ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > Tshawb xyuas rdesktop thiab xrdp siv PVS-Studio analyzer

Tshawb xyuas rdesktop thiab xrdp siv PVS-Studio analyzer

Tshawb xyuas rdesktop thiab xrdp siv PVS-Studio analyzer
Qhov no yog qhov kev tshuaj xyuas thib ob hauv cov kab lus hais txog kev sim qhib qhov program rau kev ua haujlwm nrog RDP raws tu qauv. Hauv nws peb yuav saib cov neeg siv khoom rdesktop thiab xrdp server.

Siv los ua ib qho cuab yeej los txheeb xyuas qhov yuam kev PVS Studio. Nws yog tus lej ntsuas zoo li qub rau C, C ++, C # thiab Java lus, muaj nyob rau ntawm Windows, Linux thiab macOS platforms.

Kab lus nthuav tawm tsuas yog cov yuam kev uas zoo li nthuav rau kuv. Txawm li cas los xij, cov haujlwm me me, yog li muaj qee qhov yuam kev :).

ΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅. Ib tsab xov xwm dhau los txog FreeRDP qhov kev txheeb xyuas qhov project tuaj yeem pom no.

rdesktop duab

rdesktop duab - Kev siv dawb ntawm tus neeg siv khoom RDP rau UNIX-based systems. Nws kuj tuaj yeem siv hauv Windows yog tias koj tsim qhov project hauv Cygwin. Daim ntawv tso cai raws li GPLv3.

Cov neeg siv khoom no nrov heev - nws yog siv los ntawm lub neej ntawd hauv ReactOS, thiab koj tuaj yeem pom cov neeg sab nrauv graphical pem hauv ntej-kawg rau nws. Txawm li cas los xij, nws laus heev: nws thawj zaug tso tawm rau lub Plaub Hlis 4, 2001 - thaum lub sijhawm sau ntawv, nws muaj 17 xyoo.

Raws li kuv tau sau ua ntej, qhov project me me heev. Nws muaj kwv yees li 30 txhiab kab ntawm cov cai, uas yog qhov txawv me ntsis xav txog nws lub hnub nyoog. Rau kev sib piv, FreeRDP muaj 320 txhiab kab. Nov yog cov txiaj ntsig ntawm Cloc program:

Tshawb xyuas rdesktop thiab xrdp siv PVS-Studio analyzer

Code tsis tau

V779 Nrhiav tsis tau code. Nws muaj peev xwm muaj qhov yuam kev tam sim no. rdesktop.c 1502

int
main(int argc, char *argv[])
{
  ....
  return handle_disconnect_reason(deactivated, ext_disc_reason);

  if (g_redirect_username)
    xfree(g_redirect_username);

  xfree(g_username);
}

Qhov yuam kev ntsib peb tam sim ntawd hauv kev ua haujlwm ntsiab: peb pom tus lej tuaj tom qab tus neeg teb xov tooj rov qab los - Cov fragment no ua lub cim xeeb tu. Txawm li cas los xij, qhov ua yuam kev tsis ua rau muaj kev hem thawj: tag nrho cov cim xeeb faib yuav raug tshem tawm los ntawm kev ua haujlwm tom qab qhov program tawm.

Tsis muaj kev ua yuam kev

V557 Array underrun yog ua tau. Tus nqi ntawm 'n' index tuaj yeem ncav cuag -1. rdesktop.c 1872

RD_BOOL
subprocess(char *const argv[], str_handle_lines_t linehandler, void *data)
{
  int n = 1;
  char output[256];
  ....
  while (n > 0)
  {
    n = read(fd[0], output, 255);
    output[n] = ' '; // <=
    str_handle_lines(output, &rest, linehandler, data);
  }
  ....
}

Cov code snippet nyob rau hauv cov ntaub ntawv no nyeem los ntawm cov ntaub ntawv mus rau hauv ib tug tsis mus txog rau thaum cov ntaub ntawv xaus. Txawm li cas los xij, tsis muaj qhov yuam kev tuav ntawm no: yog tias muaj qee yam yuam kev, ces nyeem yuav rov -1, thiab ces cov array yuav overrun Tso zis.

