynvc.c
@@ -54,6 +54,7 @@ typedef enum {
 
 static DynvcReadResult dynvc_read_varInt(wStream* s, size_t len, UINT64* varInt, BOOL last)
 {
+	WINPR_ASSERT(varInt);
 	switch (len)
 	{
 		case 0x00:
@@ -89,11 +90,20 @@ static PfChannelResult DynvcTrackerPeekFn(ChannelStateTracker* tracker, BOOL fir
 	UINT64 dynChannelId = 0;
 	UINT64 Length = 0;
 	pServerChannelContext* dynChannel = NULL;
+
+	WINPR_ASSERT(tracker);
+
 	DynChannelContext* dynChannelContext = (DynChannelContext*)tracker->trackerData;
+	WINPR_ASSERT(dynChannelContext);
+
 	BOOL isBackData = (tracker == dynChannelContext->backTracker.tracker);
 	DynChannelTrackerState* trackerState = isBackData ? &dynChannelContext->backTracker : &dynChannelContext->frontTracker;
+	WINPR_ASSERT(trackerState);
+
 	UINT32 flags = lastPacket ? CHANNEL_FLAG_LAST : 0;
 	proxyData* pdata = tracker->pdata;
+	WINPR_ASSERT(pdata);
+
 	const char* direction = isBackData ? "B->F" : "F->B";
 
 	s = Stream_StaticConstInit(&sbuffer, Stream_Buffer(tracker->currentPacket), Stream_GetPosition(tracker->currentPacket));
@@ -393,6 +403,7 @@ static PfChannelResult pf_dynvc_back_data(proxyData* pdata, const pServerChannel
             const BYTE* xdata, size_t xsize, UINT32 flags,
             size_t totalSize)
 {
+	WINPR_ASSERT(channel);
 	DynChannelContext* dyn = (DynChannelContext*)channel->context;
 	WINPR_UNUSED(pdata);
 	WINPR_ASSERT(dyn);
@@ -403,6 +414,7 @@ static PfChannelResult pf_dynvc_front_data(proxyData* pdata, const pServerChanne
             const BYTE* xdata, size_t xsize, UINT32 flags,
             size_t totalSize)
 {
+	WINPR_ASSERT(channel);
 	DynChannelContext* dyn = (DynChannelContext*)channel->context;
 	WINPR_UNUSED(pdata);
 	WINPR_ASSERT(dyn);
diff --git a/server/proxy/channels/pf_channel_rdpdr.c b/server/proxy/channels/pf_channel_rdpdr.c
index 34305b6c4..92aaf3871 100644
--- a/server/proxy/channels/pf_channel_rdpdr.c
+++ b/server/proxy/channels/pf_channel_rdpdr.c
@@ -1720,6 +1720,9 @@ static PfChannelResult pf_rdpdr_back_data(proxyData* pdata, const pServerChannel
             const BYTE* xdata, size_t xsize, UINT32 flags,
             size_t totalSize)
 {
+	WINPR_ASSERT(pdata);
+	WINPR_ASSERT(channel);
+
 	if (!pf_channel_rdpdr_client_handle(pdata->pc, channel->channel_id, channel->channel_name, xdata, xsize, flags, totalSize))
 	{
 		WLog_ERR(TAG, "error treating client back data");
@@ -1732,6 +1735,9 @@ static PfChannelResult pf_rdpdr_front_data(proxyData* pdata, const pServerChanne
             const BYTE* xdata, size_t xsize, UINT32 flags,
             size_t totalSize)
 {
+	WINPR_ASSERT(pdata);
+	WINPR_ASSERT(channel);
+
 	if (!pf_channel_rdpdr_server_handle(pdata->ps, channel->channel_id, channel->channel_name, xdata, xsize, flags, totalSize))
 	{
 		WLog_ERR(TAG, "error treating front data");
diff --git a/server/proxy/pf_channel.c b/server/proxy/pf_channel.c
index 85fbb36e7..68c4ee054 100644
--- a/server/proxy/pf_channel.c
+++ b/server/proxy/pf_channel.c
@@ -15,6 +15,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+#include <winpr/assert.h>
+
 #include <freerdp/freerdp.h>
 #include <freerdp/server/proxy/proxy_log.h>
 
@@ -25,17 +27,19 @@
 
 ChannelStateTracker* channelTracker_new(pServerChannelContext* channel, ChannelTrackerPeekFn fn, void* data)
 {
-	ChannelStateTracker* ret = calloc(1, sizeof(*ret));
+	ChannelStateTracker* ret = calloc(1, sizeof(ChannelStateTracker));
 	if (!ret)
 		return ret;
 
