mirror of
https://github.com/morgan9e/FreeRDP
synced 2026-04-15 00:44:19 +09:00
[nodiscard] Fix all winpr_RAND usages
* Check return value and act on it. * Initialize arrays that were missed before.
This commit is contained in:
Armin Novak
@@ -172,8 +172,10 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
|
||||
pMemBlock->cbData = cbData;
|
||||
pMemBlock->dwFlags = dwFlags;
|
||||
|
||||
winpr_RAND(pMemBlock->salt, 8);
|
||||
winpr_RAND(randomKey, sizeof(randomKey));
|
||||
if (winpr_RAND(pMemBlock->salt, 8) < 0)
|
||||
return FALSE;
|
||||
if (winpr_RAND(randomKey, sizeof(randomKey)) < 0)
|
||||
return FALSE;
|
||||
|
||||
winpr_Cipher_BytesToKey(WINPR_CIPHER_AES_256_CBC, WINPR_MD_SHA1, pMemBlock->salt, randomKey,
|
||||
sizeof(randomKey), 4, pMemBlock->key, pMemBlock->iv);
|
||||
|
||||
@@ -11,7 +11,8 @@ int TestCryptoRand(int argc, char* argv[])
|
||||
WINPR_UNUSED(argc);
|
||||
WINPR_UNUSED(argv);
|
||||
|
||||
winpr_RAND(rnd, sizeof(rnd));
|
||||
if (winpr_RAND(rnd, sizeof(rnd)) < 0)
|
||||
return -1;
|
||||
|
||||
str = winpr_BinToHexString(rnd, sizeof(rnd), FALSE);
|
||||
// (void)fprintf(stderr, "Rand: %s\n", str);
|
||||
|
||||
@@ -37,7 +37,12 @@ static UINT32 prand(UINT32 max)
|
||||
UINT32 tmp = 0;
|
||||
if (max <= 1)
|
||||
return 1;
|
||||
winpr_RAND(&tmp, sizeof(tmp));
|
||||
if (winpr_RAND(&tmp, sizeof(tmp)) < 0)
|
||||
{
|
||||
(void)fprintf(stderr, "winpr_RAND failing, retry...\n");
|
||||
// NOLINTNEXTLINE(concurrency-mt-unsafe)
|
||||
exit(-1);
|
||||
}
|
||||
return tmp % (max - 1) + 1;
|
||||
}
|
||||
|
||||
|
||||
@@ -12,7 +12,11 @@ static UINT32 prand(UINT32 max)
|
||||
UINT32 tmp = 0;
|
||||
if (max <= 1)
|
||||
return 1;
|
||||
winpr_RAND(&tmp, sizeof(tmp));
|
||||
if (winpr_RAND(&tmp, sizeof(tmp)) < 0)
|
||||
{
|
||||
// NOLINTNEXTLINE(concurrency-mt-unsafe)
|
||||
exit(-1);
|
||||
}
|
||||
return tmp % (max - 1) + 1;
|
||||
}
|
||||
|
||||
|
||||
@@ -820,13 +820,15 @@ static UUID UUID_NIL = {
|
||||
|
||||
RPC_STATUS UuidCreate(UUID* Uuid)
|
||||
{
|
||||
winpr_RAND_pseudo(Uuid, 16);
|
||||
if (winpr_RAND_pseudo(Uuid, 16) < 0)
|
||||
return RPC_S_OUT_OF_MEMORY;
|
||||
return RPC_S_OK;
|
||||
}
|
||||
|
||||
RPC_STATUS UuidCreateSequential(UUID* Uuid)
|
||||
{
|
||||
winpr_RAND_pseudo(Uuid, 16);
|
||||
if (winpr_RAND_pseudo(Uuid, 16) < 0)
|
||||
return RPC_S_OUT_OF_MEMORY;
|
||||
return RPC_S_OK;
|
||||
}
|
||||
|
||||
|
||||
@@ -39,7 +39,8 @@ static char* create_temporary_file(void)
|
||||
char* hex = nullptr;
|
||||
char* path = nullptr;
|
||||
|
||||
winpr_RAND(buffer, sizeof(buffer));
|
||||
if (winpr_RAND(buffer, sizeof(buffer)) < 0)
|
||||
return nullptr;
|
||||
hex = winpr_BinToHexString(buffer, sizeof(buffer), FALSE);
|
||||
path = GetKnownSubPath(KNOWN_PATH_TEMP, hex);
|
||||
free(hex);
|
||||
|
||||
@@ -626,7 +626,7 @@ exit:
|
||||
* @param ciphertext cipher text
|
||||
*/
|
||||
|
||||
void ntlm_rc4k(BYTE* key, size_t length, BYTE* plaintext, BYTE* ciphertext)
|
||||
BOOL ntlm_rc4k(BYTE* key, size_t length, BYTE* plaintext, BYTE* ciphertext)
|
||||
{
|
||||
WINPR_RC4_CTX* rc4 = winpr_RC4_New(key, 16);
|
||||
|
||||
@@ -635,6 +635,7 @@ void ntlm_rc4k(BYTE* key, size_t length, BYTE* plaintext, BYTE* ciphertext)
|
||||
winpr_RC4_Update(rc4, length, plaintext, ciphertext);
|
||||
winpr_RC4_Free(rc4);
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -642,13 +643,15 @@ void ntlm_rc4k(BYTE* key, size_t length, BYTE* plaintext, BYTE* ciphertext)