Siv EOF hauv char type

V739 EOF yuav tsum tsis txhob muab piv nrog tus nqi ntawm 'char' hom. Tus '(c = fgetc(fp))' yuav tsum yog hom 'int'. ctrl.c 500


int
ctrl_send_command(const char *cmd, const char *arg)
{
  char result[CTRL_RESULT_SIZE], c, *escaped;
  ....
  while ((c = fgetc(fp)) != EOF && index < CTRL_RESULT_SIZE && c != 'n')
  {
    result[index] = c;
    index++;
  }
  ....
}

Ntawm no peb pom kev tuav tsis raug ntawm qhov kawg ntawm cov ntaub ntawv: yog fgetc ua rov qab tus cim uas nws cov lej yog 0xFF, nws yuav raug txhais raws li qhov kawg ntawm cov ntaub ntawv (EOF).

EOF nws yog qhov tsis tu ncua, feem ntau txhais tau tias yog -1. Piv txwv li, hauv CP1251 encoding, tsab ntawv kawg ntawm cov tsiaj ntawv Lavxias muaj tus lej 0xFF, uas sib raug rau tus lej -1 yog tias peb tab tom tham txog qhov sib txawv xws li char. Nws hloov tawm tias lub cim 0xFF, zoo li EOF (-1) yog txhais raws li qhov kawg ntawm cov ntaub ntawv. Txhawm rau kom tsis txhob muaj qhov yuam kev, qhov tshwm sim ntawm kev ua haujlwm yog fgetc ua yuav tsum tau khaws cia rau hauv ib qho kev sib txawv xws li rau cov menyuam.

Typos

Fragment 1

V547 Kev nthuav qhia 'sau_time' yog ib txwm tsis muaj tseeb. wb c805

RD_NTSTATUS
disk_set_information(....)
{
  time_t write_time, change_time, access_time, mod_time;
  ....
  if (write_time || change_time)
    mod_time = MIN(write_time, change_time);
  else
    mod_time = write_time ? write_time : change_time; // <=
  ....
}

Tej zaum tus sau tsab cai no tau txais nws yuam kev || ΠΈ && nyob rau hauv mob. Cia peb xav txog cov kev xaiv uas muaj txiaj ntsig sau_time ΠΈ hloov_time:

  • Ob qhov sib txawv yog sib npaug rau 0: qhov no peb yuav xaus rau hauv ib ceg lwm tus: sib txawv mod_time yuav ib txwm yog 0 tsis hais tus mob tom ntej.
  • Ib qho piv txwv yog 0: mod_time yuav muab sib npaug rau 0 (muab tias lwm qhov sib txawv muaj tus nqi tsis zoo), vim MIN yuav xaiv qhov me me ntawm ob txoj kev xaiv.
  • Ob qhov sib txawv tsis sib npaug rau 0: xaiv tus nqi qis kawg nkaus.

Thaum hloov qhov xwm txheej nrog write_time && change_time tus cwj pwm yuav zoo:

  • Ib lossis ob qhov sib txawv tsis sib npaug rau 0: xaiv tus nqi uas tsis yog xoom.
  • Ob qhov sib txawv tsis sib npaug rau 0: xaiv tus nqi qis kawg nkaus.

Fragment 2

V547 Kev nthuav qhia yeej ib txwm muaj tseeb. Tej zaum tus neeg teb xov tooj '&&' yuav tsum tau siv ntawm no. wb 1419

static RD_NTSTATUS
disk_device_control(RD_NTHANDLE handle, uint32 request, STREAM in,
      STREAM out)
{
  ....
  if (((request >> 16) != 20) || ((request >> 16) != 9))
    return RD_STATUS_INVALID_PARAMETER;
  ....
}

Pom tau tias cov neeg ua haujlwm sib xyaw ua ke ntawm no thiab || ΠΈ &&, lossis == ΠΈ !=: Ib qho kev sib txawv tsis tuaj yeem muaj tus nqi 20 thiab 9 tib lub sijhawm.

