mirror of
https://github.com/morgan9e/FreeRDP
synced 2026-04-15 00:44:19 +09:00
[winpr,stream] Check Stream_SetLength return
This commit is contained in:
Armin Novak
@@ -268,7 +268,11 @@ BOOL freerdp_connect(freerdp* instance)
|
||||
record.data = Stream_Buffer(s);
|
||||
if (!pcap_get_next_record_content(update->pcap_rfx, &record))
|
||||
break;
|
||||
Stream_SetLength(s, record.length);
|
||||
if (!Stream_SetLength(s, record.length))
|
||||
{
|
||||
status = FALSE;
|
||||
continue;
|
||||
}
|
||||
Stream_ResetPosition(s);
|
||||
|
||||
if (!update_begin_paint(&update->common))
|
||||
|
||||
@@ -430,30 +430,26 @@ static wStream* rdg_receive_packet(rdpRdg* rdg)
|
||||
return nullptr;
|
||||
|
||||
if (!rdg_read_all(rdg->context, rdg->tlsOut, Stream_Buffer(s), header, &rdg->transferEncoding))
|
||||
{
|
||||
Stream_Free(s, TRUE);
|
||||
return nullptr;
|
||||
}
|
||||
goto fail;
|
||||
|
||||
Stream_Seek(s, 4);
|
||||
Stream_Read_UINT32(s, packetLength);
|
||||
|
||||
if ((packetLength > INT_MAX) || !Stream_EnsureCapacity(s, packetLength) ||
|
||||
(packetLength < header))
|
||||
{
|
||||
Stream_Free(s, TRUE);
|
||||
return nullptr;
|
||||
}
|
||||
goto fail;
|
||||
|
||||
if (!rdg_read_all(rdg->context, rdg->tlsOut, Stream_Buffer(s) + header, packetLength - header,
|
||||
&rdg->transferEncoding))
|
||||
{
|
||||
Stream_Free(s, TRUE);
|
||||
return nullptr;
|
||||
}
|
||||
goto fail;
|
||||
|
||||
Stream_SetLength(s, packetLength);
|
||||
if (!Stream_SetLength(s, packetLength))
|
||||
goto fail;
|
||||
return s;
|
||||
|
||||
fail:
|
||||
Stream_Free(s, TRUE);
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
static BOOL rdg_send_handshake(rdpRdg* rdg)
|
||||
|
||||
@@ -88,33 +88,15 @@ static const char* rpc_client_state_str(RPC_CLIENT_STATE state)
|
||||
return str;
|
||||
}
|
||||
|
||||
static void rpc_pdu_reset(RPC_PDU* pdu)
|
||||
WINPR_ATTR_NODISCARD
|
||||
static BOOL rpc_pdu_reset(RPC_PDU* pdu)
|
||||
{
|
||||
WINPR_ASSERT(pdu);
|
||||
pdu->Type = 0;
|
||||
pdu->Flags = 0;
|
||||
pdu->CallId = 0;
|
||||
Stream_ResetPosition(pdu->s);
|
||||
Stream_SetLength(pdu->s, 0);
|
||||
}
|
||||
|
||||
static RPC_PDU* rpc_pdu_new(void)
|
||||
{
|
||||
RPC_PDU* pdu = nullptr;
|
||||
pdu = (RPC_PDU*)malloc(sizeof(RPC_PDU));
|
||||
|
||||
if (!pdu)
|
||||
return nullptr;
|
||||
|
||||
pdu->s = Stream_New(nullptr, 4096);
|
||||
|
||||
if (!pdu->s)
|
||||
{
|
||||
free(pdu);
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
rpc_pdu_reset(pdu);
|
||||
return pdu;
|
||||
return Stream_SetLength(pdu->s, 0);
|
||||
}
|
||||
|
||||
static void rpc_pdu_free(RPC_PDU* pdu)
|
||||
@@ -126,6 +108,29 @@ static void rpc_pdu_free(RPC_PDU* pdu)
|
||||
free(pdu);
|
||||
}
|
||||
|
||||
WINPR_ATTR_MALLOC(rpc_pdu_free, 1)
|
||||
static RPC_PDU* rpc_pdu_new(void)
|
||||
{
|
||||
RPC_PDU* pdu = (RPC_PDU*)calloc(1, sizeof(RPC_PDU));
|
||||
|
||||
if (!pdu)
|
||||
return nullptr;
|
||||
|
||||
pdu->s = Stream_New(nullptr, 4096);
|
||||
|
||||
if (!pdu->s)
|
||||
goto fail;
|
||||
|
||||
if (!rpc_pdu_reset(pdu))
|
||||
goto fail;
|
||||
|
||||
return pdu;
|
||||
|
||||
fail:
|
||||
rpc_pdu_free(pdu);
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
static int rpc_client_receive_pipe_write(RpcClient* client, const BYTE* buffer, size_t length)
|
||||
{
|
||||
int status = 0;
|
||||
@@ -477,7 +482,8 @@ static int rpc_client_recv_fragment(rdpRpc* rpc, wStream* fragment)
|
||||
|
||||
if (rpc_client_recv_pdu(rpc, pdu) < 0)
|
||||
goto fail;
|
||||
rpc_pdu_reset(pdu);
|
||||
if (!rpc_pdu_reset(pdu))
|
||||
goto fail;
|
||||
rpc->StubFragCount = 0;
|
||||
rpc->StubCallId = 0;
|
||||
}
|
||||
@@ -517,7 +523,8 @@ static int rpc_client_recv_fragment(rdpRpc* rpc, wStream* fragment)
|
||||
if (rpc_client_recv_pdu(rpc, pdu) < 0)
|
||||
goto fail;
|
||||
|
||||
rpc_pdu_reset(pdu);
|
||||
if (!rpc_pdu_reset(pdu))
|
||||
goto fail;
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -543,7 +550,8 @@ static int rpc_client_recv_fragment(rdpRpc* rpc, wStream* fragment)
|
||||
if (rpc_client_recv_pdu(rpc, pdu) < 0)
|
||||
goto fail;
|
||||
|
||||
rpc_pdu_reset(pdu);
|
||||
if (!rpc_pdu_reset(pdu))
|
||||
goto fail;
|
||||
goto success;
|
||||
}
|
||||
else if (header.common.ptype == PTYPE_FAULT)
|
||||
|
||||
@@ -1551,7 +1551,9 @@ BOOL rdp_decrypt(rdpRdp* rdp, wStream* s, UINT16* pLength, UINT16 securityFlags)
|
||||
if (!security_fips_check_signature(Stream_ConstPointer(s), (size_t)padLength, sig, 8, rdp))
|
||||
goto unlock;
|
||||
|
||||
Stream_SetLength(s, Stream_Length(s) - pad);
|
||||
if (!Stream_SetLength(s, Stream_Length(s) - pad))
|
||||
goto unlock;
|
||||
|
||||
*pLength = (UINT16)padLength;
|
||||
}
|
||||
else
|
||||
|
||||
@@ -48,7 +48,8 @@ static BOOL test_entry_read_write(void)
|
||||
if (winpr_RAND(Stream_Buffer(sw), Stream_Capacity(sw)) < 0)
|
||||
goto fail;
|
||||
entrysize += Stream_Capacity(sw);
|
||||
Stream_SetLength(sw, Stream_Capacity(sw));
|
||||
if (!Stream_SetLength(sw, Stream_Capacity(sw)))
|
||||
goto fail;
|
||||
|
||||
fp = fopen(name, "wb");
|
||||
if (!fp)
|
||||
|
||||
Reference in New Issue
Block a user