Skip to content

Commit 7d58aac

Browse files
author
Vic Lee
committed
security: add a NULL pointer check to fix a server crash.
1 parent 03fd416 commit 7d58aac

File tree

2 files changed

+4
-1
lines changed

2 files changed

+4
-1
lines changed

Diff for: libfreerdp/core/rdp.c

+2-1
Original file line numberDiff line numberDiff line change
@@ -717,7 +717,8 @@ BOOL rdp_decrypt(rdpRdp* rdp, STREAM* s, int length, UINT16 securityFlags)
717717

718718
stream_read(s, wmac, sizeof(wmac));
719719
length -= sizeof(wmac);
720-
security_decrypt(s->p, length, rdp);
720+
if (!security_decrypt(s->p, length, rdp))
721+
return FALSE;
721722

722723
if (securityFlags & SEC_SECURE_CHECKSUM)
723724
security_salted_mac_signature(rdp, s->p, length, FALSE, cmac);

Diff for: libfreerdp/core/security.c

+2
Original file line numberDiff line numberDiff line change
@@ -492,6 +492,8 @@ BOOL security_encrypt(BYTE* data, int length, rdpRdp* rdp)
492492

493493
BOOL security_decrypt(BYTE* data, int length, rdpRdp* rdp)
494494
{
495+
if (rdp->rc4_decrypt_key == NULL)
496+
return FALSE;
495497
if (rdp->decrypt_use_count >= 4096)
496498
{
497499
security_key_update(rdp->decrypt_key, rdp->decrypt_update_key, rdp->rc4_key_len);

0 commit comments

Comments
 (0)