From 801c1fe1d6e106c2537474eea2e55f9845abccbf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benoi=CC=82t=20LeBlanc?= Date: Fri, 18 Oct 2013 16:23:29 -0400 Subject: [PATCH] - Fixed crash in tls_read (unchecked null pointer) - also check for empty string on username and password to launch authentication callback --- libfreerdp/core/nla.c | 3 ++- libfreerdp/crypto/tls.c | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/libfreerdp/core/nla.c b/libfreerdp/core/nla.c index 2978a2a79..1bface6dc 100644 --- a/libfreerdp/core/nla.c +++ b/libfreerdp/core/nla.c @@ -119,7 +119,8 @@ int credssp_ntlm_client_init(rdpCredssp* credssp) settings = credssp->settings; instance = (freerdp*) settings->instance; - if ((settings->Password == NULL) || (settings->Username == NULL)) + if ((settings->Password == NULL ) || (settings->Username == NULL) + || (!strlen(settings->Password)) || (!strlen(settings->Username))) { if (instance->Authenticate) { diff --git a/libfreerdp/crypto/tls.c b/libfreerdp/crypto/tls.c index ae3175818..9d2c407ce 100644 --- a/libfreerdp/crypto/tls.c +++ b/libfreerdp/crypto/tls.c @@ -373,9 +373,9 @@ int tls_read(rdpTls* tls, BYTE* data, int length) int error; int status; - status = SSL_read(tls->ssl, data, length); + status = tls ? SSL_read(tls->ssl, data, length) : -1; - if (status <= 0) + if (tls && status <= 0) { error = SSL_get_error(tls->ssl, status);