ProHoster > Блог > Whakahaerenga > Te arowhai i te rdesktop me te xrdp ma te whakamahi i te kaitirotiro PVS-Studio

Te arowhai i te rdesktop me te xrdp ma te whakamahi i te kaitirotiro PVS-Studio

Te tirotiro i te rdesktop me te xrdp ma te whakamahi i te kaitirotiro PVS-Studio
Koinei te arotake tuarua i roto i nga raupapa tuhinga mo te whakamatautau i nga kaupapa puna tuwhera mo te mahi me te kawa RDP. I roto ka titiro tatou ki te kiritaki rdesktop me te tūmau xrdp.

Ka whakamahia hei taputapu ki te tautuhi i nga hapa PVS-Studio. He kaitirotiro waehere pateko mo nga reo C, C++, C# me Java, e waatea ana i runga i nga papaaho Windows, Linux me macOS.

Ko te tuhinga anake e whakaatu ana i nga hapa i ahua pai ki ahau. Heoi, he iti nga kaupapa, no reira he iti noa nga hapa :).

parau. Ka kitea he tuhinga o mua mo te manatoko kaupapa FreeRDP konei.

Tuhinga o mua

Tuhinga o mua — he whakatinanatanga kore utu o te kiritaki RDP mo nga punaha-a-UNIX. Ka taea hoki te whakamahi i raro i te Matapihi mena ka hangaia e koe te kaupapa i raro i a Cygwin. Kua raihanatia i raro i te GPLv3.

He tino rongonui tenei kaihoko - ka whakamahia taunoa i ReactOS, ka kitea hoki e koe nga pito kauwhata tuatoru mo taua mea. Heoi, kua tino koroheke ia: ko tana tukunga tuatahi i puta i te 4 o Aperira 2001 - i te wa e tuhi ana, 17 ona tau.

Ka rite ki taku korero i mua, he iti noa te kaupapa. Tata ki te 30 mano nga rarangi o te waehere, he ahua rereke te whakaaro ki tona tau. Hei whakataurite, kei roto i te FreeRDP nga raina 320 mano. Anei te putanga o te kaupapa Cloc:

Te tirotiro i te rdesktop me te xrdp ma te whakamahi i te kaitirotiro PVS-Studio

Waehere kore taea

V779 Waehere kore watea kua kitea. He hapa pea kei reira. rdesktop.c 1502

int
main(int argc, char *argv[])
{
  ....
  return handle_disconnect_reason(deactivated, ext_disc_reason);

  if (g_redirect_username)
    xfree(g_redirect_username);

  xfree(g_username);
}

Ka tutaki tonu te hapa ki a maatau i roto i te mahi matua: kite tatou i te waehere e haere mai ana i muri i te kaiwhakahaere hoki — ka mahia e tenei kongakonga te horoi mahara. Heoi, karekau te hapa i te whakatuma: ka whakakorehia nga mahara kua tohatohahia e te punaha whakahaere i muri i te putanga o te papatono.

Karekau he whakahaere hapa

V557 Ka taea te whakaheke i te huānga. Ko te uara o te taupū 'n' ka eke ki te -1. rdesktop.c 1872

RD_BOOL
subprocess(char *const argv[], str_handle_lines_t linehandler, void *data)
{
  int n = 1;
  char output[256];
  ....
  while (n > 0)
  {
    n = read(fd[0], output, 255);
    output[n] = ' '; // <=
    str_handle_lines(output, &rest, linehandler, data);
  }
  ....
}

Ko te snippet waehere i roto i tenei keehi ka panui mai i te konae ki roto i te papaa tae noa ki te mutunga o te konae. Heoi, karekau he hapa whakahaere i konei: ki te he tetahi, na te pānui i ka hoki mai -1, katahi ka horo te huinga Putanga.

Te whakamahi i te EOF ki te momo tohu

V739 Kaua e whakatauritea te EOF ki te uara o te momo 'char'. Ko te '(c = fgetc(fp))' me noho te momo 'int'. ctrl.c 500


int
ctrl_send_command(const char *cmd, const char *arg)
{
  char result[CTRL_RESULT_SIZE], c, *escaped;
  ....
  while ((c = fgetc(fp)) != EOF && index < CTRL_RESULT_SIZE && c != 'n')
  {
    result[index] = c;
    index++;
  }
  ....
}

I konei ka kite tatou i te whakahaere hee i te taenga ki te mutunga o te konae: mena fgetc ka whakahoki mai i tetahi ahuatanga ko te 0xFF tana waehere, ka kiia ko te mutunga o te konae (EOF).

EOF he pūmau tonu, ko te tikanga he -1. Hei tauira, i roto i te whakawaehere CP1251, ko te reta whakamutunga o te reta a Rūhia he waehere 0xFF, e rite ana ki te nama -1 mena kei te korero tatou mo te taurangi penei pūāuha. Ka puta ko te tohu 0xFF, penei EOF Ko te (-1) te whakamaoritanga ko te mutunga o te konae. Hei karo i enei hapa, ko te hua o te mahi fgetc kia penapena i roto i te taurangi rite int.

