diff options
| -rw-r--r-- | common/defines.h | 2 | ||||
| -rw-r--r-- | common/os_calls.c | 86 | ||||
| -rw-r--r-- | common/os_calls.h | 4 | ||||
| -rw-r--r-- | common/thread_calls.c | 31 | ||||
| -rw-r--r-- | common/trans.c | 51 | ||||
| -rw-r--r-- | design.txt | 2 | ||||
| -rw-r--r-- | libxrdp/libxrdp.c | 62 | ||||
| -rw-r--r-- | libxrdp/libxrdpinc.h | 2 | ||||
| -rw-r--r-- | libxrdp/xrdp_bitmap_compress.c | 2 | ||||
| -rw-r--r-- | libxrdp/xrdp_channel.c | 1 | ||||
| -rw-r--r-- | libxrdp/xrdp_orders.c | 134 | ||||
| -rw-r--r-- | libxrdp/xrdp_rdp.c | 46 | ||||
| -rw-r--r-- | libxrdp/xrdp_sec.c | 76 | ||||
| -rw-r--r-- | libxrdp/xrdp_tcp.c | 2 | ||||
| -rw-r--r-- | rdp/rdp_orders.c | 190 | ||||
| -rw-r--r-- | rdp/rdp_rdp.c | 82 | ||||
| -rw-r--r-- | sesman/chansrv/chansrv.c | 119 | ||||
| -rw-r--r-- | sesman/libscp/libscp_session.c | 4 | ||||
| -rw-r--r-- | sesman/scp_v0.c | 1 | ||||
| -rw-r--r-- | sesman/sesman.c | 5 | ||||
| -rw-r--r-- | sesman/session.c | 35 | ||||
| -rw-r--r-- | sesman/sessvc/sessvc.c | 19 | ||||
| -rw-r--r-- | vnc/vnc.c | 10 | ||||
| -rw-r--r-- | xrdp/xrdp.c | 27 | ||||
| -rw-r--r-- | xrdp/xrdp_bitmap.c | 79 | ||||
| -rw-r--r-- | xrdp/xrdp_cache.c | 16 | ||||
| -rw-r--r-- | xrdp/xrdp_listen.c | 4 | ||||
| -rw-r--r-- | xrdp/xrdp_mm.c | 221 | ||||
| -rw-r--r-- | xrdp/xrdp_painter.c | 8 | ||||
| -rw-r--r-- | xrdp/xrdp_process.c | 2 | ||||
| -rw-r--r-- | xrdp/xrdp_wm.c | 7 | ||||
| -rw-r--r-- | xup/xup.c | 2 | 
32 files changed, 757 insertions, 575 deletions
| diff --git a/common/defines.h b/common/defines.h index 2dbb1893..a6f6e303 100644 --- a/common/defines.h +++ b/common/defines.h @@ -20,7 +20,7 @@  */ -#if !defined(DEFINES_H) +#ifndef DEFINES_H  #define DEFINES_H  /* check for debug */ diff --git a/common/os_calls.c b/common/os_calls.c index 913c4296..617f3d60 100644 --- a/common/os_calls.c +++ b/common/os_calls.c @@ -616,8 +616,11 @@ g_tcp_select(int sck1, int sck2)  {    fd_set rfds;    struct timeval time; -  int max; -  int rv; +  int max = 0; +  int rv = 0; + +  g_memset(&rfds,0,sizeof(fd_set)); +  g_memset(&time,0,sizeof(struct timeval));    time.tv_sec = 0;    time.tv_usec = 0; @@ -668,9 +671,11 @@ g_create_wait_obj(char* name)  #else    tbus obj;    struct sockaddr_un sa; -  int len; -  int sck; -  int i; +  size_t len = 0; +  tbus sck = -1; +  int i = 0; + +  g_memset(&sa,0,sizeof(struct sockaddr_un));    sck = socket(PF_UNIX, SOCK_DGRAM, 0);    if (sck < 0) @@ -713,7 +718,9 @@ g_create_wait_obj_from_socket(tbus socket, int write)  #ifdef _WIN32    /* Create and return corresponding event handle for WaitForMultipleObjets */    WSAEVENT event; -  long lnetevent; +  long lnetevent = 0; + +  g_memset(&event,0,sizeof(WSAEVENT));    event = WSACreateEvent();    lnetevent = (write ? FD_WRITE : FD_READ) | FD_CLOSE; @@ -906,15 +913,20 @@ g_obj_wait(tbus* read_objs, int rcount, tbus* write_objs, int wcount,    fd_set rfds;    fd_set wfds;    struct timeval time; -  struct timeval* ptime; -  int i; -  int max; -  int sck; +  struct timeval* ptime = (struct timeval *)NULL; +  int i = 0; +  int res = 0; +  int max = 0; +  int sck = 0; + +  g_memset(&rfds,0,sizeof(fd_set)); +  g_memset(&wfds,0,sizeof(fd_set)); +  g_memset(&time,0,sizeof(struct timeval));    max = 0;    if (mstimeout < 1)    { -    ptime = 0; +    ptime = (struct timeval *)NULL;    }    else    { @@ -927,23 +939,27 @@ g_obj_wait(tbus* read_objs, int rcount, tbus* write_objs, int wcount,    for (i = 0; i < rcount; i++)    {      sck = (int)(read_objs[i]); -    FD_SET(sck, &rfds); -    if (sck > max) -    { -      max = sck; +    if (sck > 0) { +      FD_SET(sck, &rfds); +      if (sck > max) +      { +        max = sck; +      }      }    }    for (i = 0; i < wcount; i++)    {      sck = (int)(write_objs[i]); -    FD_SET(sck, &wfds); -    if (sck > max) -    { -      max = sck; +    if (sck > 0) { +      FD_SET(sck, &wfds); +      if (sck > max) +      { +        max = sck; +      }      }    } -  i = select(max + 1, &rfds, &wfds, 0, ptime); -  if (i < 0) +  res = select(max + 1, &rfds, &wfds, 0, ptime); +  if (res < 0)    {      /* these are not really errors */      if ((errno == EAGAIN) || @@ -1296,7 +1312,7 @@ g_file_get_size(const char* filename)  int APP_CC  g_strlen(const char* text)  { -  if (text == 0) +  if (text == NULL)    {      return 0;    } @@ -1367,7 +1383,9 @@ g_strdup(const char* in)    }    len = g_strlen(in);    p = (char*)g_malloc(len + 1, 0); -  g_strcpy(p, in); +  if (p != NULL) { +    g_strcpy(p, in); +  }    return p;  } @@ -1916,14 +1934,18 @@ g_waitpid(int pid)  #if defined(_WIN32)    return 0;  #else -  int rv; - -  rv = waitpid(pid, 0, 0); -  if (rv == -1) -  { -    if (errno == EINTR) /* signal occurred */ +  int rv = 0; +  if (pid < 0) { +    rv = -1; +  } +  else { +    rv = waitpid(pid, 0, 0); +    if (rv == -1)      { -      rv = 0; +      if (errno == EINTR) /* signal occurred */ +      { +        rv = 0; +      }      }    }    return rv; @@ -2119,8 +2141,8 @@ g_time2(void)    return (int)GetTickCount();  #else    struct tms tm; -  clock_t num_ticks; - +  clock_t num_ticks = 0; +  g_memset(&tm,0,sizeof(struct tms));    num_ticks = times(&tm);    return (int)(num_ticks * 10);  #endif diff --git a/common/os_calls.h b/common/os_calls.h index 333c0f29..377b1174 100644 --- a/common/os_calls.h +++ b/common/os_calls.h @@ -25,6 +25,10 @@  #if !defined(OS_CALLS_H)  #define OS_CALLS_H +#ifndef NULL +#define NULL 0 +#endif +  #include "arch.h"  void APP_CC diff --git a/common/thread_calls.c b/common/thread_calls.c index e0d7f1e8..80856fd8 100644 --- a/common/thread_calls.c +++ b/common/thread_calls.c @@ -33,15 +33,16 @@  #include "thread_calls.h"  #include "os_calls.h" +  /*****************************************************************************/  /* returns error */  #if defined(_WIN32)  int APP_CC  tc_thread_create(unsigned long (__stdcall * start_routine)(void*), void* arg)  { -  DWORD thread_id; -  HANDLE thread; -  int rv; +  int rv = 0; +  DWORD thread_id = 0; +  HANDLE thread = (HANDLE)0;    /* CreateThread returns handle or zero on error */    thread = CreateThread(0, 0, start_routine, arg, 0, &thread_id); @@ -51,14 +52,18 @@ tc_thread_create(unsigned long (__stdcall * start_routine)(void*), void* arg)  }  #else  int APP_CC -tc_thread_create(void* (* start_routine)(void*), void* arg) +tc_thread_create(void* (* start_routine)(void *), void* arg)  { -  pthread_t thread; -  int rv; +  int rv = 0; +  pthread_t thread = (pthread_t)0; + +  g_memset(&thread, 0x00, sizeof(pthread_t));    /* pthread_create returns error */    rv = pthread_create(&thread, 0, start_routine, arg); -  pthread_detach(thread); +  if (!rv) { +    rv = pthread_detach(thread); +  }    return rv;  }  #endif @@ -133,13 +138,15 @@ tc_mutex_lock(tbus mutex)  int APP_CC  tc_mutex_unlock(tbus mutex)  { +  int rv = 0;  #if defined(_WIN32)    ReleaseMutex((HANDLE)mutex); -  return 0;  #else -  pthread_mutex_unlock((pthread_mutex_t*)mutex); -  return 0; +  if (mutex != 0) { +    rv = pthread_mutex_unlock((pthread_mutex_t *)mutex); +  }  #endif +  return rv;  }  /*****************************************************************************/ @@ -152,9 +159,9 @@ tc_sem_create(int init_count)    sem = CreateSemaphore(0, init_count, init_count + 10, 0);    return (tbus)sem;  #else -  sem_t* sem; +  sem_t * sem = (sem_t *)NULL; -  sem = g_malloc(sizeof(sem_t), 0); +  sem = (sem_t *)g_malloc(sizeof(sem_t), 0);    sem_init(sem, 0, init_count);    return (tbus)sem;  #endif diff --git a/common/trans.c b/common/trans.c index 37e3f211..377b90ba 100644 --- a/common/trans.c +++ b/common/trans.c @@ -32,14 +32,16 @@  struct trans* APP_CC  trans_create(int mode, int in_size, int out_size)  { -  struct trans* self; +  struct trans* self = (struct trans *)NULL;    self = (struct trans*)g_malloc(sizeof(struct trans), 1); -  make_stream(self->in_s); -  init_stream(self->in_s, in_size); -  make_stream(self->out_s); -  init_stream(self->out_s, out_size); -  self->mode = mode; +  if (self != NULL) { +    make_stream(self->in_s); +    init_stream(self->in_s, in_size); +    make_stream(self->out_s); +    init_stream(self->out_s, out_size); +    self->mode = mode; +  }    return self;  } @@ -53,7 +55,10 @@ trans_delete(struct trans* self)    }    free_stream(self->in_s);    free_stream(self->out_s); -  g_tcp_close(self->sck); +  if (self->sck > 0) { +    g_tcp_close(self->sck); +  } +  self->sck = 0;    if (self->listen_filename != 0)    {      g_file_delete(self->listen_filename); @@ -83,12 +88,12 @@ trans_get_wait_objs(struct trans* self, tbus* objs, int* count, int* timeout)  int APP_CC  trans_check_wait_objs(struct trans* self)  { -  tbus in_sck; -  struct trans* in_trans; -  int read_bytes; -  int to_read; -  int read_so_far; -  int rv; +  tbus in_sck = (tbus)0; +  struct trans* in_trans = (struct trans *)NULL; +  int read_bytes = 0; +  int to_read = 0; +  int read_so_far = 0; +  int rv = 0;    if (self == 0)    { @@ -391,13 +396,27 @@ trans_listen(struct trans* self, char* port)  struct stream* APP_CC  trans_get_in_s(struct trans* self)  { -  return self->in_s; +  struct stream * rv = (struct stream *)NULL; +  if (self == NULL) { +    rv = (struct stream *)NULL; +  } +  else { +    rv = self->in_s; +  } +  return rv;  }  /*****************************************************************************/  struct stream* APP_CC  trans_get_out_s(struct trans* self, int size)  { -  init_stream(self->out_s, size); -  return self->out_s; +  struct stream * rv = (struct stream *)NULL; +  if (self == NULL) { +    rv = (struct stream *)NULL; +  } +  else { +    init_stream(self->out_s, size); +    rv = self->out_s; +  } +  return rv;  } @@ -7,7 +7,7 @@ one could be running a custom app made for xrdp  one could be running a X11 session  clients control the screen size and color depth -all controlled by a cofiguaration file. +all