mike-jumper commented on a change in pull request #274:
URL: https://github.com/apache/guacamole-server/pull/274#discussion_r420549207
##########
File path: src/protocols/rdp/channels/rdpdr/rdpdr-messages.c
##########
@@ -212,6 +212,10 @@ void
guac_rdpdr_process_server_announce(guac_rdp_common_svc* svc,
unsigned int major, minor, client_id;
+ /* Stream should contain at least 8 bytes (UINT16 + UINT16 + UINT32) */
+ if (Stream_GetRemainingLength(input_stream) < 8)
+ return;
Review comment:
Missed one `guac_client_log()` here, I think.
##########
File path: src/protocols/rdp/channels/rdpsnd/rdpsnd-messages.c
##########
@@ -50,6 +50,14 @@ void guac_rdpsnd_formats_handler(guac_rdp_common_svc* svc,
/* Reset own format count */
rdpsnd->format_count = 0;
+ /* Check to make sure the stream has at least 20 bytes, which */
Review comment:
Which what?
##########
File path: src/protocols/rdp/channels/rdpdr/rdpdr.c
##########
@@ -38,6 +38,17 @@ void guac_rdpdr_process_receive(guac_rdp_common_svc* svc,
int component;
int packet_id;
+ /*
+ * Check that device redirection stream contains at least 4 bytes
+ * (UINT16 + UINT16).
+ */
+ if (Stream_GetRemainingLength(input_stream) < 4) {
+ guac_client_log(svc->client, GUAC_LOG_WARNING, "Device redirection "
+ "channel receive Stream does not contain the expected number "
+ "of bytes. Device redirection may not function as expected.");
Review comment:
> Device redirection channel receive Stream ...
As phrased, this does not make sense to me. Looking at the context, this is
guarding the read operation around the header common to all RDPDR PDUs, so I
would suggest rephrasing this in that respect ("Device redirection channel PDU
header" or "RDPDR channel PDU header" or similar).
##########
File path: src/protocols/rdp/plugins/guacai/guacai.c
##########
@@ -52,10 +52,18 @@
static void guac_rdp_ai_handle_data(guac_client* client,
IWTSVirtualChannel* channel, wStream* stream) {
+ /* Verify we have at least 1 byte in the stream (UINT8) */
+ if (Stream_GetRemainingLength(stream) < 1) {
+ guac_client_log(client, GUAC_LOG_WARNING, "Audio input stream does not
"
Review comment:
This should probably be "PDU" or "PDU header" rather than "stream".
##########
File path: src/protocols/rdp/channels/rdpsnd/rdpsnd.c
##########
@@ -35,11 +35,19 @@ void guac_rdpsnd_process_receive(guac_rdp_common_svc* svc,
guac_rdpsnd* rdpsnd = (guac_rdpsnd*) svc->data;
guac_rdpsnd_pdu_header header;
+ /* Check that we at least the 4 byte header (UINT8 + UINT8 + UINT16) */
Review comment:
Did you mean "we have"?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