Patopato

Waahanga 1

V547 He teka tonu te kupu 'write_time'. kōpae.c 805

RD_NTSTATUS
disk_set_information(....)
{
  time_t write_time, change_time, access_time, mod_time;
  ....
  if (write_time || change_time)
    mod_time = MIN(write_time, change_time);
  else
    mod_time = write_time ? write_time : change_time; // <=
  ....
}

I he pea te kaituhi o tenei waehere || и && i roto i te huru. Kia whai whakaaro tatou ki nga whiringa ka taea mo nga uara tuhi_wa и huringa_wa:

  • He rite nga taurangi e rua ki te 0: i tenei keehi ka mutu tatou ki te peka atu: taurangi mod_wa ka 0 tonu ahakoa te ahuatanga o muri mai.
  • Ko tetahi o nga taurangi he 0: mod_wa ka rite ki te 0 (mehemea he uara kore-kino to tera atu taurangi), na te mea min ka whiriwhiri i te iti o nga whiringa e rua.
  • Ko nga taurangi e rua kaore i te rite ki te 0: whiriwhiria te uara iti rawa.

A, no te whakakapi i te huru ki tuhi_wa && huri_wa ka titiro tika te whanonga:

  • Kotahi, e rua ranei nga taurangi kaore e rite ki te 0: whiriwhiria he uara kore-kore.
  • Ko nga taurangi e rua kaore i te rite ki te 0: whiriwhiria te uara iti rawa.

Waahanga 2

V547 He pono tonu te korero. Tena pea me whakamahi te kaiwhakahaere '&&' ki konei. kōpae.c 1419

static RD_NTSTATUS
disk_device_control(RD_NTHANDLE handle, uint32 request, STREAM in,
      STREAM out)
{
  ....
  if (((request >> 16) != 20) || ((request >> 16) != 9))
    return RD_STATUS_INVALID_PARAMETER;
  ....
}

Ko te ahua kei te whakauru ano hoki nga kaiwhakahaere ki konei || и &&, ranei == и !=: Kaore e taea e te taurangi te 20 me te 9 te uara i te wa kotahi.

Te kape raina mutunga kore

V512 Ma te waea o te mahi 'sprintf' ka puta te puhake o te 'fullpath' buffer. kōpae.c 1257

RD_NTSTATUS
disk_query_directory(....)
{
  ....
  char *dirname, fullpath[PATH_MAX];
  ....
  /* Get information for directory entry */
  sprintf(fullpath, "%s/%s", dirname, pdirent->d_name);
  ....
}

Ina titiro koe ki te mahi katoa, ka maarama ko tenei waehere kaore he raru. Heoi ano, tera pea ka ara ake i nga ra kei mua: kotahi te huringa ohorere ka whiwhi tatou i te putunga putunga - omaoma karekau e whakawhäitihia e tetahi mea, no reira ka whakakotahihia nga ara ka taea e taatau ki tua atu i nga rohe o te raupapa. E taunaki ana kia tirohia tenei waea snprintf(fullpath, PATH_MAX, ….).

Te ahua nui

V560 He pono tonu tetahi wahanga o te kupu here: taapiri > 0. scard.c 507

static void
inRepos(STREAM in, unsigned int read)
{
  SERVER_DWORD add = 4 - read % 4;
  if (add < 4 && add > 0)
  {
    ....
  }
}

tirohanga tāpiri > 0 kaore he take i konei: ka nui ake te taurangi i te kore, na te mea panui % 4 ka whakahokia te toenga o te wehenga, engari kare rawa e rite ki te 4.

xrdp

xrdp — te whakatinanatanga o te tūmau RDP me te waehere puna tuwhera. Kua wehea te kaupapa kia 2 nga wahanga:

  • xrdp - whakatinana kawa. Ka tohatohahia i raro i te raihana Apache 2.0.
  • xorgxrdp - He huinga taraiwa Xorg hei whakamahi me te xrdp. Raihana - X11 (pērā i te MIT, engari ka rāhuitia te whakamahi ki ngā pānuitanga)

Ko te whanaketanga o te kaupapa i ahu mai i nga hua o te rdesktop me te FreeRDP. I te tuatahi, ki te mahi me nga whakairoiro, me whakamahi koe i tetahi tūmau VNC motuhake, he tūmau X11 motuhake ranei me te tautoko RDP - X11rdp, engari i te taenga mai o te xorgxrdp, kua ngaro te hiahia mo ratou.

I roto i tenei tuhinga kaore matou e hipokina xorgxrdp.

Ko te kaupapa xrdp, penei i te mea o mua, he iti rawa, he 80 mano nga rarangi kei roto.