Unlimited kab theej

V512 Kev hu xov tooj ntawm 'sprintf' muaj nuj nqi yuav ua rau cov dej ntws ntawm qhov tsis 'fullpath'. wb 1257

RD_NTSTATUS
disk_query_directory(....)
{
  ....
  char *dirname, fullpath[PATH_MAX];
  ....
  /* Get information for directory entry */
  sprintf(fullpath, "%s/%s", dirname, pdirent->d_name);
  ....
}

Thaum koj saib tag nrho cov haujlwm, nws yuav pom tseeb tias cov cai no tsis ua teeb meem. Txawm li cas los xij, lawv yuav tshwm sim yav tom ntej: ib qho kev hloov pauv tsis tu ncua thiab peb yuav tau txais qhov tsis txaus siab - khiav tsis txwv los ntawm ib yam dab tsi, yog li thaum concatenating txoj kev peb tuaj yeem mus dhau ntawm cov ciam teb ntawm array. Nws raug nquahu kom pom qhov kev hu no snprintf(fullpath, PATH_MAX,….).

Kev mob tshwm sim

V560 Ib feem ntawm cov lus qhia yog ib txwm muaj tseeb: ntxiv > 0. scard.c 507

static void
inRepos(STREAM in, unsigned int read)
{
  SERVER_DWORD add = 4 - read % 4;
  if (add < 4 && add > 0)
  {
    ....
  }
}

soj ntsuam ntxiv > 0 tsis muaj qhov xav tau ntawm no: qhov sib txawv yuav ib txwm loj dua xoom, vim nyeem %4 yuav rov qab qhov seem ntawm kev faib, tab sis nws yuav tsis sib npaug li 4.

xrdp

xrdp - Kev siv ntawm RDP server nrog qhib qhov chaws. Qhov project tau muab faib ua 2 ntu:

  • xrdp - raws tu qauv siv. Muab faib raws li Apache 2.0 daim ntawv tso cai.
  • xorgxrdp - Ib txheej ntawm Xorg tsav tsheb siv nrog xrdp. Daim ntawv tso cai - X11 (zoo li MIT, tab sis txwv tsis pub siv hauv kev tshaj tawm)

Kev txhim kho ntawm qhov project yog raws li cov txiaj ntsig ntawm rdesktop thiab FreeRDP. Thaum pib, ua haujlwm nrog cov duab, koj yuav tsum siv VNC server cais, lossis X11 server tshwj xeeb nrog kev txhawb nqa RDP - X11rdp, tab sis nrog rau qhov tshwm sim ntawm xorgxrdp, qhov xav tau rau lawv ploj mus.

Hauv tsab xov xwm no peb yuav tsis npog xorgxrdp.

Qhov project xrdp, zoo li yav dhau los, yog me me thiab muaj kwv yees li 80 txhiab kab.

Tshawb xyuas rdesktop thiab xrdp siv PVS-Studio analyzer

Ntau typos

V525 Cov cai muaj cov sau los ntawm cov blocks zoo sib xws. Kos cov khoom 'r', 'g', 'r' hauv kab 87, 88, 89. rfxencode_rgb_to_yuv.c 87

static int
rfx_encode_format_rgb(const char *rgb_data, int width, int height,
                      int stride_bytes, int pixel_format,
                      uint8 *r_buf, uint8 *g_buf, uint8 *b_buf)
{
  ....
  switch (pixel_format)
  {
    case RFX_FORMAT_BGRA:
      ....
      while (x < 64)
      {
          *lr_buf++ = r;
          *lg_buf++ = g;
          *lb_buf++ = r; // <=
          x++;
      }
      ....
  }
  ....
}

Cov cai no tau muab los ntawm lub tsev qiv ntawv librfxcodec, uas siv lub jpeg2000 codec rau RemoteFX. Ntawm no, thaj, cov duab cov ntaub ntawv raws tau sib xyaw - tsis yog cov xim "xiav", "liab" raug kaw. Qhov yuam kev no feem ntau yuav tshwm sim los ntawm kev luam tawm.

