Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

core: terminate redirect cookies correctly

  • Loading branch information...
commit 380d1f4b9a60def9ef80a52a4b2d7b812eb1f298 1 parent 0f54e1c
@kiilerix authored
Showing with 9 additions and 11 deletions.
  1. +8 −10 libfreerdp-core/info.c
  2. +1 −1  libfreerdp-core/redirection.c
View
18 libfreerdp-core/info.c
@@ -69,10 +69,10 @@ boolean rdp_read_client_auto_reconnect_cookie(STREAM* s, rdpSettings* settings)
if (stream_get_left(s) < 28)
return false;
- stream_write_uint32(s, autoReconnectCookie->cbLen); /* cbLen (4 bytes) */
- stream_write_uint32(s, autoReconnectCookie->version); /* version (4 bytes) */
- stream_write_uint32(s, autoReconnectCookie->logonId); /* LogonId (4 bytes) */
- stream_write(s, autoReconnectCookie->securityVerifier, 16); /* SecurityVerifier */
+ stream_read_uint32(s, autoReconnectCookie->cbLen); /* cbLen (4 bytes) */
+ stream_read_uint32(s, autoReconnectCookie->version); /* version (4 bytes) */
+ stream_read_uint32(s, autoReconnectCookie->logonId); /* LogonId (4 bytes) */
+ stream_read(s, autoReconnectCookie->securityVerifier, 16); /* SecurityVerifier */
return true;
}
@@ -299,7 +299,6 @@ void rdp_write_info_packet(STREAM* s, rdpSettings* settings)
uint16 cbUserName;
uint8* password;
uint16 cbPassword;
- size_t passwordLength;
uint8* alternateShell;
uint16 cbAlternateShell;
uint8* workingDir;
@@ -342,13 +341,12 @@ void rdp_write_info_packet(STREAM* s, rdpSettings* settings)
{
usedPasswordCookie = true;
password = (uint8*)settings->password_cookie->data;
- passwordLength = settings->password_cookie->length;
- cbPassword = passwordLength - 2;
+ cbPassword = settings->password_cookie->length - 2; /* Strip double zero termination */
}
else
{
- password = (uint8*)freerdp_uniconv_out(settings->uniconv, settings->password, &passwordLength);
- cbPassword = passwordLength;
+ password = (uint8*)freerdp_uniconv_out(settings->uniconv, settings->password, &length);
+ cbPassword = length;
}
alternateShell = (uint8*)freerdp_uniconv_out(settings->uniconv, settings->shell, &length);
@@ -375,7 +373,7 @@ void rdp_write_info_packet(STREAM* s, rdpSettings* settings)
stream_write_uint16(s, 0);
if (cbPassword > 0)
- stream_write(s, password, passwordLength);
+ stream_write(s, password, cbPassword);
stream_write_uint16(s, 0);
if (cbAlternateShell > 0)
View
2  libfreerdp-core/redirection.c
@@ -105,7 +105,7 @@ boolean rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s)
if (redirection->flags & LB_PASSWORD)
{
uint32 passwordLength;
- stream_read_uint32(s, passwordLength);
+ stream_read_uint32(s, passwordLength); /* Note: length (hopefully) includes double zero termination */
freerdp_blob_alloc(&redirection->password_cookie, passwordLength);
stream_read(s, redirection->password_cookie.data, passwordLength);
Please sign in to comment.
Something went wrong with that request. Please try again.