|
||||
* @param context A pointer to the NTLM context
|
||||
*/
|
||||
|
||||
void ntlm_generate_client_challenge(NTLM_CONTEXT* context)
|
||||
BOOL ntlm_generate_client_challenge(NTLM_CONTEXT* context)
|
||||
{
|
||||
WINPR_ASSERT(context);
|
||||
|
||||
/* ClientChallenge is used in computation of LMv2 and NTLMv2 responses */
|
||||
if (memcmp(context->ClientChallenge, NTLM_NULL_BUFFER, sizeof(context->ClientChallenge)) == 0)
|
||||
winpr_RAND(context->ClientChallenge, sizeof(context->ClientChallenge));
|
||||
if (memcmp(context->ClientChallenge, NTLM_NULL_BUFFER, sizeof(context->ClientChallenge)) != 0)
|
||||
return TRUE;
|
||||
|
||||
return winpr_RAND(context->ClientChallenge, sizeof(context->ClientChallenge)) >= 0;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -656,12 +659,14 @@ void ntlm_generate_client_challenge(NTLM_CONTEXT* context)
|
||||
* @param context A pointer to the NTLM context
|
||||
*/
|
||||
|
||||
void ntlm_generate_server_challenge(NTLM_CONTEXT* context)
|
||||
BOOL ntlm_generate_server_challenge(NTLM_CONTEXT* context)
|
||||
{
|
||||
WINPR_ASSERT(context);
|
||||
|
||||
if (memcmp(context->ServerChallenge, NTLM_NULL_BUFFER, sizeof(context->ServerChallenge)) == 0)
|
||||
winpr_RAND(context->ServerChallenge, sizeof(context->ServerChallenge));
|
||||
if (memcmp(context->ServerChallenge, NTLM_NULL_BUFFER, sizeof(context->ServerChallenge)) != 0)
|
||||
return TRUE;
|
||||
|
||||
return winpr_RAND(context->ServerChallenge, sizeof(context->ServerChallenge)) >= 0;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -669,13 +674,14 @@ void ntlm_generate_server_challenge(NTLM_CONTEXT* context)
|
||||
* @param context A pointer to the NTLM context
|
||||
*/
|
||||
|
||||
void ntlm_generate_key_exchange_key(NTLM_CONTEXT* context)
|
||||
BOOL ntlm_generate_key_exchange_key(NTLM_CONTEXT* context)
|
||||
{
|
||||
WINPR_ASSERT(context);
|
||||
WINPR_ASSERT(sizeof(context->KeyExchangeKey) == sizeof(context->SessionBaseKey));
|
||||
|
||||
/* In NTLMv2, KeyExchangeKey is the 128-bit SessionBaseKey */
|
||||
CopyMemory(context->KeyExchangeKey, context->SessionBaseKey, sizeof(context->KeyExchangeKey));
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -683,10 +689,10 @@ void ntlm_generate_key_exchange_key(NTLM_CONTEXT* context)
|
||||
* @param context A pointer to the NTLM context
|
||||
*/
|
||||
|
||||
void ntlm_generate_random_session_key(NTLM_CONTEXT* context)
|
||||
BOOL ntlm_generate_random_session_key(NTLM_CONTEXT* context)
|
||||
{
|
||||
WINPR_ASSERT(context);
|
||||
winpr_RAND(context->RandomSessionKey, sizeof(context->RandomSessionKey));
|
||||
return winpr_RAND(context->RandomSessionKey, sizeof(context->RandomSessionKey)) >= 0;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -694,12 +700,13 @@ void ntlm_generate_random_session_key(NTLM_CONTEXT* context)
|
||||
* @param context A pointer to the NTLM context
|
||||
*/
|
||||
|
||||
void ntlm_generate_exported_session_key(NTLM_CONTEXT* context)
|
||||
BOOL ntlm_generate_exported_session_key(NTLM_CONTEXT* context)
|
||||
{
|
||||
WINPR_ASSERT(context);
|
||||
|
||||
CopyMemory(context->ExportedSessionKey, context->RandomSessionKey,
|
||||
sizeof(context->ExportedSessionKey));
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -707,13 +714,13 @@ void ntlm_generate_exported_session_key(NTLM_CONTEXT* context)