controlled by a configuration file.  you can create a lib or use a lib with your executable that talks  to xrdp server. diff --git a/libxrdp/libxrdp.c b/libxrdp/libxrdp.c index 0d7a86b1..05e67eb7 100644 --- a/libxrdp/libxrdp.c +++ b/libxrdp/libxrdp.c @@ -133,9 +133,9 @@ libxrdp_process_data(struct xrdp_session* session)  int EXPORT_CC  libxrdp_send_palette(struct xrdp_session* session, int* palette)  { -  int i; -  int color; -  struct stream* s; +  int i = 0; +  int color = 0; +  struct stream* s = (struct stream *)NULL;    if (session->client_info->bpp > 8)    { @@ -203,21 +203,21 @@ int EXPORT_CC  libxrdp_send_bitmap(struct xrdp_session* session, int width, int height,                      int bpp, char* data, int x, int y, int cx, int cy)  { -  int line_size; -  int i; -  int j; -  int total_lines; -  int lines_sending; -  int Bpp; -  int e; -  int bufsize; -  int total_bufsize; -  int num_updates; -  char* p_num_updates; -  char* p; -  char* q; -  struct stream* s; -  struct stream* temp_s; +  int line_size = 0; +  int i = 0; +  int j = 0; +  int total_lines = 0; +  int lines_sending = 0; +  int Bpp = 0; +  int e = 0; +  int bufsize = 0; +  int total_bufsize = 0; +  int num_updates = 0; +  char* p_num_updates = (char *)NULL; +  char* p = (char *)NULL; +  char* q = (char *)NULL; +  struct stream* s = (struct stream *)NULL; +  struct stream* temp_s = (struct stream *)NULL;    DEBUG(("libxrdp_send_bitmap sending bitmap"));    Bpp = (bpp + 7) / 8; @@ -651,10 +651,10 @@ int EXPORT_CC  libxrdp_query_channel(struct xrdp_session* session, int index,                        char* channel_name, int* channel_flags)  { -  int count; -  struct xrdp_rdp* rdp; -  struct xrdp_mcs* mcs; -  struct mcs_channel_item* channel_item; +  int count = 0; +  struct xrdp_rdp* rdp = (struct xrdp_rdp *)NULL; +  struct xrdp_mcs* mcs = (struct xrdp_mcs *)NULL; +  struct mcs_channel_item* channel_item = (struct mcs_channel_item *)NULL;    rdp = (struct xrdp_rdp*)session->rdp;    mcs = rdp->sec_layer->mcs_layer; @@ -687,11 +687,11 @@ libxrdp_query_channel(struct xrdp_session* session, int index,  int EXPORT_CC  libxrdp_get_channel_id(struct xrdp_session* session, char* name)  { -  int index; -  int count; -  struct xrdp_rdp* rdp; -  struct xrdp_mcs* mcs; -  struct mcs_channel_item* channel_item; +  int index = 0; +  int count = 0; +  struct xrdp_rdp* rdp = NULL; +  struct xrdp_mcs* mcs = NULL; +  struct mcs_channel_item* channel_item = NULL;    rdp = (struct xrdp_rdp*)session->rdp;    mcs = rdp->sec_layer->mcs_layer; @@ -717,10 +717,10 @@ libxrdp_send_to_channel(struct xrdp_session* session, int channel_id,                          char* data, int data_len,                          int total_data_len, int flags)  { -  struct xrdp_rdp* rdp; -  struct xrdp_sec* sec; -  struct xrdp_channel* chan; -  struct stream* s; +  struct xrdp_rdp* rdp = NULL; +  struct xrdp_sec* sec = NULL; +  struct xrdp_channel* chan = NULL; +  struct stream* s = NULL;    rdp = (struct xrdp_rdp*)session->rdp;    sec = rdp->sec_layer; diff --git a/libxrdp/libxrdpinc.h b/libxrdp/libxrdpinc.h index 258fbb83..a8ee6640 100644 --- a/libxrdp/libxrdpinc.h +++ b/libxrdp/libxrdpinc.h @@ -20,7 +20,7 @@  */ -#if !defined(LIBXRDPINC_H) +#ifndef LIBXRDPINC_H  #define LIBXRDPINC_H  struct xrdp_client_info diff --git a/libxrdp/xrdp_bitmap_compress.c b/libxrdp/xrdp_bitmap_compress.c index ccf128f7..fcaab1f7 100644 --- a/libxrdp/xrdp_bitmap_compress.c +++ b/libxrdp/xrdp_bitmap_compress.c @@ -950,7 +950,7 @@ xrdp_bitmap_compress(char* in_data, int width, int height,    }    else if ((bpp == 15) || (bpp == 16))    { -    mix = 0xffff; +    mix = (bpp == 15) ? 0xba1f : 0xffff;      out_count = end * 2;      line = in_data + width * start_line * 2;      while (start_line >= 0 && out_count < 32768) diff --git a/libxrdp/xrdp_channel.c b/libxrdp/xrdp_channel.c index 15320ebd..00497c35 100644 --- a/libxrdp/xrdp_channel.c +++ b/libxrdp/xrdp_channel.c @@ -170,6 +170,7 @@ xrdp_channel_process(struct xrdp_channel* self, struct stream* s,      g_writeln("xrdp_channel_process, channel not found");      return 1;    } +  rv = 0;    in_uint32_le(s, length);    in_uint32_le(s, flags);    rv = xrdp_channel_call_callback(self, s, channel_id, length, flags); diff --git a/libxrdp/xrdp_orders.c b/libxrdp/xrdp_orders.c index b12fa27d..ff2ed3d0 100644 --- a/libxrdp/xrdp_orders.c +++ b/libxrdp/xrdp_orders.c @@ -127,6 +127,10 @@ xrdp_orders_send(struct xrdp_orders* self)  int APP_CC  xrdp_orders_force_send(struct xrdp_orders* self)  { +  if (self == 0) +  { +    return 1; +  }    if ((self->order_level > 0) && (self->order_count > 0))    {      s_mark_end(self->out_s); @@ -336,10 +340,10 @@ xrdp_order_pack_small_or_tiny(struct xrdp_orders* self,                                char* present_ptr, int present,                                int present_size)  { -  int move_up_count; -  int index; -  int size; -  int keep_looking; +  int move_up_count = 0; +  int index = 0; +  int size = 0; +  int keep_looking = 1;    move_up_count = 0;    keep_looking = 1; @@ -527,11 +531,11 @@ xrdp_orders_screen_blt(struct xrdp_orders* self, int x, int y,                         int cx, int cy, int srcx, int srcy,                         int rop, struct xrdp_rect* rect)  { -  int order_flags; -  int vals[12]; -  int present; -  char* present_ptr; -  char* order_flags_ptr; +  int order_flags = 0; +  int vals[12] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +  int present = 0; +  char* present_ptr = (char *)NULL; +  char* order_flags_ptr = (char *)NULL;    xrdp_orders_check(self, 25);    self->order_count++; @@ -996,13 +1000,15 @@ xrdp_orders_line(struct xrdp_orders* self, int mix_mode,                   struct xrdp_pen* pen,                   struct xrdp_rect* rect)  { -  int order_flags; -  int vals[8]; -  int present; -  char* present_ptr; -  char* order_flags_ptr; +  int order_flags = 0; +  int vals[8] = {0, 0, 0, 0, 0, 0, 0, 0}; +  int present = 0; +  char* present_ptr = (char *)NULL; +  char* order_flags_ptr = (char *)NULL;    struct xrdp_pen blank_pen; +  g_memset(&blank_pen,0,sizeof(struct xrdp_pen)); +    /* if mix mode or rop are out of range, mstsc build 6000+ will parse the orders       wrong */    if ((mix_mode < 1) || (mix_mode > 2)) /* TRANSPARENT(1) or OPAQUE(2) */ @@ -1176,11 +1182,11 @@ xrdp_orders_mem_blt(struct xrdp_orders* self, int cache_id,                      int rop, int srcx, int srcy,                      int cache_idx, struct xrdp_rect* rect)  { -  int order_flags; -  int vals[12]; -  int present; -  char* present_ptr; -  char* order_flags_ptr; +  int order_flags = 0; +  int vals[12] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +  int present = 0; +  char* present_ptr = (char *)NULL; +  char* order_flags_ptr = (char *)NULL;    xrdp_orders_check(self, 30);    self->order_count++; @@ -1352,10 +1358,10 @@ xrdp_orders_text(struct xrdp_orders* self,                   int x, int y, char* data, int data_len,                   struct xrdp_rect* rect)  { -  int order_flags; -  int present; -  char* present_ptr; -  char* order_flags_ptr; +  int order_flags = 0; +  int present = 0; +  char* present_ptr = (char *)NULL; +  char* order_flags_ptr = (char *)NULL;    xrdp_orders_check(self, 100);    self->order_count++; @@ -1546,14 +1552,14 @@ xrdp_orders_send_raw_bitmap(struct xrdp_orders* self,                              int width, int height, int bpp, char* data,                              int cache_id, int cache_idx)  { -  int order_flags; -  int len; -  int bufsize; -  int Bpp; -  int i; -  int j; -  int pixel; -  int e; +  int order_flags = 0; +  int len = 0; +  int bufsize = 0; +  int Bpp = 0; +  int i = 0; +  int j = 0; +  int pixel = 0; +  int e = 0;    if (width > 64)    { @@ -1626,16 +1632,16 @@ xrdp_orders_send_bitmap(struct xrdp_orders* self,                          int width, int height, int bpp, char* data,                          int cache_id, int cache_idx)  { -  int order_flags; -  int len; -  int bufsize; -  int Bpp; -  int i; -  int lines_sending; -  int e; -  struct stream* s; -  struct stream* temp_s; -  char* p; +  int order_flags = 0; +  int len = 0; +  int bufsize = 0; +  int Bpp = 0; +  int i = 0; +  int lines_sending = 0; +  int e = 0; +  struct stream* s = NULL; +  struct stream* temp_s = NULL; +  char* p = NULL;    if (width > 64)    { @@ -1717,9 +1723,9 @@ xrdp_orders_send_font(struct xrdp_orders* self,                        struct xrdp_font_char* font_char,                        int font_index, int char_index)  { -  int order_flags; -  int datasize; -  int len; +  int order_flags = 0; +  int datasize = 0; +  int len = 0;    datasize = FONT_DATASIZE(font_char);    xrdp_orders_check(self, datasize + 18); @@ -1749,14 +1755,14 @@ xrdp_orders_send_raw_bitmap2(struct xrdp_orders* self,                               int width, int height, int bpp, char* data,                               int cache_id, int cache_idx)  { -  int order_flags; -  int len; -  int bufsize; -  int Bpp; -  int i; -  int j; -  int pixel; -  int e; +  int order_flags = 0; +  int len = 0; +  int bufsize = 0; +  int Bpp = 0; +  int i = 0; +  int j = 0; +  int pixel = 0; +  int e = 0;    if (width > 64)    { @@ -1830,16 +1836,16 @@ xrdp_orders_send_bitmap2(struct xrdp_orders* self,                           int width, int height, int bpp, char* data,                           int cache_id, int cache_idx)  { -  int order_flags; -  int len; -  int bufsize; -  int Bpp; -  int i; -  int lines_sending; -  int e; -  struct stream* s; -  struct stream* temp_s; -  char* p; +  int order_flags = 0; +  int len = 0; +  int bufsize = 0; +  int Bpp = 0; +  int i = 0; +  int lines_sending = 0; +  int e = 0; +  struct stream* s = NULL; +  struct stream* temp_s = NULL; +  char* p = NULL;    if (width > 64)    { @@ -1904,8 +1910,8 @@ int APP_CC  xrdp_orders_send_brush(struct