morgan/FreeRDP
1
0
Fork 0
mirror of https://github.com/morgan9e/FreeRDP synced 2026-04-14 08:24:16 +09:00
Code Issues Packages Projects Releases Wiki Activity

core: fixed segfault caused by double free of password_cookie blob

Browse Source
This commit is contained in:
Norbert Federa
2012-02-01 17:58:06 +01:00
parent 5ee606cf10
commit a3a4e9afa9
5 changed files with 13 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libfreerdp-core/connection.c
View File

@@ -82,7 +82,7 @@ boolean rdp_client_connect(rdpRdp* rdp)
if ((selectedProtocol & PROTOCOL_TLS) || (selectedProtocol == PROTOCOL_RDP))
{
if ((settings->username != NULL) && ((settings->password != NULL) || (settings->password_cookie->length > 0)))
if ((settings->username != NULL) && ((settings->password != NULL) || (settings->password_cookie != NULL && settings->password_cookie->length > 0)))
settings->autologon = true;
}
@@ -177,8 +177,7 @@ boolean rdp_client_redirect(rdpRdp* rdp)
if (redirection->flags & LB_PASSWORD)
{
freerdp_blob_free(settings->password_cookie);
settings->password_cookie = redirection->password_cookie;
settings->password_cookie = &redirection->password_cookie;
}
return rdp_client_connect(rdp);

8
libfreerdp-core/info.c
View File

@@ -477,6 +477,7 @@ void rdp_write_info_packet(STREAM* s, rdpSettings* settings)
uint16 cbAlternateShell;
uint8* workingDir;
uint16 cbWorkingDir;
boolean usedPasswordCookie = false;
flags = INFO_MOUSE |
INFO_UNICODE |
@@ -505,8 +506,9 @@ void rdp_write_info_packet(STREAM* s, rdpSettings* settings)
userName = (uint8*)freerdp_uniconv_out(settings->uniconv, settings->username, &length);
cbUserName = length;
if (settings->password_cookie->length > 0)
if (settings->password_cookie && settings->password_cookie->length > 0)
{
usedPasswordCookie = true;
password = (uint8*)settings->password_cookie->data;
cbPassword = settings->password_cookie->length - 2;
}
@@ -553,10 +555,12 @@ void rdp_write_info_packet(STREAM* s, rdpSettings* settings)
xfree(domain);
xfree(userName);
xfree(password);
xfree(alternateShell);
xfree(workingDir);
if (!usedPasswordCookie)
xfree(password);
if (settings->rdp_version >= 5)
rdp_write_extended_info_packet(s, settings); /* extraInfo */
}

9
libfreerdp-core/redirection.c
View File

@@ -106,13 +106,12 @@ boolean rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s)
{
uint32 passwordLength;
stream_read_uint32(s, passwordLength);
redirection->password_cookie = xnew(rdpBlob);
freerdp_blob_alloc(redirection->password_cookie, passwordLength);
stream_read(s, redirection->password_cookie->data, passwordLength);
freerdp_blob_alloc(&redirection->password_cookie, passwordLength);
stream_read(s, redirection->password_cookie.data, passwordLength);
#ifdef WITH_DEBUG_REDIR
DEBUG_REDIR("password_cookie:");
freerdp_hexdump(redirection->password_cookie->data, redirection->password_cookie->length);
freerdp_hexdump(redirection->password_cookie.data, redirection->password_cookie.length);
#endif
}
@@ -203,7 +202,7 @@ void redirection_free(rdpRedirection* redirection)
freerdp_string_free(&redirection->tsvUrl);
freerdp_string_free(&redirection->username);
freerdp_string_free(&redirection->domain);
freerdp_blob_free(redirection->password_cookie);
freerdp_blob_free(&redirection->password_cookie);
freerdp_string_free(&redirection->targetFQDN);
freerdp_string_free(&redirection->targetNetBiosName);
freerdp_string_free(&redirection->targetNetAddress);

2
libfreerdp-core/redirection.h
View File

@@ -50,7 +50,7 @@ struct rdp_redirection
rdpString tsvUrl;
rdpString username;
rdpString domain;
rdpBlob* password_cookie;
rdpBlob password_cookie;
rdpString targetFQDN;
rdpBlob loadBalanceInfo;
rdpString targetNetBiosName;

3
libfreerdp-core/settings.c
View File

@@ -172,7 +172,6 @@ rdpSettings* settings_new(void* instance)
settings->server_auto_reconnect_cookie = xnew(ARC_SC_PRIVATE_PACKET);
settings->client_time_zone = xnew(TIME_ZONE_INFO);
settings->password_cookie = xnew(rdpBlob);
settings->server_random = xnew(rdpBlob);
settings->server_certificate = xnew(rdpBlob);
@@ -190,8 +189,6 @@ void settings_free(rdpSettings* settings)
xfree(settings->hostname);
xfree(settings->username);
xfree(settings->password);
freerdp_blob_free(settings->password_cookie);
xfree(settings->password_cookie);
xfree(settings->domain);
xfree(settings->shell);
xfree(settings->directory);