|
||||
* @param context A pointer to the NTLM context
|
||||
*/
|
||||
|
||||
void ntlm_encrypt_random_session_key(NTLM_CONTEXT* context)
|
||||
BOOL ntlm_encrypt_random_session_key(NTLM_CONTEXT* context)
|
||||
{
|
||||
/* In NTLMv2, EncryptedRandomSessionKey is the ExportedSessionKey RC4-encrypted with the
|
||||
* KeyExchangeKey */
|
||||
WINPR_ASSERT(context);
|
||||
ntlm_rc4k(context->KeyExchangeKey, 16, context->RandomSessionKey,
|
||||
context->EncryptedRandomSessionKey);
|
||||
return ntlm_rc4k(context->KeyExchangeKey, 16, context->RandomSessionKey,
|
||||
context->EncryptedRandomSessionKey);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -721,7 +728,7 @@ void ntlm_encrypt_random_session_key(NTLM_CONTEXT* context)
|
||||
* @param context A pointer to the NTLM context
|
||||
*/
|
||||
|
||||
void ntlm_decrypt_random_session_key(NTLM_CONTEXT* context)
|
||||
BOOL ntlm_decrypt_random_session_key(NTLM_CONTEXT* context)
|
||||
{
|
||||
WINPR_ASSERT(context);
|
||||
|
||||
@@ -746,6 +753,7 @@ void ntlm_decrypt_random_session_key(NTLM_CONTEXT* context)
|
||||
CopyMemory(context->RandomSessionKey, context->KeyExchangeKey,
|
||||
sizeof(context->RandomSessionKey));
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -789,10 +789,14 @@ SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buf
|
||||
}
|
||||
}
|
||||
|
||||
ntlm_generate_key_exchange_key(context); /* KeyExchangeKey */
|
||||
ntlm_generate_random_session_key(context); /* RandomSessionKey */
|
||||
ntlm_generate_exported_session_key(context); /* ExportedSessionKey */
|
||||
ntlm_encrypt_random_session_key(context); /* EncryptedRandomSessionKey */
|
||||
if (!ntlm_generate_key_exchange_key(context)) /* KeyExchangeKey */
|
||||
goto fail;
|
||||
if (!ntlm_generate_random_session_key(context)) /* RandomSessionKey */
|
||||
goto fail;
|
||||
if (!ntlm_generate_exported_session_key(context)) /* ExportedSessionKey */
|
||||
goto fail;
|
||||
if (!ntlm_encrypt_random_session_key(context)) /* EncryptedRandomSessionKey */
|
||||
goto fail;
|
||||
|
||||
/* Generate signing keys */
|
||||
status = SEC_E_ENCRYPT_FAILURE;
|
||||
|
||||
@@ -28,7 +28,11 @@ static UINT32 prand(UINT32 max)
|
||||
UINT32 tmp = 0;
|
||||
if (max <= 1)
|
||||
return 1;
|
||||
winpr_RAND(&tmp, sizeof(tmp));
|
||||
if (winpr_RAND(&tmp, sizeof(tmp)) < 0)
|
||||
{
|
||||
// NOLINTNEXTLINE(concurrency-mt-unsafe)
|
||||
exit(-1);
|
||||
}
|
||||
return tmp % (max - 1) + 1;
|
||||
}
|
||||
|
||||
|
||||
@@ -46,7 +46,8 @@ static UINT32 prand(UINT32 max)
|
||||
UINT32 tmp = 0;
|
||||
if (max <= 1)
|
||||
return 1;
|
||||
winpr_RAND(&tmp, sizeof(tmp));
|
||||
if (winpr_RAND(&tmp, sizeof(tmp)) < 0)
|
||||
return 0;
|
||||
return tmp % (max - 1) + 1;
|
||||
}
|
||||
|
||||
|
||||
@@ -21,7 +21,8 @@ static UINT32 prand(UINT32 max)
|
||||
UINT32 tmp = 0;
|
||||
if (max <= 1)
|
||||
return 1;
|
||||
winpr_RAND(&tmp, sizeof(tmp));
|
||||
if (winpr_RAND(&tmp, sizeof(tmp)) < 0)
|
||||
return 0;
|
||||
return tmp % (max - 1) + 1;
|
||||
}
|
||||
|
||||
|
||||
@@ -850,7 +850,8 @@ int TestStream(int argc, char* argv[])
|
||||
for (size_t x = 0; x < 10; x++)
|
||||
{
|
||||
UINT64 val = 0;
|
||||
winpr_RAND(&val, sizeof(val));
|
||||
if (winpr_RAND(&val, sizeof(val)) < 0)
|
||||
return -1;
|
||||
if (!TestStream_WriteAndRead(val))
|
||||
return 14;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user