xrdp_orders* self, int width, int height,                         int bpp, int type, int size, char* data, int cache_id)  { -  int order_flags; -  int len; +  int order_flags = 0; +  int len = 0;    xrdp_orders_check(self, size + 12);    self->order_count++; diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c index 63019b0d..686e567c 100644 --- a/libxrdp/xrdp_rdp.c +++ b/libxrdp/xrdp_rdp.c @@ -57,13 +57,16 @@ static tui8 g_unknown2[8] =  static int APP_CC  xrdp_rdp_read_config(struct xrdp_client_info* client_info)  { -  int index; -  struct list* items; -  struct list* values; -  char* item; -  char* value; +  int index = 0; +  struct list* items = (struct list *)NULL; +  struct list* values = (struct list *)NULL; +  char* item = (char *)NULL; +  char* value = (char *)NULL;    char cfg_file[256]; +  /* initialize (zero out) local variables: */ +  g_memset(cfg_file,0,sizeof(char) * 256); +    items = list_create();    items->auto_free = 1;    values = list_create(); @@ -124,7 +127,7 @@ xrdp_rdp_read_config(struct xrdp_client_info* client_info)  struct xrdp_rdp* APP_CC  xrdp_rdp_create(struct xrdp_session* session, struct trans* trans)  { -  struct xrdp_rdp* self; +  struct xrdp_rdp* self = (struct xrdp_rdp *)NULL;    DEBUG(("in xrdp_rdp_create"));    self = (struct xrdp_rdp*)g_malloc(sizeof(struct xrdp_rdp), 1); @@ -187,10 +190,10 @@ xrdp_rdp_init_data(struct xrdp_rdp* self, struct stream* s)  int APP_CC  xrdp_rdp_recv(struct xrdp_rdp* self, struct stream* s, int* code)  { -  int error; -  int len; -  int pdu_code; -  int chan; +  int error = 0; +  int len = 0; +  int pdu_code = 0; +  int chan = 0;    DEBUG(("in xrdp_rdp_recv"));    if (s->next_packet == 0 || s->next_packet >= s->end) @@ -248,7 +251,7 @@ xrdp_rdp_recv(struct xrdp_rdp* self, struct stream* s, int* code)  int APP_CC  xrdp_rdp_send(struct xrdp_rdp* self, struct stream* s, int pdu_type)  { -  int len; +  int len = 0;    DEBUG(("in xrdp_rdp_send"));    s_pop_layer(s, rdp_hdr); @@ -270,7 +273,7 @@ int APP_CC  xrdp_rdp_send_data(struct xrdp_rdp* self, struct stream* s,                     int data_pdu_type)  { -  int len; +  int len = 0;    DEBUG(("in xrdp_rdp_send_data"));    s_pop_layer(s, rdp_hdr); @@ -298,7 +301,7 @@ xrdp_rdp_send_data(struct xrdp_rdp* self, struct stream* s,  int APP_CC  xrdp_rdp_send_data_update_sync(struct xrdp_rdp* self)  { -  struct stream* s; +  struct stream * s = (struct stream *)NULL;    make_stream(s);    init_stream(s, 8192); @@ -327,8 +330,8 @@ xrdp_rdp_send_data_update_sync(struct xrdp_rdp* self)  static int APP_CC  xrdp_rdp_parse_client_mcs_data(struct xrdp_rdp* self)  { -  struct stream* p; -  int i; +  struct stream* p = (struct stream *)NULL; +  int i = 0;    p = &(self->sec_layer->client_mcs_data);    p->p = p->data; @@ -428,7 +431,8 @@ xrdp_rdp_send_demand_active(struct xrdp_rdp* self)    out_uint16_le(s, 0x200); /* Protocol version */    out_uint16_le(s, 0); /* pad */    out_uint16_le(s, 0); /* Compression types */ -  out_uint16_le(s, 0); /* pad use 0x40d for rdp packets, 0 for not */ +  //out_uint16_le(s, 0); /* pad use 0x40d for rdp packets, 0 for not */ +  out_uint16_le(s, 0x40d); /* pad use 0x40d for rdp packets, 0 for not */    out_uint16_le(s, 0); /* Update capability */    out_uint16_le(s, 0); /* Remote unshare capability */    out_uint16_le(s, 0); /* Compression level */ @@ -487,10 +491,10 @@ xrdp_rdp_send_demand_active(struct xrdp_rdp* self)    out_uint8(s, 0); /* multi dest blt */    out_uint8(s, 0); /* multi pat blt */    out_uint8(s, 0); /* multi screen blt */ -  out_uint8(s, 0); /* multi rect */ +  out_uint8(s, 1); /* multi rect */    out_uint8(s, 0); /* fast index */ -  out_uint8(s, 0); /* polygon */ -  out_uint8(s, 0); /* polygon */ +  out_uint8(s, 0); /* polygonSC ([MS-RDPEGDI], 2.2.2.2.1.1.2.16) */ +  out_uint8(s, 0); /* polygonCB ([MS-RDPEGDI], 2.2.2.2.1.1.2.17) */    out_uint8(s, 0); /* polyline */    out_uint8(s, 0); /* unused */    out_uint8(s, 0); /* fast glyph */ @@ -644,8 +648,8 @@ static int APP_CC  xrdp_process_capset_bmpcache2(struct xrdp_rdp* self, struct stream* s,                                int len)  { -  int Bpp; -  int i; +  int Bpp = 0; +  int i = 0;    self->client_info.bitmap_cache_version = 2;    Bpp = (self->client_info.bpp + 7) / 8; diff --git a/libxrdp/xrdp_sec.c b/libxrdp/xrdp_sec.c index 99067ba7..983be09f 100644 --- a/libxrdp/xrdp_sec.c +++ b/libxrdp/xrdp_sec.c @@ -303,17 +303,19 @@ unicode_in(struct stream* s, int uni_len, char* dst, int dst_len)  static int APP_CC  xrdp_sec_process_logon_info(struct xrdp_sec* self, struct stream* s)  { -  int flags; -  int len_domain; -  int len_user; -  int len_password; -  int len_program; -  int len_directory; -  int len_ip; -  int len_dll; -  int tzone; +  int flags = 0; +  int len_domain = 0; +  int len_user = 0; +  int len_password = 0; +  int len_program = 0; +  int len_directory = 0; +  int len_ip = 0; +  int len_dll = 0; +  int tzone = 0;    char tmpdata[256]; +  /* initialize (zero out) local variables */ +  g_memset(tmpdata,0,sizeof(char)*256);    in_uint8s(s, 4);    in_uint32_le(s, flags);    DEBUG(("in xrdp_sec_process_logon_info flags $%x", flags)); @@ -340,12 +342,30 @@ xrdp_sec_process_logon_info(struct xrdp_sec* self, struct stream* s)      DEBUG(("flag RDP_COMPRESSION found"));    }    in_uint16_le(s, len_domain); +  if (len_domain > 511) { +    DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_domain > 511")); +    return 1; +  }    in_uint16_le(s, len_user); +  if (len_user > 511) { +    DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_user > 511")); +    return 1; +  }    in_uint16_le(s, len_password); +  if (len_password > 511) { +    DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_password > 511")); +    return 1; +  }    in_uint16_le(s, len_program); +  if (len_program > 511) { +    DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_program > 511")); +    return 1; +  }    in_uint16_le(s, len_directory); -  /* todo, we should error out in any of the above lengths are > 512 */ -  /* to avoid buffer overruns */ +  if (len_directory > 511) { +    DEBUG(("ERROR [xrdp_sec_process_logon_info()]: len_directory > 511")); +    return 1; +  }    unicode_in(s, len_domain, self->rdp_layer->client_info.domain, 255);    DEBUG(("domain %s", self->rdp_layer->client_info.domain));    unicode_in(s, len_user, self->rdp_layer->client_info.username, 255); @@ -386,7 +406,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec* self, struct stream* s)  static int APP_CC  xrdp_sec_send_lic_initial(struct xrdp_sec* self)  { -  struct stream* s; +  struct stream* s = (struct stream *)NULL;    make_stream(s);    init_stream(s, 8192); @@ -725,10 +745,10 @@ xrdp_sec_process_mcs_data_channels(struct xrdp_sec* self, struct stream* s)  int APP_CC  xrdp_sec_process_mcs_data(struct xrdp_sec* self)  { -  struct stream* s; -  char* hold_p; -  int tag; -  int size; +  struct stream* s = (struct stream *)NULL; +  char* hold_p = (char *)NULL; +  int tag = 0; +  int size = 0;    s = &self->client_mcs_data;    /* set p to beginning */ @@ -861,13 +881,13 @@ xrdp_sec_out_mcs_data(struct xrdp_sec* self)  static void APP_CC  xrdp_sec_in_mcs_data(struct xrdp_sec* self)  { -  struct stream* s; -  struct xrdp_client_info* client_info; -  int index; -  char c; +  struct stream* s = (struct stream *)NULL; +  struct xrdp_client_info* client_info = (struct xrdp_client_info *)NULL; +  int index = 0; +  char c = 0; -  client_info = &self->rdp_layer->client_info; -  s = &self->client_mcs_data; +  client_info = &(self->rdp_layer->client_info); +  s = &(self->client_mcs_data);    /* get hostname, its unicode */    s->p = s->data;    in_uint8s(s, 47); @@ -896,13 +916,15 @@ xrdp_sec_in_mcs_data(struct xrdp_sec* self)  int APP_CC  xrdp_sec_incoming(struct xrdp_sec* self)  { -  struct list* items; -  struct list* values; -  int index; -  char* item; -  char* value; +  struct list* items = NULL; +  struct list* values = NULL; +  int index = 0; +  char* item = NULL; +  char* value = NULL;    char key_file[256]; +  g_memset(key_file,0,sizeof(char)*256); +    DEBUG((" in xrdp_sec_incoming"));    g_random(self->server_random, 32);    items = list_create(); diff --git a/libxrdp/xrdp_tcp.c b/libxrdp/xrdp_tcp.c index 86a79ea7..e4755ad6 100644 --- a/libxrdp/xrdp_tcp.c +++ b/libxrdp/xrdp_tcp.c @@ -74,6 +74,8 @@ xrdp_tcp_recv(struct xrdp_tcp* self, struct stream* s, int len)  int APP_CC  xrdp_tcp_send(struct xrdp_tcp* self, struct stream* s)  { +  int len; +  len = s->end - s->data;    DEBUG(("    in xrdp_tcp_send, gota send %d bytes", len));    if (trans_force_write_s(self->trans, s) != 0)    { diff --git a/rdp/rdp_orders.c b/rdp/rdp_orders.c index 50d20e96..c0da6c35 100644 --- a/rdp/rdp_orders.c +++ b/rdp/rdp_orders.c @@ -22,11 +22,15 @@  #include "rdp.h" +#ifndef NULL +#define NULL 0 +#endif +  /*****************************************************************************/  struct rdp_orders* APP_CC  rdp_orders_create(struct rdp_rdp* owner)  { -  struct rdp_orders* self; +  struct rdp_orders* self = (struct rdp_orders *)NULL;    self = (struct rdp_orders*)g_malloc(sizeof(struct rdp_orders), 1);    self->rdp_layer = owner; @@ -37,8 +41,8 @@ rdp_orders_create(struct rdp_rdp* owner)  void APP_CC  rdp_orders_delete(struct rdp_orders* self)  { -  int i; -  int j; +  int i = 0; +  int j = 0;    if (self == 0)    { @@ -77,8 +81,8 @@ static void APP_CC  rdp_orders_in_present(struct stream* s, int* present,                        int flags, int size)  { -  int bits; -  int i; +  int bits = 0; +  int i = 0;    if (flags & RDP_ORDER_SMALL)    { @@ -108,7 +112,7 @@ rdp_orders_in_present(struct stream* s, int* present,  static void APP_CC  rdp_orders_in_coord(struct stream* s, int* coord, int delta)  { -  int change; +  int change = 0;    if (delta)    { @@ -126,7 +130,7 @@ rdp_orders_in_coord(struct stream* s, int* coord, int