diff --git a/channels/printer/client/win/printer_win.c b/channels/printer/client/win/printer_win.c index c92b60249..213a6aec5 100644 --- a/channels/printer/client/win/printer_win.c +++ b/channels/printer/client/win/printer_win.c @@ -104,18 +104,20 @@ static WCHAR* printer_win_get_printjob_name(size_t id) */ static UINT printer_win_write_printjob(rdpPrintJob* printjob, const BYTE* data, size_t size) { - rdpWinPrinter* printer; LPCVOID pBuf = data; - DWORD cbBuf = size; - DWORD pcWritten; + DWORD pcWritten = 0; + + if (size > UINT32_MAX) + return ERROR_BAD_ARGUMENTS; if (!printjob || !data) return ERROR_BAD_ARGUMENTS; - printer = (rdpWinPrinter*)printjob->printer; + rdpWinPrinter* printer = (rdpWinPrinter*)printjob->printer; if (!printer) return ERROR_BAD_ARGUMENTS; + DWORD cbBuf = WINPR_ASSERTING_INT_CAST(uint32_t, size); if (!WritePrinter(printer->hPrinter, pBuf, cbBuf, &pcWritten)) return ERROR_INTERNAL_ERROR; return CHANNEL_RC_OK; diff --git a/channels/rdpdr/client/rdpdr_main.c b/channels/rdpdr/client/rdpdr_main.c index 67feb00db..ebe5ad233 100644 --- a/channels/rdpdr/client/rdpdr_main.c +++ b/channels/rdpdr/client/rdpdr_main.c @@ -361,7 +361,6 @@ static LRESULT CALLBACK hotplug_proc(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM { PDEV_BROADCAST_VOLUME lpdbv = (PDEV_BROADCAST_VOLUME)lpdb; DWORD unitmask = lpdbv->dbcv_unitmask; - int count; char drive_name_upper, drive_name_lower; ULONG_PTR* keys = NULL; DEVICE_DRIVE_EXT* device_ext; @@ -373,9 +372,10 @@ static LRESULT CALLBACK hotplug_proc(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM { drive_name_upper = 'A' + i; drive_name_lower = 'a' + i; - count = ListDictionary_GetKeys(rdpdr->devman->devices, &keys); + const size_t count = + ListDictionary_GetKeys(rdpdr->devman->devices, &keys); - for (int j = 0; j < count; j++) + for (size_t j = 0; j < count; j++) { device_ext = (DEVICE_DRIVE_EXT*)ListDictionary_GetItemValue( rdpdr->devman->devices, (void*)keys[j]); @@ -388,8 +388,9 @@ static LRESULT CALLBACK hotplug_proc(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM { if (device_ext->automount) { - devman_unregister_device(rdpdr->devman, (void*)keys[j]); - ids[0] = keys[j]; + ULONG_PTR key = keys[j]; + devman_unregister_device(rdpdr->devman, (void*)key); + ids[0] = WINPR_ASSERTING_INT_CAST(uint32_t, key); if ((error = rdpdr_send_device_list_remove_request( rdpdr, 1, ids))) diff --git a/channels/urbdrc/client/data_transfer.c b/channels/urbdrc/client/data_transfer.c index 19dabb693..768c5446b 100644 --- a/channels/urbdrc/client/data_transfer.c +++ b/channels/urbdrc/client/data_transfer.c @@ -29,6 +29,7 @@ #include "urbdrc_types.h" #include "data_transfer.h" +#include "msusb.h" static void usb_process_get_port_status(IUDEVICE* pdev, wStream* out) { diff --git a/channels/urbdrc/client/libusb/libusb_udevice.c b/channels/urbdrc/client/libusb/libusb_udevice.c index cf358cfec..8cdfe9ee8 100644 --- a/channels/urbdrc/client/libusb/libusb_udevice.c +++ b/channels/urbdrc/client/libusb/libusb_udevice.c @@ -31,6 +31,7 @@ #include #include "libusb_udevice.h" +#include "msusb.h" #include "../common/urbdrc_types.h" #define BASIC_STATE_FUNC_DEFINED(_arg, _type) \ diff --git a/channels/urbdrc/client/libusb/libusb_udevice.h b/channels/urbdrc/client/libusb/libusb_udevice.h index ac12abf43..3a1fbdb78 100644 --- a/channels/urbdrc/client/libusb/libusb_udevice.h +++ b/channels/urbdrc/client/libusb/libusb_udevice.h @@ -26,6 +26,7 @@ #include "urbdrc_types.h" #include "urbdrc_main.h" +#include "msusb.h" typedef struct libusb_device LIBUSB_DEVICE; typedef struct libusb_device_handle LIBUSB_DEVICE_HANDLE; diff --git a/client/Windows/wf_client.c b/client/Windows/wf_client.c index df969a80a..e97f4a015 100644 --- a/client/Windows/wf_client.c +++ b/client/Windows/wf_client.c @@ -283,7 +283,11 @@ static BOOL wf_pre_connect(freerdp* instance) } if (keyboardLayoutId == 0) - keyboardLayoutId = ((DWORD)GetKeyboardLayout(0) >> 16) & 0x0000FFFF; + { + const HKL layout = GetKeyboardLayout(0); + const uint32_t masked = (uint32_t)(((uintptr_t)layout >> 16) & 0xFFFF); + keyboardLayoutId = masked; + } } if (keyboardLayoutId == 0) diff --git a/client/Windows/wf_cliprdr.c b/client/Windows/wf_cliprdr.c index beddce8f9..9335772a0 100644 --- a/client/Windows/wf_cliprdr.c +++ b/client/Windows/wf_cliprdr.c @@ -2096,9 +2096,10 @@ static SSIZE_T wf_cliprdr_get_filedescriptor(wfClipboard* clipboard, BYTE** pDat for (char* p = (char*)((char*)dropFiles + dropFiles->pFiles); (len = strlen(p)) > 0; p += len + 1, clipboard->nFiles++) { - const int cchWideChar = MultiByteToWideChar(CP_ACP, MB_COMPOSITE, p, len, NULL, 0); + const int ilen = WINPR_ASSERTING_INT_CAST(int, len); + const int cchWideChar = MultiByteToWideChar(CP_ACP, MB_COMPOSITE, p, ilen, NULL, 0); WCHAR* wFileName = (LPWSTR)calloc(cchWideChar, sizeof(WCHAR)); - MultiByteToWideChar(CP_ACP, MB_COMPOSITE, p, len, wFileName, cchWideChar); + MultiByteToWideChar(CP_ACP, MB_COMPOSITE, p, ilen, wFileName, cchWideChar); wf_cliprdr_process_filename(clipboard, wFileName, cchWideChar); free(wFileName); } @@ -2139,8 +2140,6 @@ static UINT wf_cliprdr_server_format_data_request(CliprdrClientContext* context, const CLIPRDR_FORMAT_DATA_REQUEST* formatDataRequest) { - CLIPRDR_FORMAT_DATA_RESPONSE response = { 0 }; - if (!context || !formatDataRequest) return ERROR_INTERNAL_ERROR; @@ -2150,25 +2149,28 @@ wf_cliprdr_server_format_data_request(CliprdrClientContext* context, return ERROR_INTERNAL_ERROR; const UINT32 requestedFormatId = formatDataRequest->requestedFormatId; - + BYTE* requestedFormatData = NULL; + SSIZE_T res = 0; if (requestedFormatId == RegisterClipboardFormat(CFSTR_FILEDESCRIPTORW)) { - const SSIZE_T res = wf_cliprdr_get_filedescriptor(clipboard, &response.requestedFormatData); - if (res > 0) - response.common.dataLen = (UINT32)res; + res = wf_cliprdr_get_filedescriptor(clipboard, &requestedFormatData); } else { - const SSIZE_T res = - wf_cliprdr_tryopen(clipboard, requestedFormatId, &response.requestedFormatData); - if (res > 0) - response.common.dataLen = (UINT32)res; + res = wf_cliprdr_tryopen(clipboard, requestedFormatId, &requestedFormatData); } - response.common.msgFlags = CB_RESPONSE_OK; + UINT rc = ERROR_INTERNAL_ERROR; + if (res >= 0) + { + CLIPRDR_FORMAT_DATA_RESPONSE response = { .common = { .msgType = CB_FORMAT_DATA_RESPONSE, + .msgFlags = CB_RESPONSE_OK, + .dataLen = (uint32_t)res }, + .requestedFormatData = requestedFormatData }; - const UINT rc = clipboard->context->ClientFormatDataResponse(clipboard->context, &response); - free(response.requestedFormatData); + rc = clipboard->context->ClientFormatDataResponse(clipboard->context, &response); + } + free(requestedFormatData); return rc; } diff --git a/client/Windows/wf_floatbar.c b/client/Windows/wf_floatbar.c index f91047ce2..a9d9a67aa 100644 --- a/client/Windows/wf_floatbar.c +++ b/client/Windows/wf_floatbar.c @@ -379,7 +379,9 @@ static BOOL floatbar_paint(wfFloatBar* const floatbar, const HDC hdc) LineTo(hdc, right + 1, top - 1); DeleteObject(hpen); SelectObject(hdc, orig); - DrawText(hdc, floatbar->wfc->window_title, wcslen(floatbar->wfc->window_title), + + const size_t wlen = wcslen(floatbar->wfc->window_title); + DrawText(hdc, floatbar->wfc->window_title, WINPR_ASSERTING_INT_CAST(int, wlen), &floatbar->textRect, DT_CENTER | DT_VCENTER | DT_END_ELLIPSIS | DT_NOPREFIX | DT_SINGLELINE); diff --git a/libfreerdp/core/gateway/rpc_client.c b/libfreerdp/core/gateway/rpc_client.c index f30454019..784301c36 100644 --- a/libfreerdp/core/gateway/rpc_client.c +++ b/libfreerdp/core/gateway/rpc_client.c @@ -1008,8 +1008,9 @@ int rpc_in_channel_send_pdu(RpcInChannel* inChannel, const BYTE* buffer, size_t if (header.ptype == PTYPE_REQUEST) { - inChannel->BytesSent += status; - inChannel->SenderAvailableWindow -= status; + const uint32_t ustatus = WINPR_ASSERTING_INT_CAST(uint32_t, status); + inChannel->BytesSent += ustatus; + inChannel->SenderAvailableWindow -= ustatus; } if (status > INT32_MAX) diff --git a/libfreerdp/core/server.c b/libfreerdp/core/server.c index 4a9e12e99..71abd4cc2 100644 --- a/libfreerdp/core/server.c +++ b/libfreerdp/core/server.c @@ -1638,7 +1638,7 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelRead(HANDLE hChannelHandle, WINPR_ATTR_UNUS return TRUE; } -BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer, ULONG Length, +BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer, ULONG uLength, PULONG pBytesWritten) { wStream* s = NULL; @@ -1646,7 +1646,7 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer, int cbChId = 0; int first = 0; BYTE* buffer = NULL; - UINT32 totalWritten = 0; + size_t totalWritten = 0; rdpPeerChannel* channel = (rdpPeerChannel*)hChannelHandle; BOOL ret = FALSE; @@ -1657,8 +1657,7 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer, WINPR_ASSERT(channel->vcm); if (channel->channelType == RDP_PEER_CHANNEL_TYPE_SVC) { - const ULONG length = Length; - buffer = (BYTE*)malloc(length); + buffer = (BYTE*)malloc(uLength); if (!buffer) { @@ -1666,9 +1665,9 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer, goto fail; } - CopyMemory(buffer, Buffer, length); - totalWritten = Length; - if (!wts_queue_send_item(channel, buffer, length)) + CopyMemory(buffer, Buffer, uLength); + totalWritten = uLength; + if (!wts_queue_send_item(channel, buffer, uLength)) goto fail; } else if (!channel->vcm->drdynvc_channel || (channel->vcm->drdynvc_state != DRDYNVC_STATE_READY)) @@ -1680,6 +1679,7 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer, { first = TRUE; + size_t Length = uLength; while (Length > 0) { s = Stream_New(NULL, DVC_MAX_DATA_PDU_SIZE); @@ -1697,7 +1697,7 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer, if (first && (Length > Stream_GetRemainingLength(s))) { - cbLen = wts_write_variable_uint(s, Length); + cbLen = wts_write_variable_uint(s, WINPR_ASSERTING_INT_CAST(uint32_t, Length)); buffer[0] = ((DATA_FIRST_PDU << 4) | (cbLen << 2) | cbChId) & 0xFF; } else @@ -1725,7 +1725,7 @@ BOOL WINAPI FreeRDP_WTSVirtualChannelWrite(HANDLE hChannelHandle, PCHAR Buffer, } if (pBytesWritten) - *pBytesWritten = totalWritten; + *pBytesWritten = WINPR_ASSERTING_INT_CAST(uint32_t, totalWritten); ret = TRUE; fail: diff --git a/libfreerdp/core/transport.c b/libfreerdp/core/transport.c index e0407b8f8..0773c41dc 100644 --- a/libfreerdp/core/transport.c +++ b/libfreerdp/core/transport.c @@ -1225,11 +1225,24 @@ static int transport_default_write(rdpTransport* transport, wStream* s) } } - length -= (size_t)status; - Stream_Seek(s, (size_t)status); + const size_t ustatus = (size_t)status; + if (ustatus > length) + { + status = -1; + goto out_cleanup; + } + + length -= ustatus; + Stream_Seek(s, ustatus); } - transport->written += writtenlength; + if (writtenlength + transport->written > UINT32_MAX) + { + status = -1; + goto out_cleanup; + } + + transport->written += WINPR_ASSERTING_INT_CAST(uint32_t, writtenlength); out_cleanup: if (status < 0) diff --git a/libfreerdp/core/update.c b/libfreerdp/core/update.c index 1c6c2042d..847626430 100644 --- a/libfreerdp/core/update.c +++ b/libfreerdp/core/update.c @@ -2494,7 +2494,7 @@ static BOOL update_send_set_keyboard_ime_status(rdpContext* context, UINT16 imeI static UINT16 update_calculate_new_or_existing_window(const WINDOW_ORDER_INFO* orderInfo, const WINDOW_STATE_ORDER* stateOrder) { - UINT16 orderSize = 11; + size_t orderSize = 11; WINPR_ASSERT(orderInfo); WINPR_ASSERT(stateOrder); @@ -2539,13 +2539,20 @@ static UINT16 update_calculate_new_or_existing_window(const WINDOW_ORDER_INFO* o orderSize += 8; if ((orderInfo->fieldFlags & WINDOW_ORDER_FIELD_WND_RECTS) != 0) - orderSize += 2 + stateOrder->numWindowRects * sizeof(RECTANGLE_16); + { + const size_t len = 2ULL + stateOrder->numWindowRects * sizeof(RECTANGLE_16); + orderSize += len; + } if ((orderInfo->fieldFlags & WINDOW_ORDER_FIELD_VIS_OFFSET) != 0) orderSize += 8; if ((orderInfo->fieldFlags & WINDOW_ORDER_FIELD_VISIBILITY) != 0) - orderSize += 2 + stateOrder->numVisibilityRects * sizeof(RECTANGLE_16); + { + + const size_t len = 2ULL + stateOrder->numVisibilityRects * sizeof(RECTANGLE_16); + orderSize += len; + } if ((orderInfo->fieldFlags & WINDOW_ORDER_FIELD_OVERLAY_DESCRIPTION) != 0) orderSize += 2 + stateOrder->OverlayDescription.length; @@ -2562,7 +2569,7 @@ static UINT16 update_calculate_new_or_existing_window(const WINDOW_ORDER_INFO* o if ((orderInfo->fieldFlags & WINDOW_ORDER_FIELD_APPBAR_EDGE) != 0) orderSize += 1; - return orderSize; + return WINPR_ASSERTING_INT_CAST(uint16_t, orderSize); } static BOOL update_write_order_field_flags(UINT32 fieldFlags, const WINDOW_STATE_ORDER* stateOrder, diff --git a/libfreerdp/crypto/crypto.c b/libfreerdp/crypto/crypto.c index 3cf94cefb..819a4aebc 100644 --- a/libfreerdp/crypto/crypto.c +++ b/libfreerdp/crypto/crypto.c @@ -202,7 +202,7 @@ char* crypto_read_pem(const char* WINPR_RESTRICT filename, size_t* WINPR_RESTRIC const int rs = _fseeki64(fp, 0, SEEK_END); if (rs < 0) goto fail; - const SSIZE_T size = _ftelli64(fp); + const int64_t size = _ftelli64(fp); if (size < 0) goto fail; const int rc = _fseeki64(fp, 0, SEEK_SET); diff --git a/libfreerdp/locale/keyboard.c b/libfreerdp/locale/keyboard.c index 29c5ec920..e1964c41d 100644 --- a/libfreerdp/locale/keyboard.c +++ b/libfreerdp/locale/keyboard.c @@ -246,7 +246,11 @@ static int freerdp_detect_keyboard(DWORD* keyboardLayoutId) } if (*keyboardLayoutId == 0) - *keyboardLayoutId = ((DWORD)GetKeyboardLayout(0) >> 16) & 0x0000FFFF; + { + const HKL layout = GetKeyboardLayout(0); + const uint32_t masked = (uint32_t)(((uintptr_t)layout >> 16) & 0xFFFF); + *keyboardLayoutId = masked; + } #endif #if defined(__MACOSX__) diff --git a/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c b/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c