The entire device redirection framework is documented to use 64-bit
offsets rather than 32-bit offsets. This should fix any problems
transfering large files with rdesktop.
Co-Authored-By: gpatel-fr <44170243+gpatel-fr@users.noreply.github.com>
This commit includes fixes for a set of 21 vulnerabilities in
rdesktop when a malicious RDP server is used.
All vulnerabilities was identified and reported by Eyal Itkin.
* Add rdp_protocol_error function that is used in several fixes
* Refactor of process_bitmap_updates
* Fix possible integer overflow in s_check_rem() on 32bit arch
* Fix memory corruption in process_bitmap_data - CVE-2018-8794
* Fix remote code execution in process_bitmap_data - CVE-2018-8795
* Fix remote code execution in process_plane - CVE-2018-8797
* Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175
* Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175
* Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176
* Fix Denial of Service in sec_recv - CVE-2018-20176
* Fix minor information leak in rdpdr_process - CVE-2018-8791
* Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792
* Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793
* Fix Denial of Service in process_bitmap_data - CVE-2018-8796
* Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798
* Fix Denial of Service in process_secondary_order - CVE-2018-8799
* Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800
* Fix major information leak in ui_clip_handle_data - CVE-2018-20174
* Fix memory corruption in rdp_in_unistr - CVE-2018-20177
* Fix Denial of Service in process_demand_active - CVE-2018-20178
* Fix remote code execution in lspci_process - CVE-2018-20179
* Fix remote code execution in rdpsnddbg_process - CVE-2018-20180
* Fix remote code execution in seamless_process - CVE-2018-20181
* Fix remote code execution in seamless_process_line - CVE-2018-20182
Store the full drive name in a new disk-specific pdevice_data
struct. Bump Drive Redirection version to 02, and send the full name
as part of the Device Announcement message.
adding Enhanced RDP Security support to rdesktop and brings
support for TLSv1 tunnel functionality.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1659 423420c4-83ab-492f-b58f-81f9feb106b5
patches for smartcard-support by Jennings Jared <jared.jennings.ctr@eglin.af.mil>
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@1308 423420c4-83ab-492f-b58f-81f9feb106b5
possible for the remote RDP server to enumerate the local PCI devices.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@1052 423420c4-83ab-492f-b58f-81f9feb106b5
change year in files
add missing docu for updated commandline-flags
update changelog
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@827 423420c4-83ab-492f-b58f-81f9feb106b5
extract aio remove
handle errors in aio read / write
function that checks if handle is ok - seems windows cant keep track of them huh
- volker milde
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@626 423420c4-83ab-492f-b58f-81f9feb106b5
Based on code from GuoJunBo <guojunbo@ict.ac.cn>
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@473 423420c4-83ab-492f-b58f-81f9feb106b5
RDPSND), in particular:
* channel layer takes care of virtual channel header
* split X dependent parts out of CLIPRDR, simplified IPC implementation
* initial RDPDR implementation
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@431 423420c4-83ab-492f-b58f-81f9feb106b5
Implemented encryption layer and some basic licensing negotiation.
Reorganised code somewhat. While this is not quite as clean, it is
a lot faster - our parser speed was becoming a bottle-neck.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@9 423420c4-83ab-492f-b58f-81f9feb106b5