delta)  static void APP_CC  rdp_orders_parse_bounds(struct rdp_orders* self, struct stream* s)  { -  int present; +  int present = 0;    in_uint8(s, present);    if (present & 1) @@ -169,10 +173,10 @@ static void APP_CC  rdp_orders_process_colcache(struct rdp_orders* self, struct stream* s,                              int flags)  { -  struct rdp_colormap* colormap; -  struct stream* rec_s; -  int cache_id; -  int i; +  struct rdp_colormap* colormap = (struct rdp_colormap *)NULL; +  struct stream* rec_s = (struct stream *)NULL; +  int cache_id = 0; +  int i = 0;    colormap = (struct rdp_colormap*)g_malloc(sizeof(struct rdp_colormap), 1);    in_uint8(s, cache_id); @@ -206,19 +210,19 @@ static void APP_CC  rdp_orders_process_raw_bmpcache(struct rdp_orders* self, struct stream* s,                                  int flags)  { -  int cache_idx; -  int bufsize; -  int cache_id; -  int width; -  int height; -  int bpp; -  int Bpp; -  int x; -  int y; -  char* inverted; -  char* dst; -  struct rdp_bitmap* bitmap; -  struct stream* rec_s; +  int cache_idx = 0; +  int bufsize = 0; +  int cache_id = 0; +  int width = 0; +  int height = 0; +  int bpp = 0; +  int Bpp = 0; +  int x = 0; +  int y = 0; +  char* inverted = (char *)NULL; +  char* dst = (char *)NULL; +  struct rdp_bitmap* bitmap = (struct rdp_bitmap *)NULL; +  struct stream* rec_s = (struct stream *)NULL;    in_uint8(s, cache_id);    in_uint8s(s, 1); @@ -292,22 +296,22 @@ static void APP_CC  rdp_orders_process_bmpcache(struct rdp_orders* self, struct stream* s,                              int flags)  { -  char* data; -  char* bmpdata; -  int cache_idx; -  int size; -  int cache_id; -  int width; -  int height; -  int bpp; -  int Bpp; -  int bufsize; -  int pad1; -  int pad2; -  int row_size; -  int final_size; -  struct rdp_bitmap* bitmap; -  struct stream* rec_s; +  char* data = (char *)NULL; +  char* bmpdata = (char *)NULL; +  int cache_idx = 0; +  int size = 0; +  int cache_id = 0; +  int width = 0; +  int height = 0; +  int bpp = 0; +  int Bpp = 0; +  int bufsize = 0; +  int pad1 = 0; +  int pad2 = 0; +  int row_size = 0; +  int final_size = 0; +  struct rdp_bitmap* bitmap = (struct rdp_bitmap *)NULL; +  struct stream* rec_s = (struct stream *)NULL;    in_uint8(s, cache_id);    in_uint8(s, pad1); @@ -373,17 +377,17 @@ static void APP_CC  rdp_orders_process_fontcache(struct rdp_orders* self, struct stream* s,                               int flags)  { -  struct stream* rec_s; -  int font; -  int nglyphs; -  int character; -  int offset; -  int baseline; -  int width; -  int height; -  int i; -  int datasize; -  char* data; +  struct stream* rec_s = (struct stream *)NULL; +  int font = 0; +  int nglyphs = 0; +  int character = 0; +  int offset = 0; +  int baseline = 0; +  int width = 0; +  int height = 0; +  int i = 0; +  int datasize = 0; +  char* data = (char *)NULL;    in_uint8(s, font);    in_uint8(s, nglyphs); @@ -425,10 +429,10 @@ rdp_orders_process_fontcache(struct rdp_orders* self, struct stream* s,  static int APP_CC  rdp_orders_process_secondary_order(struct rdp_orders* self, struct stream* s)  { -  short length; -  int flags; -  int type; -  char* next_order; +  short length = 0; +  int flags = 0; +  int type = 0; +  char* next_order = (char *)NULL;    in_uint16_le(s, length);    in_uint16_le(s, flags); @@ -461,7 +465,7 @@ rdp_orders_process_secondary_order(struct rdp_orders* self, struct stream* s)  static void APP_CC  rdp_orders_in_color(struct stream* s, int* color)  { -  int i; +  int i = 0;    in_uint8(s, i);    *color = i; @@ -523,9 +527,9 @@ static void APP_CC  rdp_orders_process_text2(struct rdp_orders* self, struct stream* s,                           int present, int delta)  { -  int fgcolor; -  int bgcolor; -  struct stream* rec_s; +  int fgcolor = 0; +  int bgcolor = 0; +  struct stream* rec_s = (struct stream *)NULL;    if (present & 0x000001)    { @@ -662,7 +666,7 @@ static void APP_CC  rdp_orders_process_destblt(struct rdp_orders* self, struct stream* s,                             int present, int delta)  { -  struct stream* rec_s; +  struct stream* rec_s = (struct stream *)NULL;    if (present & 0x01)    { @@ -715,9 +719,9 @@ static void APP_CC  rdp_orders_process_patblt(struct rdp_orders* self, struct stream* s,                            int present, int delta)  { -  int fgcolor; -  int bgcolor; -  struct stream* rec_s; +  int fgcolor = 0; +  int bgcolor = 0; +  struct stream* rec_s = (struct stream *)NULL;    if (present & 0x0001)    { @@ -867,9 +871,9 @@ static void APP_CC  rdp_orders_process_line(struct rdp_orders* self, struct stream* s,                          int present, int delta)  { -  int bgcolor; -  int fgcolor; -  struct stream* rec_s; +  int bgcolor = 0; +  int fgcolor = 0; +  struct stream* rec_s = (struct stream *)NULL;    if (present & 0x0001)    { @@ -949,9 +953,9 @@ static void APP_CC  rdp_orders_process_rect(struct rdp_orders* self, struct stream* s,                          int present, int delta)  { -  int i; -  int fgcolor; -  struct stream* rec_s; +  int i = 0; +  int fgcolor = 0; +  struct stream* rec_s = (struct stream *)NULL;    if (present & 0x01)    { @@ -1017,8 +1021,8 @@ static void APP_CC  rdp_orders_process_desksave(struct rdp_orders* self, struct stream* s,                              int present, int delta)  { -  int width; -  int height; +  int width = 0; +  int height = 0;    if (present & 0x01)    { @@ -1062,9 +1066,9 @@ static void APP_CC  rdp_orders_process_memblt(struct rdp_orders* self, struct stream* s,                            int present, int delta)  { -  struct rdp_bitmap* bitmap; -  struct stream* rec_s; -  char* bmpdata; +  struct rdp_bitmap* bitmap = (struct rdp_bitmap *)NULL; +  struct stream* rec_s = (struct stream *)NULL; +  char* bmpdata = (char *)NULL;    if (present & 0x0001)    { @@ -1200,11 +1204,11 @@ int APP_CC  rdp_orders_process_orders(struct rdp_orders* self, struct stream* s,                            int num_orders)  { -  int processed; -  int order_flags; -  int size; -  int present; -  int delta; +  int processed = 0; +  int order_flags = 0; +  int size = 0; +  int present = 0; +  int delta = 0;    processed = 0;    while (processed < num_orders) @@ -1308,15 +1312,15 @@ char* APP_CC  rdp_orders_convert_bitmap(int in_bpp, int out_bpp, char* bmpdata,                            int width, int height, int* palette)  { -  char* out; -  char* src; -  char* dst; -  int i; -  int j; -  int red; -  int green; -  int blue; -  int pixel; +  char* out = (char *)NULL; +  char* src = (char *)NULL; +  char* dst = (char *)NULL; +  int i = 0; +  int j = 0; +  int red = 0; +  int green = 0; +  int blue = 0; +  int pixel = 0;    if ((in_bpp == 8) && (out_bpp == 8))    { @@ -1372,7 +1376,7 @@ rdp_orders_convert_bitmap(int in_bpp, int out_bpp, char* bmpdata,          SPLITCOLOR32(red, green, blue, pixel);          pixel = COLOR24RGB(red, green, blue);          *((tui32*)dst) = pixel; -        src++;; +        src++;          dst += 4;        }      } @@ -1469,10 +1473,10 @@ rdp_orders_convert_bitmap(int in_bpp, int out_bpp, char* bmpdata,  int APP_CC  rdp_orders_convert_color(int in_bpp, int out_bpp, int in_color, int* palette)  { -  int pixel; -  int red; -  int green; -  int blue; +  int pixel = 0; +  int red = 0; +  int green = 0; +  int blue = 0;    if ((in_bpp == 8) && (out_bpp == 8))    { diff --git a/rdp/rdp_rdp.c b/rdp/rdp_rdp.c index e3bd45bc..b3c6d42a 100644 --- a/rdp/rdp_rdp.c +++ b/rdp/rdp_rdp.c @@ -22,6 +22,10 @@  #include "rdp.h" +#ifndef NULL +#define NULL 0 +#endif +  /*****************************************************************************/  struct rdp_rdp* APP_CC  rdp_rdp_create(struct mod* owner) @@ -222,7 +226,7 @@ rdp_rdp_out_order_caps(struct rdp_rdp* self, struct stream* s)  static int APP_CC  rdp_rdp_out_bmpcache_caps(struct rdp_rdp* self, struct stream* s)  { -  int Bpp; +  int Bpp = 0;    out_uint16_le(s, RDP_CAPSET_BMPCACHE);    out_uint16_le(s, RDP_CAPLEN_BMPCACHE); @@ -508,26 +512,26 @@ rdp_rdp_process_pointer_pdu(struct rdp_rdp* self, struct stream* s)  static void APP_CC  rdp_rdp_process_bitmap_updates(struct rdp_rdp* self, struct stream* s)  { -  int num_updates; -  int left; -  int top; -  int right; -  int bottom; -  int width; -  int height; -  int cx; -  int cy; -  int bpp; -  int Bpp; -  int compress; -  int bufsize; -  int size; -  int i; -  int x; -  int y; -  char* data; -  char* bmpdata0; -  char* bmpdata1; +  int num_updates = 0; +  int left = 0; +  int top = 0; +  int right = 0; +  int bottom = 0; +  int width = 0; +  int height = 0; +  int cx = 0; +  int cy = 0; +  int bpp = 0; +  int Bpp = 0; +  int compress = 0; +  int bufsize = 0; +  int size = 0; +  int i = 0; +  int x = 0; +  int y = 0; +  char* data = NULL; +  char* bmpdata0 = NULL; +  char* bmpdata1 = NULL;    in_uint16_le(s, num_updates);    for (i = 0; i < num_updates; i++) @@ -915,9 +919,9 @@ rdp_rdp_process_general_caps(struct rdp_rdp* self, struct stream* s)  static void APP_CC  rdp_rdp_process_bitmap_caps(struct rdp_rdp* self, struct stream* s)  { -  int width; -  int height; -  int bpp; +  int width = 0; +  int height = 0; +  int bpp = 0;    in_uint16_le(s, bpp);    in_uint8s(s, 6); @@ -933,12 +937,12 @@ rdp_rdp_process_bitmap_caps(struct rdp_rdp* self, struct stream* s)  static int APP_CC  rdp_rdp_process_server_caps(struct rdp_rdp* self, struct stream* s, int len)  { -  int n; -  int ncapsets; -  int capset_type; -  int capset_length; -  char* next; -  char* start; +  int n = 0; +  int ncapsets = 0; +  int capset_type = 0; +  int capset_length = 0; +  char* next = NULL; +  char* start = NULL;    start = s->p;    in_uint16_le(s, ncapsets); @@ -1035,9 +1039,9 @@ rdp_rdp_send_fonts(struct rdp_rdp* self, struct stream* s, int seq)  int APP_CC  rdp_rdp_process_demand_active(struct rdp_rdp* self, struct stream* s)  { -  