Set max character buffer len to 512 per MS specification

The MS specs determine that the character buffer lenngths
for usernames, domains, passwords, alternate shells, etc
can be up to 512 characters including the mandatory null
terminator.
This commit is contained in:
bolkedebruin 2020-08-05 17:12:16 +02:00 committed by Bolke de Bruin
parent f3e42fc209
commit 5cd36c511c
6 changed files with 27 additions and 19 deletions

View File

@ -18,6 +18,8 @@
* xrdp / xserver info / caps * xrdp / xserver info / caps
*/ */
#include "xrdp_constants.h"
#if !defined(XRDP_CLIENT_INFO_H) #if !defined(XRDP_CLIENT_INFO_H)
#define XRDP_CLIENT_INFO_H #define XRDP_CLIENT_INFO_H
@ -57,11 +59,11 @@ struct xrdp_client_info
char hostname[32]; char hostname[32];
int build; int build;
int keylayout; int keylayout;
char username[256]; char username[INFO_CLIENT_MAX_CB_LEN];
char password[256]; char password[INFO_CLIENT_MAX_CB_LEN];
char domain[256]; char domain[INFO_CLIENT_MAX_CB_LEN];
char program[256]; char program[INFO_CLIENT_MAX_CB_LEN];
char directory[256]; char directory[INFO_CLIENT_MAX_CB_LEN];
int rdp_compression; int rdp_compression;
int rdp_autologin; int rdp_autologin;
int crypt_level; /* 1, 2, 3 = low, medium, high */ int crypt_level; /* 1, 2, 3 = low, medium, high */

View File

@ -38,6 +38,7 @@
******************************************************************************/ ******************************************************************************/
#define INFO_CLIENT_NAME_BYTES 32 #define INFO_CLIENT_NAME_BYTES 32
#define INFO_CLIENT_MAX_CB_LEN 512
#define XRDP_MAX_BITMAP_CACHE_ID 3 #define XRDP_MAX_BITMAP_CACHE_ID 3
#define XRDP_MAX_BITMAP_CACHE_IDX 2000 #define XRDP_MAX_BITMAP_CACHE_IDX 2000

View File

@ -735,7 +735,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
} }
in_uint16_le(s, len_domain); in_uint16_le(s, len_domain);
if (len_domain > 511) if (len_domain >= INFO_CLIENT_MAX_CB_LEN)
{ {
DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_domain > 511")); DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_domain > 511"));
return 1; return 1;
@ -757,7 +757,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
self->rdp_layer->client_info.rdp_autologin = 0; self->rdp_layer->client_info.rdp_autologin = 0;
} }
if (len_user > 511) if (len_user >= INFO_CLIENT_MAX_CB_LEN)
{ {
DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_user > 511")); DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_user > 511"));
return 1; return 1;
@ -769,7 +769,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
} }
in_uint16_le(s, len_password); in_uint16_le(s, len_password);
if (len_password > 511) if (len_password >= INFO_CLIENT_MAX_CB_LEN)
{ {
DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_password > 511")); DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_password > 511"));
return 1; return 1;
@ -781,7 +781,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
} }
in_uint16_le(s, len_program); in_uint16_le(s, len_program);
if (len_program > 511) if (len_program >= INFO_CLIENT_MAX_CB_LEN)
{ {
DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_program > 511")); DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_program > 511"));
return 1; return 1;
@ -793,7 +793,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
} }
in_uint16_le(s, len_directory); in_uint16_le(s, len_directory);
if (len_directory > 511) if (len_directory >= INFO_CLIENT_MAX_CB_LEN)
{ {
DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_directory > 511")); DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_directory > 511"));
return 1; return 1;

View File

@ -24,6 +24,7 @@
#include "defines.h" #include "defines.h"
#include "xrdp_rail.h" #include "xrdp_rail.h"
#include "xrdp_client_info.h" #include "xrdp_client_info.h"
#include "xrdp_constants.h"
/* this is the freerdp main header */ /* this is the freerdp main header */
#include <freerdp/freerdp.h> #include <freerdp/freerdp.h>
@ -196,9 +197,9 @@ struct mod
int vmaj; int vmaj;
int vmin; int vmin;
int vrev; int vrev;
char username[256]; char username[INFO_CLIENT_MAX_CB_LEN];
char password[256]; char password[INFO_CLIENT_MAX_CB_LEN];
char domain[256]; char domain[INFO_CLIENT_MAX_CB_LEN];
int bool_keyBoardSynced ; /* Numlock can be out of sync, we hold state here to resolve */ int bool_keyBoardSynced ; /* Numlock can be out of sync, we hold state here to resolve */
int keyBoardLockInfo ; /* Holds initial numlock capslock state */ int keyBoardLockInfo ; /* Holds initial numlock capslock state */

View File

@ -34,10 +34,13 @@
#include <stdio.h> #include <stdio.h>
#include <security/pam_appl.h> #include <security/pam_appl.h>
/* Defines the maximum size of a username or password. With pam there is no real limit */
#define MAX_BUF 8192
struct t_user_pass struct t_user_pass
{ {
char user[256]; char user[MAX_BUF];
char pass[256]; char pass[MAX_BUF];
}; };
struct t_auth_info struct t_auth_info
@ -115,8 +118,8 @@ auth_userpass(const char *user, const char *pass, int *errorcode)
get_service_name(service_name); get_service_name(service_name);
auth_info = g_new0(struct t_auth_info, 1); auth_info = g_new0(struct t_auth_info, 1);
g_strncpy(auth_info->user_pass.user, user, 255); g_strncpy(auth_info->user_pass.user, user, MAX_BUF - 1);
g_strncpy(auth_info->user_pass.pass, pass, 255); g_strncpy(auth_info->user_pass.pass, pass, MAX_BUF - 1);
auth_info->pamc.conv = &verify_pam_conv; auth_info->pamc.conv = &verify_pam_conv;
auth_info->pamc.appdata_ptr = &(auth_info->user_pass); auth_info->pamc.appdata_ptr = &(auth_info->user_pass);
error = pam_start(service_name, 0, &(auth_info->pamc), &(auth_info->ph)); error = pam_start(service_name, 0, &(auth_info->pamc), &(auth_info->ph));

View File

@ -24,6 +24,7 @@
#include "os_calls.h" #include "os_calls.h"
#include "defines.h" #include "defines.h"
#include "xrdp_client_info.h" #include "xrdp_client_info.h"
#include "xrdp_constants.h"
#include "xrdp_rail.h" #include "xrdp_rail.h"
#define CURRENT_MOD_VER 4 #define CURRENT_MOD_VER 4
@ -154,8 +155,8 @@ struct mod
int height; int height;
int bpp; int bpp;
int sck_closed; int sck_closed;
char username[256]; char username[INFO_CLIENT_MAX_CB_LEN];
char password[256]; char password[INFO_CLIENT_MAX_CB_LEN];
char ip[256]; char ip[256];
char port[256]; char port[256];
int shift_state; int shift_state;