This commit includes fixes for a set of 21 vulnerabilities in
rdesktop when a malicious RDP server is used.
All vulnerabilities was identified and reported by Eyal Itkin.
* Add rdp_protocol_error function that is used in several fixes
* Refactor of process_bitmap_updates
* Fix possible integer overflow in s_check_rem() on 32bit arch
* Fix memory corruption in process_bitmap_data - CVE-2018-8794
* Fix remote code execution in process_bitmap_data - CVE-2018-8795
* Fix remote code execution in process_plane - CVE-2018-8797
* Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175
* Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175
* Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176
* Fix Denial of Service in sec_recv - CVE-2018-20176
* Fix minor information leak in rdpdr_process - CVE-2018-8791
* Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792
* Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793
* Fix Denial of Service in process_bitmap_data - CVE-2018-8796
* Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798
* Fix Denial of Service in process_secondary_order - CVE-2018-8799
* Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800
* Fix major information leak in ui_clip_handle_data - CVE-2018-20174
* Fix memory corruption in rdp_in_unistr - CVE-2018-20177
* Fix Denial of Service in process_demand_active - CVE-2018-20178
* Fix remote code execution in lspci_process - CVE-2018-20179
* Fix remote code execution in rdpsnddbg_process - CVE-2018-20180
* Fix remote code execution in seamless_process - CVE-2018-20181
* Fix remote code execution in seamless_process_line - CVE-2018-20182
This commit will add a logging system to solve the problem that
one actually need to recompile rdesktop from source to enable
different debug logging.
- Same logging api for all kind of logging and messages to
end user.
- Adding -v for verbose output when running rdesktop.
- All messages are logged into a subject and with a type, eg:
logger(Keyboard, Notice, "Autos-electing %s based on locale.", locale);
- Debug logging is enabled trough a environment variable RDEKSTOP_DEBUG,
which specifies subjects of interest, comma separated. There is a special
subject named All which includes all subject for debug loggin. There is also
a simple logic opeartor '!' = NOT which can be used in combination like:
RDESKTOP_DEBUG=All,!Graphics,!Sound
Which would give debug log output for All subject except Graphics and Sound.
and implement the usage of the new command in rdesktop.
If a seamless command is specified the persistent mode
of the session will be changed to non-persistent.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1822 423420c4-83ab-492f-b58f-81f9feb106b5
new window is created. This fixes issues with seamless
protocol parser between reconnects.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1820 423420c4-83ab-492f-b58f-81f9feb106b5
- Implementation of ctrl functionality were slaves can call
a method into existing master process, more information is
found in doc/ctrl.txt
- Implementation of new seamless SPAWN functionality so which
is used by the ctrl to spawn processes in a seamless rdp session
out of process.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1689 423420c4-83ab-492f-b58f-81f9feb106b5
remote server (i.e. when we get a HELLO).
Also change g_seamless_rdp to mean that -A was specified on the command line.
g_seamless_active now indicates if we're in seamless or "normal" mode.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/branches/seamlessrdp-branch/rdesktop@1148 423420c4-83ab-492f-b58f-81f9feb106b5
use all bits of a long.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/branches/seamlessrdp-branch/rdesktop@1119 423420c4-83ab-492f-b58f-81f9feb106b5
Use 0x%08lx instead of 0x%p.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/branches/seamlessrdp-branch/rdesktop@1115 423420c4-83ab-492f-b58f-81f9feb106b5
seamless_send is now a varargs function.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/branches/seamlessrdp-branch/rdesktop@1109 423420c4-83ab-492f-b58f-81f9feb106b5