int type; -  int len_src_descriptor; -  int len_combined_caps; +  int type = 0; +  int len_src_descriptor = 0; +  int len_combined_caps = 0;    in_uint32_le(s, self->share_id);    in_uint16_le(s, len_src_descriptor); @@ -1064,9 +1068,11 @@ int APP_CC  rdp_rec_check_file(struct rdp_rdp* self)  {    char file_name[256]; -  int index; -  int len; -  struct stream* s; +  int index = 0; +  int len = 0; +  struct stream* s = (struct stream *)NULL; + +  g_memset(file_name,0,sizeof(char) * 256);    if (self->rec_fd == 0)    { @@ -1098,8 +1104,8 @@ rdp_rec_check_file(struct rdp_rdp* self)  int APP_CC  rdp_rec_write_item(struct rdp_rdp* self, struct stream* s)  { -  int len; -  int time; +  int len = 0; +  int time = 0;    if (self->rec_fd == 0)    { diff --git a/sesman/chansrv/chansrv.c b/sesman/chansrv/chansrv.c index 91a8c3a5..6e80f383 100644 --- a/sesman/chansrv/chansrv.c +++ b/sesman/chansrv/chansrv.c @@ -53,11 +53,11 @@ int g_rdpdr_chan_id = -1; /* rdpdr */  int APP_CC  send_channel_data(int chan_id, char* data, int size)  { -  struct stream* s; -  int chan_flags; -  int total_size; -  int sent; -  int rv; +  struct stream * s = (struct stream *)NULL; +  int chan_flags = 0; +  int total_size = 0; +  int sent = 0; +  int rv = 0;    s = trans_get_out_s(g_con_trans, 8192);    if (s == 0) @@ -105,7 +105,7 @@ send_channel_data(int chan_id, char* data, int size)  static int APP_CC  send_init_response_message(void)  { -  struct stream* s; +  struct stream * s = (struct stream *)NULL;    LOG(1, ("send_init_response_message:"));    s = trans_get_out_s(g_con_trans, 8192); @@ -126,7 +126,7 @@ send_init_response_message(void)  static int APP_CC  send_channel_setup_response_message(void)  { -  struct stream* s; +  struct stream * s = (struct stream *)NULL;    LOG(10, ("send_channel_setup_response_message:"));    s = trans_get_out_s(g_con_trans, 8192); @@ -147,7 +147,7 @@ send_channel_setup_response_message(void)  static int APP_CC  send_channel_data_response_message(void)  { -  struct stream* s; +  struct stream * s = (struct stream *)NULL;    LOG(10, ("send_channel_data_response_message:"));    s = trans_get_out_s(g_con_trans, 8192); @@ -177,10 +177,10 @@ process_message_init(struct stream* s)  static int APP_CC  process_message_channel_setup(struct stream* s)  { -  int num_chans; -  int index; -  int rv; -  struct chan_item* ci; +  int num_chans = 0; +  int index = 0; +  int rv = 0; +  struct chan_item* ci = (struct chan_item *)NULL;    g_num_chan_items = 0;    g_cliprdr_index = -1; @@ -239,11 +239,11 @@ process_message_channel_setup(struct stream* s)  static int APP_CC  process_message_channel_data(struct stream* s)  { -  int chan_id; -  int chan_flags; -  int rv; -  int length; -  int total_length; +  int chan_id = 0; +  int chan_flags = 0; +  int rv = 0; +  int length = 0; +  int total_length = 0;    in_uint16_le(s, chan_id);    in_uint16_le(s, chan_flags); @@ -284,11 +284,11 @@ process_message_channel_data_response(struct stream* s)  static int APP_CC  process_message(void)  { -  struct stream* s; -  int size; -  int id; -  int rv; -  char* next_msg; +  struct stream * s = (struct stream *)NULL; +  int size = 0; +  int id = 0; +  int rv = 0; +  char* next_msg = (char *)NULL;    if (g_con_trans == 0)    { @@ -329,7 +329,9 @@ process_message(void)      {        break;      } -    s->p = next_msg; +    else { +      s->p = next_msg; +	}    }    return rv;  } @@ -339,10 +341,10 @@ process_message(void)  int DEFAULT_CC  my_trans_data_in(struct trans* trans)  { -  struct stream* s; -  int id; -  int size; -  int error; +  struct stream * s = (struct stream *)NULL; +  int id = 0; +  int size = 0; +  int error = 0;    if (trans == 0)    { @@ -400,7 +402,7 @@ static int APP_CC  setup_listen(void)  {    char port[256]; -  int error; +  int error = 0;    if (g_lis_trans != 0)    { @@ -431,17 +433,17 @@ THREAD_RV THREAD_CC  channel_thread_loop(void* in_val)  {    tbus objs[32]; -  int num_objs; -  int timeout; -  int error; -  THREAD_RV rv; +  int num_objs = 0; +  int timeout = 0; +  int error = 0; +  THREAD_RV rv = 0;    LOG(1, ("channel_thread_loop: thread start"));    rv = 0;    error = setup_listen();    if (error == 0)    { -    timeout = 0; +    timeout = -1;      num_objs = 0;      objs[num_objs] = g_term_event;      num_objs++; @@ -486,7 +488,7 @@ channel_thread_loop(void* in_val)        clipboard_check_wait_objs();        sound_check_wait_objs();        dev_redir_check_wait_objs(); -      timeout = 0; +      timeout = -1;        num_objs = 0;        objs[num_objs] = g_term_event;        num_objs++; @@ -519,20 +521,25 @@ void DEFAULT_CC  nil_signal_handler(int sig)  {    LOG(1, ("nil_signal_handler: got signal %d", sig)); +  g_set_wait_obj(g_term_event);  }  /*****************************************************************************/  static int APP_CC -get_display_num_from_display(char* display_text) +get_display_num_from_display(char * display_text)  { -  int index; -  int mode; -  int host_index; -  int disp_index; -  int scre_index; -  char host[256]; -  char disp[256]; -  char scre[256]; +  int index = 0; +  int mode = 0; +  int host_index = 0; +  int disp_index = 0; +  int scre_index = 0; +  char host[256] = ""; +  char disp[256] = ""; +  char scre[256] = ""; + +  g_memset(host,0,256); +  g_memset(disp,0,256); +  g_memset(scre,0,256);    index = 0;    host_index = 0; @@ -587,12 +594,14 @@ main_cleanup(void)  static int APP_CC  read_ini(void)  { -  char filename[256]; -  struct list* names; -  struct list* values; -  char* name; -  char* value; -  int index; +  char filename[256] = ""; +  struct list* names = (struct list *)NULL; +  struct list* values = (struct list *)NULL; +  char* name  = (char *)NULL; +  char* value = (char *)NULL; +  int index = 0; + +  g_memset(filename,0,(sizeof(char)*256));    names = list_create();    names->auto_free = 1; @@ -624,14 +633,16 @@ read_ini(void)  int DEFAULT_CC  main(int argc, char** argv)  { -  int pid; -  char text[256]; -  char* display_text; +  int pid = 0; +  char text[256] = ""; +  char* display_text = (char *)NULL;    g_init(); /* os_calls */    read_ini();    pid = g_getpid();    LOG(1, ("main: app started pid %d(0x%8.8x)", pid, pid)); + +  /*  set up signal handler  */    g_signal_kill(term_signal_handler); /* SIGKILL */    g_signal_terminate(term_signal_handler); /* SIGTERM */    g_signal_user_interrupt(term_signal_handler); /* SIGINT */ @@ -650,7 +661,7 @@ main(int argc, char** argv)    g_snprintf(text, 255, "xrdp_chansrv_%8.8x_thread_done", pid);    g_thread_done_event = g_create_wait_obj(text);    tc_thread_create(channel_thread_loop, 0); -  while (!g_is_wait_obj_set(g_term_event)) +  while (g_term_event > 0 && !g_is_wait_obj_set(g_term_event))    {      if (g_obj_wait(&g_term_event, 1, 0, 0, 0) != 0)      { @@ -658,7 +669,7 @@ main(int argc, char** argv)        break;      }    } -  while (!g_is_wait_obj_set(g_thread_done_event)) +  while (g_thread_done_event > 0 && !g_is_wait_obj_set(g_thread_done_event))    {      /* wait for thread to exit */      if (g_obj_wait(&g_thread_done_event, 1, 0, 0, 0) != 0) diff --git a/sesman/libscp/libscp_session.c b/sesman/libscp/libscp_session.c index c5599985..38f801e9 100644 --- a/sesman/libscp/libscp_session.c +++ b/sesman/libscp/libscp_session.c @@ -335,7 +335,7 @@ scp_session_set_addr(struct SCP_SESSION* s, int type, void* addr)      case SCP_ADDRESS_TYPE_IPV4:        /* convert from char to 32bit*/        ret = inet_pton(AF_INET, addr, &ip4); -      if (0 == ret) +      if (ret == 0)        {          log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_addr: invalid address", __LINE__);          inet_pton(AF_INET, "127.0.0.1", &ip4); @@ -351,7 +351,7 @@ scp_session_set_addr(struct SCP_SESSION* s, int type, void* addr)      case SCP_ADDRESS_TYPE_IPV6:        /* convert from char to 128bit*/        ret = inet_pton(AF_INET6, addr, &ip6); -      if (0 == ret) +      if (ret == 0)        {          log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_addr: invalid address", __LINE__);          inet_pton(AF_INET, "::1", &ip6); diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c index 7848ca90..af84f80a 100644 --- a/sesman/scp_v0.c +++ b/sesman/scp_v0.c @@ -77,6 +77,7 @@ scp_v0_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s)      if (display == 0)      {        auth_end(data); +      data = 0;        scp_v0s_deny_connection(c);      }      else diff --git a/sesman/sesman.c b/sesman/sesman.c index 7ef5d902..c97784a8 100644 --- a/sesman/sesman.c +++ b/sesman/sesman.c @@ -87,7 +87,7 @@ sesman_main_loop(void)            g_reset_wait_obj(g_sync_event);            session_sync_start();          } -        if (g_is_wait_obj_set(sck_obj)) /* incomming connection */ +        if (g_is_wait_obj_set(sck_obj)) /* incoming connection */          {            in_sck = g_tcp_accept(g_sck);            if ((in_sck == -1) && g_tcp_last_error_would_block(g_sck)) @@ -146,6 +146,7 @@ main(int argc, char** argv)      daemon = 1;    }    else if ((2 == argc) && ((0 == g_strcasecmp(argv[1], "--nodaemon")) || +                           (0 == g_strcasecmp(argv[1], "-nodaemon")) ||                             (0 == g_strcasecmp(argv[1], "-n")) ||                             (0 == g_strcasecmp(argv[1], "-ns"))))    { @@ -154,6 +155,7 @@ main(int argc, char** argv)      daemon = 0;    }    else if ((2 == argc) && ((0 == g_strcasecmp(argv[1], "--help")) || +                           (0 == g_strcasecmp(argv[1], "-help")) ||                             (0 == g_strcasecmp(argv[1], "-h"))))    {      /* help screen */ @@ -167,6 +169,7 @@ main(int argc, char** argv)      g_exit(0);    }    else if ((2 == argc) && ((0 == g_strcasecmp(argv[1], "--kill")) || +                           (0 == g_strcasecmp(argv[1], "-kill")) ||                             (0 == g_strcasecmp(argv[1], "-k"))))    {      /* killing running sesman */ diff --git a/sesman/session.c b/sesman/session.c index d4b62d7b..fd94ae3f 100644 --- a/sesman/session.c +++ b/sesman/session.c @@ -169,11 +169,16 @@ x_server_running(int display)  static void DEFAULT_CC  session_start_sessvc(int xpid, int wmpid, long data)  { -  struct list* sessvc_params; +  struct list * sessvc_params = (struct list *)NULL;    char wmpid_str[25];    char xpid_str[25];    char exe_path[262]; -  int i; +  int i = 0; + +  /* initialize (zero out) local variables: */ +  g_memset(wmpid_str,0,sizeof(char) * 25); +  g_memset(xpid_str,0,sizeof(char) * 25); +  g_memset(exe_path,0,sizeof(char) * 262);    /* new style waiting for clients */    g_sprintf(wmpid_str, "%d", wmpid); @@ -302,22 +307,31 @@ session_start_fork(int width, int height, int bpp, char* username,                     char* password, tbus data, tui8 type, char* domain,                     char* program, char* directory)  { -  int display; -  int pid; -  int wmpid; -  int xpid; -  int i; +  int display = 0; +  int pid = 0; +  int wmpid = 0; +  int xpid = 0; +  int i = 0;    char geometry[32];    char depth[32];    char screen[32];    char text[256];    char passwd_file[256]; -  char** pp1; -  struct session_chain* temp; -  struct list* xserver_params=0; +  char ** pp1 = (char **)NULL; +  struct session_chain * temp = (struct session_chain *)NULL; +  struct list * xserver_params = (struct list *)NULL;    time_t ltime;    struct tm stime; +  /* initialize (zero out) local variables: */ +  g_memset(<ime,0,sizeof(time_t)); +  g_memset(&stime,0,sizeof(struct tm)); +  g_memset(geometry,0,sizeof(char) * 32); +  g_memset(depth,0,sizeof(char) * 32); +  g_memset(screen,0,sizeof(char) * 32); +  g_memset(text,0,sizeof(char) * 256); +  g_memset(passwd_file,0,sizeof(char) * 256); +    /* check to limit concurrent sessions */    if (g_session_count >= g_cfg->sess.max_sessions)    { @@ -348,6 +362,7 @@ session_start_fork(int width, int height, int bpp, char* username,      g_free(temp);      return 0;    } +  wmpid = 0;    pid = g_fork();    if (pid == -1)    { diff --git a/sesman/sessvc/sessvc.c b/sesman/sessvc/sessvc.c index 43cd5967..e814042a 100644 --- a/sesman/sessvc/sessvc.c +++ b/sesman/sessvc/sessvc.c @@ -73,16 +73,18 @@ chansrv_cleanup(int pid)  int DEFAULT_CC  main(int argc, char** argv)  { -  int ret; -  int chansrv_pid; -  int wm_pid; -  int x_pid; -  int lerror; +  int ret = 0; +  int chansrv_pid = 0; +  int wm_pid = 0; +  int x_pid = 0; +  int lerror = 0;    char exe_path[262]; +  g_memset(exe_path,0,sizeof(exe_path)); +    if (argc < 3)    { -    g_writeln("xrdp-sessvc: exiting, not enough params"); +    g_writeln("xrdp-sessvc: exiting, not enough parameters");      return 1;    }    g_signal_kill(term_signal_handler); /* SIGKILL */ @@ -106,7 +108,7 @@ main(int argc, char** argv)      g_snprintf(exe_path, 261, "%s/xrdp-chansrv", XRDP_SBIN_PATH);      g_execlp3(exe_path, "xrdp-chansrv", 0);      /* should not get here */ -    g_writeln("xrdp-sessvc: g_execvp failed"); +    g_writeln("xrdp-sessvc: g_execlp3() failed");      return 1;    }    lerror = 0; @@ -115,6 +117,7 @@ main(int argc, char** argv)    while ((ret == 0) && !g_term)    {      ret = g_waitpid(wm_pid); +    g_sleep(1);    }    if (ret < 0)    { @@ -129,6 +132,7 @@ main(int argc, char** argv)    while ((ret == 0) && !g_term)    {      ret = g_waitpid(chansrv_pid); +    g_sleep(1);    }    chansrv_cleanup(chansrv_pid);    /* kill X server */ @@ -138,6 +142,7 @@ main(int argc, char** argv)    while ((ret == 0) && !g_term)    {      ret = g_waitpid(x_pid); +    g_sleep(1);    }    g_writeln("xrdp-sessvc: clean exit");    return 0; @@ -327,8 +327,8 @@ lib_mod_event(struct vnc* v, int msg, long param1, long param2,  int DEFAULT_CC  get_pixel_safe(char* data, int x, int y, int width, int height, int bpp)  { -  int start; -  int shift; +  int start = 0; +  int shift = 0;    if (x < 0)    { @@ -391,8 +391,8 @@ void DEFAULT_CC  set_pixel_safe(char* data, int x, int y, int width, int height, int bpp,                 int pixel)  { -  int start; -  int shift; +  int start = 0; +  int shift = 0;    if (x < 0)    { @@ -1088,7 +1088,7 @@ connections", 0);    {      if (v->server_bpp != v->mod_bpp)      { -      v->server_msg(v, "error - server and client bpp don't match", 0); +      v->server_msg(v, "error - server bpp and client bpp do not match", 0);        error = 1;      }    } diff --git a/xrdp/xrdp.c b/xrdp/xrdp.c index 994af47c..c354be6b 100644 --- a/xrdp/xrdp.c +++ b/xrdp/xrdp.c @@ -350,7 +350,7 @@ main(int argc, char** argv)          g_writeln("error OpenSCManager, do you have rights?");          g_exit(0);        } -      /* check if service is already installed */ +      /* check if service is allready installed */        sc_ser = OpenService(sc_man, "xrdp", SERVICE_ALL_ACCESS);        if (sc_ser == 0)        { @@ -363,7 +363,7 @@ main(int argc, char** argv)        }        else        { -        g_writeln("error service is already installed"); +        g_writeln("error service is allready installed");          CloseServiceHandle(sc_ser);          CloseServiceHandle(sc_man);          g_exit(0); @@ -382,7 +382,7 @@ main(int argc, char** argv)          g_writeln("error OpenSCManager, do you have rights?");          g_exit(0);        } -      /* check if service is already installed */ +      /* check if service is allready installed */        sc_ser = OpenService(sc_man, "xrdp", SERVICE_ALL_ACCESS);        if (sc_ser == 0)        { @@ -506,7 +506,7 @@ main(int argc, char** argv)    }    if (g_file_exist(pid_file)) /* xrdp.pid */    { -    g_writeln("It looks like xrdp is already running,"); +    g_writeln("It looks like xrdp is allready running,");      g_writeln("if not delete the xrdp.pid file and try again");      g_exit(0);    } @@ -542,6 +542,17 @@ main(int argc, char** argv)        /* exit, this is the main process */        g_exit(0);      } +    g_sleep(1000); +    g_file_close(0); +    g_file_close(1); +    g_file_close(2); +    g_file_open("/dev/null"); +    g_file_open("/dev/null"); +    g_file_open("/dev/null"); +    /* end of daemonizing code */ +  } +  if (!no_daemon) +  {      /* write the pid to file */      pid = g_getpid();      fd = g_file_open(pid_file); /* xrdp.pid */ @@ -557,14 +568,6 @@ main(int argc, char** argv)        g_file_write(fd, text, g_strlen(text));        g_file_close(fd);      } -    g_sleep(1000); -    g_file_close(0); -    g_file_close(1); -    g_file_close(2); -    g_file_open("/dev/null"); -    g_file_open("/dev/null"); -    g_file_open("/dev/null"); -    /* end of daemonizing code */    }  #endif    g_threadid = tc_get_threadid(); diff --git a/xrdp/xrdp_bitmap.c b/xrdp/xrdp_bitmap.c index 2f5e4fcf..5d03fcb2 100644 --- a/xrdp/xrdp_bitmap.c +++ b/xrdp/xrdp_bitmap.c @@ -83,8 +83,8 @@ struct xrdp_bitmap* APP_CC  xrdp_bitmap_create(int width, int height, int bpp,                     int type, struct xrdp_wm* wm)  { -  struct xrdp_bitmap* self; -  int Bpp; +  struct xrdp_bitmap* self = (struct xrdp_bitmap *)NULL; +  int Bpp = 0;    self = (struct xrdp_bitmap*)g_malloc(sizeof(struct xrdp_bitmap), 1);    self->type = type; @@ -124,7 +124,7 @@ xrdp_bitmap_create_with_data(int width, int height,                               int bpp, char* data,                               struct xrdp_wm* wm)  { -  struct xrdp_bitmap* self; +  struct xrdp_bitmap* self = (struct xrdp_bitmap *)NULL;    self = (struct xrdp_bitmap*)g_malloc(sizeof(struct xrdp_bitmap), 1);    self->type = WND_TYPE_BITMAP; @@ -141,8 +141,8 @@ xrdp_bitmap_create_with_data(int width, int height,  void APP_CC  xrdp_bitmap_delete(struct xrdp_bitmap* self)  { -  int i; -  struct xrdp_mod_data* mod_data; +  int i = 0; +  struct xrdp_mod_data* mod_data = (struct xrdp_mod_data *)NULL;    if (self == 0)    { @@ -227,8 +227,8 @@ xrdp_bitmap_delete(struct xrdp_bitmap* self)  struct xrdp_bitmap* APP_CC  xrdp_bitmap_get_child_by_id(struct xrdp_bitmap* self, int id)  { -  int i; -  struct xrdp_bitmap* b; +  int i = 0; +  struct xrdp_bitmap* b = (struct xrdp_bitmap *)NULL;    for (i = 0; i < self->child_list->count; i++)    { @@ -247,7 +247,7 @@ xrdp_bitmap_get_child_by_id(struct xrdp_bitmap* self, int id)  int APP_CC  xrdp_bitmap_set_focus(struct xrdp_bitmap* self, int focused)  { -  struct xrdp_painter* painter; +  struct xrdp_painter* painter = (struct xrdp_painter *)NULL;    if (self == 0)    { @@ -284,9 +284,9 @@ xrdp_bitmap_set_focus(struct xrdp_bitmap* self, int focused)  static int APP_CC  xrdp_bitmap_get_index(struct xrdp_bitmap* self, int* palette, int color)  { -  int r; -  int g; -  int b; +  int r = 0; +  int g = 0; +  int b = 0;    r = (color & 0xff0000) >> 16;    g = (color & 0x00ff00) >> 8; @@ -302,7 +302,7 @@ xrdp_bitmap_get_index(struct xrdp_bitmap* self, int* palette, int color)  int APP_CC  xrdp_bitmap_resize(struct xrdp_bitmap* self, int width, int height)  { -  int Bpp; +  int Bpp = 0;    if ((width == self->width) && (height == self->height))    { @@ -334,16 +334,20 @@ xrdp_bitmap_resize(struct xrdp_bitmap* self, int width, int height)  int APP_CC  xrdp_bitmap_load(struct xrdp_bitmap* self, const char* filename, int* palette)  { -  int fd; -  int i; -  int j; -  int k; -  int color; -  int size; +  int fd = 0; +  int i = 0; +  int j = 0; +  int k = 0; +  int color = 0; +  int size = 0;    int palette1[256];    char type1[4];    struct xrdp_bmp_header header; -  struct stream* s; +  struct stream* s = (struct stream *)NULL; + +  g_memset(palette1,0,sizeof(int) * 256); +  g_memset(type1,0,sizeof(char) * 4); +  g_memset(&header,0,sizeof(struct xrdp_bmp_header));    if (!g_file_exist(filename))    { @@ -351,7 +355,7 @@ xrdp_bitmap_load(struct xrdp_bitmap* self, const char* filename, int* palette)                filename);      return 1;    } -  s = 0; +  s = (struct stream *)NULL;    fd = g_file_open(filename);    if (fd != -1)    { @@ -634,11 +638,11 @@ xrdp_bitmap_copy_box(struct xrdp_bitmap* self,                       struct xrdp_bitmap* dest,                       int x, int y, int cx, int cy)  { -  int i; -  int j; -  int destx; -  int desty; -  int pixel; +  int i = 0; +  int j = 0; +  int destx = 0; +  int desty = 0; +  int pixel = 0;    if (self == 0)    { @@ -718,18 +722,18 @@ xrdp_bitmap_copy_box_with_crc(struct xrdp_bitmap* self,                                struct xrdp_bitmap* dest,                                int x, int y, int cx, int cy)  { -  int i; -  int j; -  int destx; -  int desty; -  int pixel; -  int crc; -  int incs; -  int incd; -  unsigned char* s8; -  unsigned char* d8; -  unsigned short* s16; -  unsigned short* d16; +  int i = 0; +  int j = 0; +  int destx = 0; +  int desty = 0; +  int pixel = 0; +  int crc = 0; +  int incs = 0; +  int incd = 0; +  unsigned char* s8 = (unsigned char *)NULL; +  unsigned char* d8 = (unsigned char *)NULL; +  unsigned short* s16 = (unsigned short *)NULL; +  unsigned short* d16 = (unsigned short *)NULL;    if (self == 0)    { @@ -761,6 +765,7 @@ xrdp_bitmap_copy_box_with_crc(struct xrdp_bitmap* self,    {      return 1;    } +  crc = dest->crc;    CRC_START(crc);    if (self->bpp == 24)    { diff --git a/xrdp/xrdp_cache.c b/xrdp/xrdp_cache.c index 7eba0b90..83e91ed9 100644 --- a/xrdp/xrdp_cache.c +++ b/xrdp/xrdp_cache.c @@ -128,14 +128,14 @@ xrdp_cache_reset(struct xrdp_cache* self,  int APP_CC  xrdp_cache_add_bitmap(struct xrdp_cache* self, struct xrdp_bitmap* bitmap)  { -  int i; -  int j; -  int oldest; -  int cache_id; -  int cache_idx; -  int bmp_size; -  int e; -  int Bpp; +  int i = 0; +  int j = 0; +  int oldest = 0; +  int cache_id = 0; +  int cache_idx = 0; +  int bmp_size = 0; +  int e = 0; +  int Bpp = 0;    e = bitmap->width % 4;    if (e != 0) diff --git a/xrdp/xrdp_listen.c b/xrdp/xrdp_listen.c index 80aa64d3..2348ea2a 100644 --- a/xrdp/xrdp_listen.c +++ b/xrdp/xrdp_listen.c @@ -182,7 +182,7 @@ xrdp_listen_conn_in(struct trans* self, struct trans* new_self)    struct xrdp_process* process;    struct xrdp_listen* lis; -  g_writeln("hello"); +  g_writeln("xrdp_listen_conn_in: hello");    lis = (struct xrdp_listen*)(self->callback_data);    process = xrdp_process_create(lis, lis->pro_done_event);    if (xrdp_listen_add_pro(lis, process) == 0) @@ -208,7 +208,7 @@ xrdp_listen_main_loop(struct xrdp_listen* self)    int error;    int robjs_count;    int cont; -  int timeout; +  int timeout = 0;    char port[8];    char address[256];    tbus robjs[8]; diff --git a/xrdp/xrdp_mm.c b/xrdp/xrdp_mm.c index d9fe0431..67d9314b 100644 --- a/xrdp/xrdp_mm.c +++ b/xrdp/xrdp_mm.c @@ -106,17 +106,17 @@ xrdp_mm_delete(struct xrdp_mm* self)  static int APP_CC  xrdp_mm_send_login(struct xrdp_mm* self)  { -  struct stream* s; -  int rv; -  int index; -  int count; -  char* username; -  char* password; -  char* name; -  char* value; +  struct stream * s = (struct stream *)NULL; +  int rv = 0; +  int index = 0; +  int count = 0; +  char * username = (char *)NULL; +  char * password = (char *)NULL; +  char * name = (char *)NULL; +  char * value = (char *)NULL;    xrdp_wm_log_msg(self->wm, "sending login info to session manager, " -                  "please wait..."); +                            "please wait...");    username = 0;    password = 0;    self->code = 0; @@ -144,9 +144,10 @@ xrdp_mm_send_login(struct xrdp_mm* self)    }    if ((username == 0) || (password == 0))    { -    xrdp_wm_log_msg(self->wm, "error finding username and password"); +    xrdp_wm_log_msg(self->wm, "Error finding username and password");      return 1;    } +    s = trans_get_out_s(self->sesman_trans, 8192);    s_push_layer(s, channel_hdr, 8);    /* this code is either 0 for Xvnc or 10 for X11rdp */ @@ -155,15 +156,18 @@ xrdp_mm_send_login(struct xrdp_mm* self)    out_uint16_be(s, index);    out_uint8a(s, username, index);    index = g_strlen(password); +    out_uint16_be(s, index);    out_uint8a(s, password, index);    out_uint16_be(s, self->wm->screen->width);    out_uint16_be(s, self->wm->screen->height);    out_uint16_be(s, self->wm->screen->bpp); +    /* send domain */    index = g_strlen(self->wm->client_info->domain);    out_uint16_be(s, index);    out_uint8a(s, self->wm->client_info->domain, index); +    /* send program / shell */    index = g_strlen(self->wm->client_info->program);    out_uint16_be(s, index); @@ -177,11 +181,13 @@ xrdp_mm_send_login(struct xrdp_mm* self)    out_uint32_be(s, 0); /* version */    index = (int)(s->end - s->data);    out_uint32_be(s, index); /* size */ +    rv = trans_force_write(self->sesman_trans); -  if (rv != 0) -  { -    xrdp_wm_log_msg(self->wm, "xrdp_mm_send_login: xrdp_mm_send failed"); + +  if (rv != 0) { +    xrdp_wm_log_msg(self->wm, "xrdp_mm_send_login: xrdp_mm_send_login failed");    } +    return rv;  } @@ -217,6 +223,7 @@ xrdp_mm_get_value(struct xrdp_mm* self, char* aname, char* dest, int dest_len)        rv = 0;      }    } +    return rv;  } @@ -236,15 +243,17 @@ xrdp_mm_setup_mod1(struct xrdp_mm* self)    if (xrdp_mm_get_value(self, "lib", lib, 255) != 0)    {      g_snprintf(text, 255, "no library name specified in xrdp.ini, please add " -               "lib=libxrdp-vnc.so or similar"); +                          "lib=libxrdp-vnc.so or similar");      xrdp_wm_log_msg(self->wm, text); +      return 1;    }    if (lib[0] == 0)    {      g_snprintf(text, 255, "empty library name specified in xrdp.ini, please " -               "add lib=libxrdp-vnc.so or similar"); +                          "add lib=libxrdp-vnc.so or similar");      xrdp_wm_log_msg(self->wm, text); +      return 1;    }    if (self->mod_handle == 0) @@ -260,7 +269,7 @@ xrdp_mm_setup_mod1(struct xrdp_mm* self)        if (func == 0)        {          g_snprintf(text, 255, "error finding proc mod_init in %s, not a valid " -                   "xrdp backend", lib); +                              "xrdp backend", lib);          xrdp_wm_log_msg(self->wm, text);        }        self->mod_init = (struct xrdp_mod* (*)(void))func; @@ -272,7 +281,7 @@ xrdp_mm_setup_mod1(struct xrdp_mm* self)        if (func == 0)        {          g_snprintf(text, 255, "error finding proc mod_exit in %s, not a valid " -                   "xrdp backend", lib); +                              "xrdp backend", lib);          xrdp_wm_log_msg(self->wm, text);        }        self->mod_exit = (int (*)(struct xrdp_mod*))func; @@ -281,7 +290,7 @@ xrdp_mm_setup_mod1(struct xrdp_mm* self)          self->mod = self->mod_init();          if (self->mod != 0)          { -          g_writeln("loaded modual '%s' ok, interface size %d, version %d", lib, +          g_writeln("loaded module '%s' ok, interface size %d, version %d", lib,                      self->mod->size, self->mod->version);          }        } @@ -289,7 +298,7 @@ xrdp_mm_setup_mod1(struct xrdp_mm* self)      else      {        g_snprintf(text, 255, "error loading %s specified in xrdp.ini, please " -                 "add a valid entry like lib=libxrdp-vnc.so or similar", lib); +                            "add a valid entry like lib=libxrdp-vnc.so or similar", lib);        xrdp_wm_log_msg(self->wm, text);      }      if (self->mod != 0) @@ -336,13 +345,14 @@ static int APP_CC  xrdp_mm_setup_mod2(struct xrdp_mm* self)  {    char text[256]; -  char* name; -  char* value; -  int i; -  int rv; -  int key_flags; -  int device_flags; - +  char* name = (char *)NULL; +  char* value = (char *)NULL; +  int i = 0; +  int rv = 0; +  int key_flags = 0; +  int device_flags = 0; + +  g_memset(text,0,sizeof(char) * 256);    rv = 1;    text[0] = 0;    if (!g_is_wait_obj_set(self->wm->pro_layer->self_term_event)) @@ -434,13 +444,15 @@ xrdp_mm_setup_mod2(struct xrdp_mm* self)  static int APP_CC  xrdp_mm_trans_send_channel_setup(struct xrdp_mm* self, struct trans* trans)  { -  int index; -  int chan_id; -  int chan_flags; -  int size; -  struct stream* s; +  int index = 0; +  int chan_id = 0; +  int chan_flags = 0; +  int size = 0; +  struct stream* s = (struct stream *)NULL;    char chan_name[256]; +  g_memset(chan_name,0,sizeof(char) * 256); +    s = trans_get_out_s(trans, 8192);    if (s == 0)    { @@ -479,7 +491,7 @@ static int APP_CC  xrdp_mm_trans_send_channel_data_response(struct xrdp_mm* self,                                           struct trans* trans)  { -  struct stream* s; +  struct stream* s = (struct stream *)NULL;    s = trans_get_out_s(trans, 8192);    if (s == 0) @@ -509,12 +521,12 @@ xrdp_mm_trans_process_init_response(struct xrdp_mm* self, struct trans* trans)  static int APP_CC  xrdp_mm_trans_process_channel_data(struct xrdp_mm* self, struct trans* trans)  { -  struct stream* s; -  int size; -  int total_size; -  int chan_id; -  int chan_flags; -  int rv; +  struct stream* s = (struct stream *)NULL; +  int size = 0; +  int total_size = 0; +  int chan_id = 0; +  int chan_flags = 0; +  int rv = 0;    s = trans_get_in_s(trans);    if (s == 0) @@ -541,10 +553,10 @@ static int APP_CC  xrdp_mm_chan_process_msg(struct xrdp_mm* self, struct trans* trans,                           struct stream* s)  { -  int rv; -  int id; -  int size; -  char* next_msg; +  int rv = 0; +  int id = 0; +  int size = 0; +  char* next_msg = (char *)NULL;    rv = 0;    while (s_check_rem(s, 8)) @@ -584,11 +596,11 @@ xrdp_mm_chan_process_msg(struct xrdp_mm* self, struct trans* trans,  static int APP_CC  xrdp_mm_chan_data_in(struct trans* trans)  { -  struct xrdp_mm* self; -  struct stream* s; -  int id; -  int size; -  int error; +  struct xrdp_mm* self = (struct xrdp_mm *)NULL; +  struct stream* s = (struct stream *)NULL; +  int id = 0; +  int size = 0; +  int error = 0;    if (trans == 0)    { @@ -615,7 +627,7 @@ xrdp_mm_chan_data_in(struct trans* trans)  static int APP_CC  xrdp_mm_chan_send_init(struct xrdp_mm* self)  { -  struct stream* s; +  