morgan/FreeRDP
1
0
Fork 0
mirror of https://github.com/morgan9e/FreeRDP synced 2026-04-15 00:44:19 +09:00
Code Issues Packages Projects Releases Wiki Activity

[winpr,stream] Fix Stream_SetPosition return checks

Browse Source
This commit is contained in:
Armin Novak
2026-02-27 20:59:11 +01:00
parent 0f46216a24
commit e6fca2c021
52 changed files with 414 additions and 233 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
winpr/include/winpr/stream.h
View File

@@ -1333,6 +1333,7 @@ extern "C"
_s->pointer = _s->buffer;
}
WINPR_ATTR_NODISCARD
WINPR_API BOOL Stream_SetPosition(wStream* _s, size_t _p);
WINPR_API void Stream_SealLength(wStream* _s);

8
winpr/libwinpr/sspi/NTLM/ntlm.c
View File

@@ -1353,10 +1353,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext,
WINPR_HMAC_CTX* hmac = winpr_HMAC_New();
if (!winpr_HMAC_Init(hmac, WINPR_MD_MD5, context->RecvSigningKey, WINPR_MD5_DIGEST_LENGTH))
{
winpr_HMAC_Free(hmac);
return SEC_E_INTERNAL_ERROR;
}
goto fail;
winpr_Data_Write_UINT32(&seq_no, MessageSeqNo);
if (!winpr_HMAC_Update(hmac, (BYTE*)&seq_no, 4))
@@ -1366,7 +1363,8 @@ static SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext,
if (!winpr_HMAC_Final(hmac, digest, WINPR_MD5_DIGEST_LENGTH))
goto fail;
winpr_RC4_Update(context->RecvRc4Seal, 8, digest, checksum);
if (!winpr_RC4_Update(context->RecvRc4Seal, 8, digest, checksum))
goto fail;
winpr_Data_Write_UINT32(signature, 1L);
CopyMemory(&signature[4], checksum, 8);

10
winpr/libwinpr/sspi/NTLM/ntlm_compute.c
View File

@@ -306,12 +306,10 @@ static BOOL ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
WLog_VRB(TAG, "NTLM Hash:");
winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16);
#endif
NTOWFv2FromHashW(entry->NtHash, (LPWSTR)credentials->identity.User,
credentials->identity.UserLength * sizeof(WCHAR),
(LPWSTR)credentials->identity.Domain,
credentials->identity.DomainLength * sizeof(WCHAR), hash);
rc = TRUE;
rc = NTOWFv2FromHashW(entry->NtHash, (LPWSTR)credentials->identity.User,
credentials->identity.UserLength * sizeof(WCHAR),
(LPWSTR)credentials->identity.Domain,
credentials->identity.DomainLength * sizeof(WCHAR), hash);
fail:
SamFreeEntry(sam, entry);

15
winpr/libwinpr/sspi/NTLM/ntlm_message.c
View File

@@ -367,7 +367,8 @@ static BOOL ntlm_read_message_fields_buffer(wStream* s, NTLM_MESSAGE_FIELDS* fie
return FALSE;
}
Stream_SetPosition(s, fields->BufferOffset);
if (!Stream_SetPosition(s, fields->BufferOffset))
return FALSE;
Stream_Read(s, fields->Buffer, fields->Len);
}
@@ -381,7 +382,8 @@ static BOOL ntlm_write_message_fields_buffer(wStream* s, const NTLM_MESSAGE_FIEL
if (fields->Len > 0)
{
Stream_SetPosition(s, fields->BufferOffset);
if (!Stream_SetPosition(s, fields->BufferOffset))
return FALSE;
if (!NTLM_CheckAndLogRequiredCapacity(TAG, (s), fields->Len, "NTLM_MESSAGE_FIELDS::Len"))
return FALSE;
@@ -480,13 +482,13 @@ static BOOL ntlm_write_message_integrity_check(wStream* s, size_t offset, const
if (!NTLM_CheckAndLogRequiredCapacity(TAG, s, offset, "MessageIntegrityCheck::offset"))
return FALSE;
Stream_SetPosition(s, offset);
if (!Stream_SetPosition(s, offset))
return FALSE;
if (!NTLM_CheckAndLogRequiredCapacity(TAG, s, size, "MessageIntegrityCheck::size"))
return FALSE;
Stream_Write(s, data, size);
Stream_SetPosition(s, pos);
return TRUE;
return Stream_SetPosition(s, pos);
}
SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer buffer)
@@ -1078,7 +1080,8 @@ SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
CopyMemory(context->AuthenticateMessage.pvBuffer, Stream_Buffer(s), length);
buffer->cbBuffer = (ULONG)length;
Stream_SetPosition(s, PayloadBufferOffset);
if (!Stream_SetPosition(s, PayloadBufferOffset))
goto fail;
if (flags & MSV_AV_FLAGS_MESSAGE_INTEGRITY_CHECK)
{

6
winpr/libwinpr/utils/test/TestStream.c
View File

@@ -168,7 +168,8 @@ static BOOL TestStream_Create(size_t count, BOOL selfAlloc)
for (size_t pos = 0; pos < len; pos++)
{
Stream_SetPosition(s, pos);
if (!Stream_SetPosition(s, pos))
goto fail;
Stream_SealLength(s);
if (!TestStream_Verify(s, cap, pos, pos))
@@ -228,7 +229,8 @@ static BOOL TestStream_Extent(UINT32 maxSize)
goto fail;
}
Stream_SetPosition(s, i);
if (!Stream_SetPosition(s, i))
goto fail;
Stream_SealLength(s);
if (!TestStream_Verify(s, i, i, i))