index 300da8abc..ea730f913 100644 --- a/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c +++ b/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c @@ -183,10 +183,10 @@ void ntlm_print_av_pair_list(NTLM_AV_PAIR* pAvPairList, size_t cbAvPairList) } #endif -static ULONG ntlm_av_pair_list_size(ULONG AvPairsCount, ULONG AvPairsValueLength) +static size_t ntlm_av_pair_list_size(size_t AvPairsCount, size_t AvPairsValueLength) { /* size of headers + value lengths + terminating MsvAvEOL AV_PAIR */ - return ((AvPairsCount + 1) * 4) + AvPairsValueLength; + return ((AvPairsCount + 1) * 4ULL) + AvPairsValueLength; } PBYTE ntlm_av_pair_get_value_pointer(NTLM_AV_PAIR* pAvPair) @@ -478,7 +478,6 @@ static void ntlm_compute_single_host_data(NTLM_CONTEXT* context) BOOL ntlm_construct_challenge_target_info(NTLM_CONTEXT* context) { BOOL rc = FALSE; - ULONG length = 0; ULONG AvPairsCount = 0; ULONG AvPairsLength = 0; NTLM_AV_PAIR* pAvPairList = NULL; @@ -511,9 +510,10 @@ BOOL ntlm_construct_challenge_target_info(NTLM_CONTEXT* context) AvPairsCount = 5; AvPairsLength = NbDomainName.Length + NbComputerName.Length + DnsDomainName.Length + DnsComputerName.Length + 8; - length = ntlm_av_pair_list_size(AvPairsCount, AvPairsLength); + const size_t length = ntlm_av_pair_list_size(AvPairsCount, AvPairsLength); - if (!sspi_SecBufferAlloc(&context->ChallengeTargetInfo, length)) + if (!sspi_SecBufferAlloc(&context->ChallengeTargetInfo, + WINPR_ASSERTING_INT_CAST(uint32_t, length))) goto fail; pAvPairList = (NTLM_AV_PAIR*)context->ChallengeTargetInfo.pvBuffer; @@ -553,7 +553,6 @@ fail: BOOL ntlm_construct_authenticate_target_info(NTLM_CONTEXT* context) { - ULONG size = 0; ULONG AvPairsCount = 0; ULONG AvPairsValueLength = 0; NTLM_AV_PAIR* AvTimestamp = NULL; @@ -675,12 +674,13 @@ BOOL ntlm_construct_authenticate_target_info(NTLM_CONTEXT* context) } } - size = ntlm_av_pair_list_size(AvPairsCount, AvPairsValueLength); + size_t size = ntlm_av_pair_list_size(AvPairsCount, AvPairsValueLength); if (context->NTLMv2) size += 8; /* unknown 8-byte padding */ - if (!sspi_SecBufferAlloc(&context->AuthenticateTargetInfo, size)) + if (!sspi_SecBufferAlloc(&context->AuthenticateTargetInfo, + WINPR_ASSERTING_INT_CAST(uint32_t, size))) goto fail; AuthenticateTargetInfo = (NTLM_AV_PAIR*)context->AuthenticateTargetInfo.pvBuffer; diff --git a/winpr/libwinpr/utils/windows/debug.c b/winpr/libwinpr/utils/windows/debug.c index 84e04c2cd..7790d0af2 100644 --- a/winpr/libwinpr/utils/windows/debug.c +++ b/winpr/libwinpr/utils/windows/debug.c @@ -130,7 +130,6 @@ char** winpr_win_backtrace_symbols(void* buffer, size_t* used) char* winpr_win_strerror(DWORD dw, char* dmsg, size_t size) { - DWORD rc; DWORD nSize = 0; DWORD dwFlags = 0; LPTSTR msg = NULL; @@ -143,12 +142,12 @@ char* winpr_win_strerror(DWORD dw, char* dmsg, size_t size) nSize = (DWORD)(size * sizeof(WCHAR)); msg = (LPTSTR)calloc(nSize, sizeof(WCHAR)); #endif - rc = FormatMessage(dwFlags, NULL, dw, 0, alloc ? (LPTSTR)&msg : msg, nSize, NULL); + const DWORD rc = FormatMessage(dwFlags, NULL, dw, 0, alloc ? (LPTSTR)&msg : msg, nSize, NULL); - if (rc) + if (rc > 0) { #if defined(UNICODE) - WideCharToMultiByte(CP_ACP, 0, msg, rc, dmsg, (int)MIN(size - 1, INT_MAX), NULL, NULL); + WideCharToMultiByte(CP_ACP, 0, msg, (int)rc, dmsg, (int)MIN(size - 1, INT_MAX), NULL, NULL); #else /* defined(UNICODE) */ memcpy(dmsg, msg, MIN(rc, size - 1)); #endif /* defined(UNICODE) */