Tib qhov teeb meem tshwm sim hauv ib qho kev ua haujlwm zoo sib xws rfx_encode_format_argb, uas tus kws tshuaj ntsuam xyuas tau hais rau peb tias:

V525 Cov cai muaj cov sau los ntawm cov blocks zoo sib xws. Kos cov khoom 'a', 'r', 'g', 'r' hauv kab 260, 261, 262, 263. rfxencode_rgb_to_yuv.c 260

while (x < 64)
{
    *la_buf++ = a;
    *lr_buf++ = r;
    *lg_buf++ = g;
    *lb_buf++ = r;
    x++;
}

Array tshaj tawm

V557 Array overrun yog ua tau. Tus nqi ntawm 'i β€” 8' Performance index tuaj yeem ncav cuag 129. genkeymap.c 142

// evdev-map.c
int xfree86_to_evdev[137-8+1] = {
  ....
};

// genkeymap.c
extern int xfree86_to_evdev[137-8];

int main(int argc, char **argv)
{
  ....
  for (i = 8; i <= 137; i++) /* Keycodes */
  {
    if (is_evdev)
        e.keycode = xfree86_to_evdev[i-8];
    ....
  }
  ....
}

Cov lus tshaj tawm thiab cov ntsiab lus ntawm cov array hauv ob cov ntaub ntawv no tsis sib xws - qhov loj me txawv ntawm 1. Txawm li cas los xij, tsis muaj qhov yuam kev tshwm sim - qhov loj me yog teev nyob rau hauv cov ntaub ntawv evdev-map.c, yog li tsis muaj kev tawm tsam. Yog li qhov no tsuas yog kab laum uas tuaj yeem kho tau yooj yim.

Kev sib piv tsis raug

V560 Ib feem ntawm cov lus qhia yog ib txwm tsis tseeb: (cap_len <0). xwm 616

// common/parse.h
#if defined(B_ENDIAN) || defined(NEED_ALIGN)
#define in_uint16_le(s, v) do 
....
#else
#define in_uint16_le(s, v) do 
{ 
    (v) = *((unsigned short*)((s)->p)); 
    (s)->p += 2; 
} while (0)
#endif

int
xrdp_caps_process_confirm_active(struct xrdp_rdp *self, struct stream *s)
{
  int cap_len;
  ....
  in_uint16_le(s, cap_len);
  ....
  if ((cap_len < 0) || (cap_len > 1024 * 1024))
  {
    ....
  }
  ....
}

Cov haujlwm nyeem ib hom sib txawv tsis kos npe luv mus rau hauv ib tug txawv txav li rau cov menyuam. Kev kuaj xyuas tsis tas yuav tsum muaj ntawm no vim peb tab tom nyeem qhov tsis muaj npe sib txawv thiab muab cov txiaj ntsig rau qhov sib txawv loj dua, yog li qhov sib txawv tsis tuaj yeem coj tus nqi tsis zoo.

Tsis tsim nyog kuaj

V560 Ib feem ntawm cov lus qhia yog ib txwm muaj tseeb: (bpp != 16). wb 704

int EXPORT_CC
libxrdp_send_pointer(struct xrdp_session *session, int cache_idx,
                     char *data, char *mask, int x, int y, int bpp)
{
  ....
  if ((bpp == 15) && (bpp != 16) && (bpp != 24) && (bpp != 32))
  {
      g_writeln("libxrdp_send_pointer: error");
      return 1;
  }
  ....
}

Kev txheeb xyuas qhov tsis sib xws tsis muaj txiaj ntsig ntawm no vim peb twb muaj qhov sib piv thaum pib. Nws zoo li qhov no yog typo thiab tus tsim tawm xav siv tus neeg teb xov tooj || los lim tawm cov lus tsis raug.

xaus

Thaum lub sij hawm ntsuam xyuas, tsis muaj qhov yuam kev loj heev, tab sis pom muaj ntau yam tsis txaus. Txawm li cas los xij, cov qauv no tau siv hauv ntau lub tshuab, txawm tias me me hauv qhov. Ib qhov project me me tsis tas yuav muaj ntau qhov yuam kev, yog li koj yuav tsum tsis txhob txiav txim siab qhov kev ua tau zoo ntawm cov haujlwm me. Koj tuaj yeem nyeem ntxiv txog qhov no hauv kab lus "Kev xav uas tau lees paub los ntawm cov lej".

Koj tuaj yeem rub tawm qhov sim version ntawm PVS-Studio los ntawm peb qhov chaw.

Tshawb xyuas rdesktop thiab xrdp siv PVS-Studio analyzer

Yog tias koj xav qhia cov lus no nrog cov neeg hais lus Askiv, thov siv qhov txuas txhais lus: Sergey Larin. Tshawb xyuas rdesktop thiab xrdp nrog PVS-Studio

Tau qhov twg los: www.hab.com

Ntxiv ib saib