+	WINPR_ASSERT(fn);
+
 	ret->channel = channel;
 	ret->peekFn = fn;
 	ret->trackerData = data;
 	ret->currentPacket = Stream_New(NULL, 10 * 1024);
 	if (!ret->currentPacket)
 	{
-		free(ret);
+		channelTracker_free(ret);
 		return NULL;
 	}
 	return ret;
@@ -45,9 +49,10 @@ PfChannelResult channelTracker_update(ChannelStateTracker* tracker, const BYTE*
         size_t totalSize)
 {
 	PfChannelResult result;
-	BOOL firstPacket = !!(flags & CHANNEL_FLAG_FIRST);
-	BOOL lastPacket = !!(flags & CHANNEL_FLAG_LAST);
+	BOOL firstPacket = (flags & CHANNEL_FLAG_FIRST);
+	BOOL lastPacket = (flags & CHANNEL_FLAG_LAST);
 
+	WINPR_ASSERT(tracker);
 
 	WLog_VRB(TAG, "channelTracker_update(%s): sz=%d first=%d last=%d", tracker->channel->channel_name, xsize, firstPacket, lastPacket);
 	if (flags & CHANNEL_FLAG_FIRST)
@@ -88,6 +93,8 @@ PfChannelResult channelTracker_update(ChannelStateTracker* tracker, const BYTE*
 			return PF_CHANNEL_RESULT_ERROR;
 
 		Stream_Write(tracker->currentPacket, xdata, xsize);
+
+		WINPR_ASSERT(tracker->peekFn);
 		result = tracker->peekFn(tracker, firstPacket, lastPacket);
 		break;
 	case CHANNEL_TRACKER_PASS:
@@ -132,6 +139,8 @@ PfChannelResult channelTracker_flushCurrent(ChannelStateTracker* t, BOOL first,
 	BOOL r;
 	const char* direction = toBack ? "F->B" : "B->F";
 
+	WINPR_ASSERT(t);
+
 	WLog_VRB(TAG, "channelTracker_flushCurrent(%s): %s sz=%d first=%d last=%d", t->channel->channel_name,
 			direction, Stream_GetPosition(t->currentPacket), first, last);
 
@@ -173,7 +182,10 @@ static PfChannelResult pf_channel_generic_back_data(proxyData* pdata, const pSer
             const BYTE* xdata, size_t xsize, UINT32 flags,
             size_t totalSize)
 {
-	proxyChannelDataEventInfo ev;
+	proxyChannelDataEventInfo ev = { 0 };
+
+	WINPR_ASSERT(pdata);
+	WINPR_ASSERT(channel);
 
 	switch(channel->channelMode) {
 	case PF_UTILS_CHANNEL_PASSTHROUGH:
@@ -201,7 +213,10 @@ static PfChannelResult pf_channel_generic_front_data(proxyData* pdata, const pSe
             const BYTE* xdata, size_t xsize, UINT32 flags,
             size_t totalSize)
 {
-	proxyChannelDataEventInfo ev;
+	proxyChannelDataEventInfo ev = { 0 };
+
+	WINPR_ASSERT(pdata);
+	WINPR_ASSERT(channel);
 
 	switch(channel->channelMode) {
 	case PF_UTILS_CHANNEL_PASSTHROUGH:
diff --git a/server/proxy/pf_client.c b/server/proxy/pf_client.c
index 82a336980..30c58adc1 100644
--- a/server/proxy/pf_client.c
+++ b/server/proxy/pf_client.c
@@ -402,6 +402,7 @@ static BOOL pf_client_receive_channel_data_hook(freerdp* instance, UINT16 channe
 	if (!channel)
 		return TRUE;
 
+	WINPR_ASSERT(channel->onBackData);
 	switch (channel->onBackData(pdata, channel, xdata, xsize, flags, totalSize))
 	{
 	case PF_CHANNEL_RESULT_PASS:
diff --git a/server/proxy/pf_server.c b/server/proxy/pf_server.c
index bf0cce546..a5fd370bd 100644
--- a/server/proxy/pf_server.c
+++ b/server/proxy/pf_server.c
@@ -405,10 +405,11 @@ static BOOL pf_server_receive_channel_data_hook(freerdp_peer* peer, UINT16 chann
 		return TRUE;
 	}
 
+	WINPR_ASSERT(channel->onFrontData);
 	switch (channel->onFrontData(pdata, channel, data, size, flags, totalSize))
 	{
 	case PF_CHANNEL_RESULT_PASS: {
-		proxyChannelDataEventInfo ev;
+		proxyChannelDataEventInfo ev = { 0 };
 
 		ev.channel_id = channelId;
 		ev.channel_name = channel->channel_name;