struct stream* s = (struct stream *)NULL;    s = trans_get_out_s(self->chan_trans, 8192);    if (s == 0) @@ -634,21 +646,25 @@ xrdp_mm_chan_send_init(struct xrdp_mm* self)  static int APP_CC  xrdp_mm_process_login_response(struct xrdp_mm* self, struct stream* s)  { -  int ok; -  int display; -  int rv; -  int index; +  int ok = 0; +  int display = 0; +  int rv = 0; +  int index = 0;    char text[256];    char ip[256];    char port[256]; +  g_memset(text,0,sizeof(char) * 256); +  g_memset(ip,0,sizeof(char) * 256); +  g_memset(port,0,sizeof(char) * 256);    rv = 0;    in_uint16_be(s, ok);    in_uint16_be(s, display);    if (ok)    {      self->display = display; -    g_snprintf(text, 255, "login successful for display %d", display); +    g_snprintf(text, 255, "xrdp_mm_process_login_response: login successful " +                          "for display %d", display);      xrdp_wm_log_msg(self->wm, text);      if (xrdp_mm_setup_mod1(self) == 0)      { @@ -703,7 +719,8 @@ xrdp_mm_process_login_response(struct xrdp_mm* self, struct stream* s)    }    else    { -    xrdp_wm_log_msg(self->wm, "login failed"); +    xrdp_wm_log_msg(self->wm, "xrdp_mm_process_login_response: " +                              "login failed");    }    self->delete_sesman_trans = 1;    self->connected_state = 0; @@ -712,6 +729,7 @@ xrdp_mm_process_login_response(struct xrdp_mm* self, struct stream* s)      xrdp_wm_set_login_mode(self->wm, 11);      xrdp_mm_module_cleanup(self);    } +    return rv;  } @@ -719,14 +737,15 @@ xrdp_mm_process_login_response(struct xrdp_mm* self, struct stream* s)  static int  xrdp_mm_get_sesman_port(char* port, int port_bytes)  { -  int fd; -  int error; -  int index; -  char* val; +  int fd = -1; +  int error = 0; +  int index = 0; +  char* val = 0;    char cfg_file[256]; -  struct list* names; -  struct list* values; +  struct list* names = (struct list *)NULL; +  struct list* values = (struct list *)NULL; +  g_memset(cfg_file,0,sizeof(char) * 256);    /* default to port 3350 */    g_strncpy(port, "3350", port_bytes - 1);    /* see if port is in xrdp.ini file */ @@ -762,6 +781,7 @@ xrdp_mm_get_sesman_port(char* port, int port_bytes)      list_delete(values);      g_file_close(fd);    } +    return 0;  } @@ -772,13 +792,13 @@ int APP_CC  xrdp_mm_process_channel_data(struct xrdp_mm* self, tbus param1, tbus param2,                               tbus param3, tbus param4)  { -  struct stream* s; -  int rv; -  int length; -  int total_length; -  int flags; -  int id; -  char* data; +  struct stream* s = (struct stream *)NULL; +  int rv = 0; +  int length = 0; +  int total_length = 0; +  int flags = 0; +  int id = 0; +  char * data = (char *)NULL;    rv = 0;    if ((self->chan_trans != 0) && self->chan_trans_up) @@ -793,7 +813,7 @@ xrdp_mm_process_channel_data(struct xrdp_mm* self, tbus param1, tbus param2,        total_length = param4;        if (total_length < length)        { -        g_writeln("warning in xrdp_mm_process_channel_data total_len < length"); +        g_writeln("WARNING in xrdp_mm_process_channel_data(): total_len < length");          total_length = length;        }        out_uint32_le(s, 0); /* version */ @@ -809,6 +829,7 @@ xrdp_mm_process_channel_data(struct xrdp_mm* self, tbus param1, tbus param2,        rv = trans_force_write(self->chan_trans);      }    } +    return rv;  } @@ -816,12 +837,12 @@ xrdp_mm_process_channel_data(struct xrdp_mm* self, tbus param1, tbus param2,  static int APP_CC  xrdp_mm_sesman_data_in(struct trans* trans)  { -  struct xrdp_mm* self; -  struct stream* s; -  int version; -  int size; -  int error; -  int code; +  struct xrdp_mm* self = (struct xrdp_mm *)NULL; +  struct stream* s = (struct stream *)NULL; +  int version = 0; +  int size = 0; +  int error = 0; +  int code = 0;    if (trans == 0)    { @@ -849,6 +870,7 @@ xrdp_mm_sesman_data_in(struct trans* trans)          break;      }    } +    return error;  } @@ -856,21 +878,25 @@ xrdp_mm_sesman_data_in(struct trans* trans)  int APP_CC  xrdp_mm_connect(struct xrdp_mm* self)  { -  struct list* names; -  struct list* values; -  int index; -  int count; -  int use_sesman; -  int error; -  int ok; -  int rv; -  char* name; -  char* value; +  struct list* names = (struct list *)NULL; +  struct list* values = (struct list *)NULL; +  int index = 0; +  int count = 0; +  int use_sesman = 0; +  int error = 0; +  int ok = 0; +  int rv = 0; +  char* name = (char *)NULL; +  char* value = (char *)NULL;    char ip[256];    char errstr[256];    char text[256];    char port[8]; +  g_memset(ip,0,sizeof(char) * 256); +  g_memset(errstr,0,sizeof(char) * 256); +  g_memset(text,0,sizeof(char) * 256); +  g_memset(port,0,sizeof(char) * 8);    rv = 0;    use_sesman = 0;    names = self->login_names; @@ -950,6 +976,7 @@ xrdp_mm_connect(struct xrdp_mm* self)      }    }    self->sesman_controlled = use_sesman; +    return rv;  } @@ -959,7 +986,7 @@ xrdp_mm_get_wait_objs(struct xrdp_mm* self,                        tbus* read_objs, int* rcount,                        tbus* write_objs, int* wcount, int* timeout)  { -  int rv; +  int rv = 0;    if (self == 0)    { @@ -982,6 +1009,7 @@ xrdp_mm_get_wait_objs(struct xrdp_mm* self,                                          write_objs, wcount, timeout);      }    } +    return rv;  } @@ -989,7 +1017,7 @@ xrdp_mm_get_wait_objs(struct xrdp_mm* self,  int APP_CC  xrdp_mm_check_wait_objs(struct xrdp_mm* self)  { -  int rv; +  int rv = 0;    if (self == 0)    { @@ -1031,6 +1059,7 @@ xrdp_mm_check_wait_objs(struct xrdp_mm* self)      self->chan_trans_up = 0;      self->delete_chan_trans = 0;    } +    return rv;  } @@ -1038,13 +1067,14 @@ xrdp_mm_check_wait_objs(struct xrdp_mm* self)  int DEFAULT_CC  server_begin_update(struct xrdp_mod* mod)  { -  struct xrdp_wm* wm; -  struct xrdp_painter* p; +  struct xrdp_wm* wm = (struct xrdp_wm *)NULL; +  struct xrdp_painter* p = (struct xrdp_painter *)NULL;    wm = (struct xrdp_wm*)(mod->wm);    p = xrdp_painter_create(wm, wm->session);    xrdp_painter_begin_update(p);    mod->painter = (long)p; +    return 0;  } @@ -1052,12 +1082,13 @@ server_begin_update(struct xrdp_mod* mod)  int DEFAULT_CC  server_end_update(struct xrdp_mod* mod)  { -  struct xrdp_painter* p; +  struct xrdp_painter* p = (struct xrdp_painter *)NULL;    p = (struct xrdp_painter*)(mod->painter);    xrdp_painter_end_update(p);    xrdp_painter_delete(p);    mod->painter = 0; +    return 0;  } @@ -1078,8 +1109,8 @@ server_bell_trigger(struct xrdp_mod* mod)  int DEFAULT_CC  server_fill_rect(struct xrdp_mod* mod, int x, int y, int cx, int cy)  { -  struct xrdp_wm* wm; -  struct xrdp_painter* p; +  struct xrdp_wm* wm = (struct xrdp_wm *)NULL; +  struct xrdp_painter* p = (struct xrdp_painter *)NULL;    wm = (struct xrdp_wm*)(mod->wm);    p = (struct xrdp_painter*)(mod->painter); @@ -1316,7 +1347,7 @@ server_draw_text(struct xrdp_mod* mod, int font,  int DEFAULT_CC  server_reset(struct xrdp_mod* mod, int width, int height, int bpp)  { -  struct xrdp_wm* wm; +  struct xrdp_wm* wm = (struct xrdp_wm *)NULL;    wm = (struct xrdp_wm*)(mod->wm);    if (wm->client_info == 0) @@ -1356,7 +1387,7 @@ int DEFAULT_CC  server_query_channel(struct xrdp_mod* mod, int index, char* channel_name,                       int* channel_flags)  { -  struct xrdp_wm* wm; +  struct xrdp_wm* wm = (struct xrdp_wm *)NULL;    wm = (struct xrdp_wm*)(mod->wm);    if (wm->mm->sesman_controlled) @@ -1372,7 +1403,7 @@ server_query_channel(struct xrdp_mod* mod, int index, char* channel_name,  int DEFAULT_CC  server_get_channel_id(struct xrdp_mod* mod, char* name)  { -  struct xrdp_wm* wm; +  struct xrdp_wm* wm = (struct xrdp_wm *)NULL;    wm = (struct xrdp_wm*)(mod->wm);    if (wm->mm->sesman_controlled) @@ -1388,7 +1419,7 @@ server_send_to_channel(struct xrdp_mod* mod, int channel_id,                         char* data, int data_len,                         int total_data_len, int flags)  { -  struct xrdp_wm* wm; +  struct xrdp_wm* wm = (struct xrdp_wm *)NULL;    wm = (struct xrdp_wm*)(mod->wm);    if (wm->mm->sesman_controlled) diff --git a/xrdp/xrdp_painter.c b/xrdp/xrdp_painter.c index f64505b9..132b338e 100644 --- a/xrdp/xrdp_painter.c +++ b/xrdp/xrdp_painter.c @@ -51,6 +51,10 @@ xrdp_painter_delete(struct xrdp_painter* self)  int APP_CC  xrdp_painter_begin_update(struct xrdp_painter* self)  { +  if (self == 0) +  { +    return 0; +  }    libxrdp_orders_init(self->session);    return 0;  } @@ -59,6 +63,10 @@ xrdp_painter_begin_update(struct xrdp_painter* self)  int APP_CC  xrdp_painter_end_update(struct xrdp_painter* self)  { +  if (self == 0) +  { +    return 0; +  }    libxrdp_orders_send(self->session);    return 0;  } diff --git a/xrdp/xrdp_process.c b/xrdp/xrdp_process.c index 0971804f..905db928 100644 --- a/xrdp/xrdp_process.c +++ b/xrdp/xrdp_process.c @@ -133,7 +133,7 @@ xrdp_process_main_loop(struct xrdp_process* self)    int robjs_count;    int wobjs_count;    int cont; -  int timeout; +  int timeout = 0;    tbus robjs[32];    tbus wobjs[32];    tbus term_obj; diff --git a/xrdp/xrdp_wm.c b/xrdp/xrdp_wm.c index bae6c494..7500f38a 100644 --- a/xrdp/xrdp_wm.c +++ b/xrdp/xrdp_wm.c @@ -27,9 +27,12 @@ struct xrdp_wm* APP_CC  xrdp_wm_create(struct xrdp_process* owner,                 struct xrdp_client_info* client_info)  { -  struct xrdp_wm* self; +  struct xrdp_wm* self = (struct xrdp_wm *)NULL;    char event_name[256]; -  int pid; +  int pid = 0; + +  /* initialize (zero out) local variables: */ +  g_memset(event_name,0,sizeof(char) * 256);    self = (struct xrdp_wm*)g_malloc(sizeof(struct xrdp_wm), 1);    self->client_info = client_info; @@ -196,7 +196,7 @@ lib_mod_connect(struct mod* mod)      i++;      if (i >= 4)      { -      mod->server_msg(mod, "connect problem, giving up", 0); +      mod->server_msg(mod, "connection problem, giving up", 0);        break;      }      g_sleep(250); | 
