This commit includes fixes for a set of 21 vulnerabilities in
rdesktop when a malicious RDP server is used.
All vulnerabilities was identified and reported by Eyal Itkin.
* Add rdp_protocol_error function that is used in several fixes
* Refactor of process_bitmap_updates
* Fix possible integer overflow in s_check_rem() on 32bit arch
* Fix memory corruption in process_bitmap_data - CVE-2018-8794
* Fix remote code execution in process_bitmap_data - CVE-2018-8795
* Fix remote code execution in process_plane - CVE-2018-8797
* Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175
* Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175
* Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176
* Fix Denial of Service in sec_recv - CVE-2018-20176
* Fix minor information leak in rdpdr_process - CVE-2018-8791
* Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792
* Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793
* Fix Denial of Service in process_bitmap_data - CVE-2018-8796
* Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798
* Fix Denial of Service in process_secondary_order - CVE-2018-8799
* Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800
* Fix major information leak in ui_clip_handle_data - CVE-2018-20174
* Fix memory corruption in rdp_in_unistr - CVE-2018-20177
* Fix Denial of Service in process_demand_active - CVE-2018-20178
* Fix remote code execution in lspci_process - CVE-2018-20179
* Fix remote code execution in rdpsnddbg_process - CVE-2018-20180
* Fix remote code execution in seamless_process - CVE-2018-20181
* Fix remote code execution in seamless_process_line - CVE-2018-20182
We were using the incorrect type for the context for these two calls.
No practical effects, but some noise from the compiler about the wrong
pointer type.
This commit will add a logging system to solve the problem that
one actually need to recompile rdesktop from source to enable
different debug logging.
- Same logging api for all kind of logging and messages to
end user.
- Adding -v for verbose output when running rdesktop.
- All messages are logged into a subject and with a type, eg:
logger(Keyboard, Notice, "Autos-electing %s based on locale.", locale);
- Debug logging is enabled trough a environment variable RDEKSTOP_DEBUG,
which specifies subjects of interest, comma separated. There is a special
subject named All which includes all subject for debug loggin. There is also
a simple logic opeartor '!' = NOT which can be used in combination like:
RDESKTOP_DEBUG=All,!Graphics,!Sound
Which would give debug log output for All subject except Graphics and Sound.
to streams in CredSSP. (The other part of bug #383.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1801 423420c4-83ab-492f-b58f-81f9feb106b5
packet. This fixes bug were login fails due to non-ASCII
characters in username or password.
Fixes bug #383.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1800 423420c4-83ab-492f-b58f-81f9feb106b5
size of 4096 which proved to be a problem.
Thanks to David Fries for patches.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1709 423420c4-83ab-492f-b58f-81f9feb106b5
- Add implementation of TSSmartCardCreds and TSCSPDataDetail for
CredSSP protocol.
- Add handling of long opts for getopt()
- Added 4 new long opts for providing information to CredSSP which
is required for smartcard credentials.
- Updated manual with information about the new arguments.
If smartcard authentication is request by commandline "-i" option,
and no CredSSP smartcard options is provided, rdesktop will
negotiate to use SSL and warn.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1705 423420c4-83ab-492f-b58f-81f9feb106b5
this fixes a segfault if gssglue cant initialize when
/etc/gssapi_mech.conf is missing on system.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1685 423420c4-83ab-492f-b58f-81f9feb106b5
disabled by default and is enabled using argument --enable-credssp
to configure script.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1676 423420c4-83ab-492f-b58f-81f9feb106b5