Te tirotiro i te rdesktop me te xrdp ma te whakamahi i te kaitirotiro PVS-Studio

Ētahi atu patopato

V525 Kei roto i te waehere te kohinga o nga poraka rite. Tirohia nga mea 'r', 'g', 'r' kei nga rarangi 87, 88, 89. rfxencode_rgb_to_yuv.c 87

static int
rfx_encode_format_rgb(const char *rgb_data, int width, int height,
                      int stride_bytes, int pixel_format,
                      uint8 *r_buf, uint8 *g_buf, uint8 *b_buf)
{
  ....
  switch (pixel_format)
  {
    case RFX_FORMAT_BGRA:
      ....
      while (x < 64)
      {
          *lr_buf++ = r;
          *lg_buf++ = g;
          *lb_buf++ = r; // <=
          x++;
      }
      ....
  }
  ....
}

I tangohia tenei waehere mai i te whare pukapuka librfxcodec, e whakamahi ana i te jpeg2000 codec mo RemoteFX. I konei, ko te ahua, kua whakaranuhia nga hongere raraunga whakairoiro - hei utu mo te tae "puru", "whero" ka tuhia. I puta mai tenei hapa na te kape-whakapiri.

Ko te raruraru ano i puta i roto i tetahi mahi rite rfx_encode_format_argb, i kii mai ano te kaitirotiro ki a matou:

V525 Kei roto i te waehere te kohinga o nga poraka rite. Tirohia nga mea 'a', 'r', 'g', 'r' kei nga rarangi 260, 261, 262, 263. rfxencode_rgb_to_yuv.c 260

while (x < 64)
{
    *la_buf++ = a;
    *lr_buf++ = r;
    *lg_buf++ = g;
    *lb_buf++ = r;
    x++;
}

Whakapuakanga Huanga

V557 Ka taea te whakaeke i te huānga. Ko te uara o te 'i — 8' ka eke ki te 129. genkeymap.c 142

// evdev-map.c
int xfree86_to_evdev[137-8+1] = {
  ....
};

// genkeymap.c
extern int xfree86_to_evdev[137-8];

int main(int argc, char **argv)
{
  ....
  for (i = 8; i <= 137; i++) /* Keycodes */
  {
    if (is_evdev)
        e.keycode = xfree86_to_evdev[i-8];
    ....
  }
  ....
}

Ko te whakapuakanga me te whakamaramatanga o te huinga i roto i enei konae e rua kaore i te hototahi - he rereke te rahi ki te 1. Heoi, karekau he hapa - kua tohua te rahi tika i roto i te konae evdev-map.c, no reira kaore he rohe. Na he bug noa tenei ka ngawari te whakatika.

He whakatauritenga hē

V560 He teka tonu tetahi wahanga o te kupu here: (cap_len <0). xrdp_caps.c 616

// common/parse.h
#if defined(B_ENDIAN) || defined(NEED_ALIGN)
#define in_uint16_le(s, v) do 
....
#else
#define in_uint16_le(s, v) do 
{ 
    (v) = *((unsigned short*)((s)->p)); 
    (s)->p += 2; 
} while (0)
#endif

int
xrdp_caps_process_confirm_active(struct xrdp_rdp *self, struct stream *s)
{
  int cap_len;
  ....
  in_uint16_le(s, cap_len);
  ....
  if ((cap_len < 0) || (cap_len > 1024 * 1024))
  {
    ....
  }
  ....
}

Ka panui te mahi i tetahi momo taurangi waitohu poto ki te taurangi rite int. Kaore e hiahiatia te tirotiro i konei na te mea kei te panui tatou i tetahi taurangi kaore i hainatia me te tautapa i te hua ki tetahi taurangi nui ake, na reira kaore e taea e te taurangi te tango i te uara kino.

Nga arowhai koretake

V560 He pono tonu tetahi wahanga o te kupu here: (bpp != 16). libxrdp.c 704

int EXPORT_CC
libxrdp_send_pointer(struct xrdp_session *session, int cache_idx,
                     char *data, char *mask, int x, int y, int bpp)
{
  ....
  if ((bpp == 15) && (bpp != 16) && (bpp != 24) && (bpp != 32))
  {
      g_writeln("libxrdp_send_pointer: error");
      return 1;
  }
  ....
}

Ko nga arowhai oritenga kore e whai tikanga i konei i te mea he whakataurite kee tatou i te timatanga. Ko te mea pea he pohehe tenei ka hiahia te kaiwhakawhanake ki te whakamahi i te kaiwhakahaere || ki te tātari i nga tohenga muhu.

mutunga

I te wa o te arotake, kaore he hapa nui i kitea, engari he maha nga hapa i kitea. Heoi, ka whakamahia enei hoahoa i roto i nga punaha maha, ahakoa he iti te waahanga. Ehara i te mea he maha nga hapa o te kaupapa iti, no reira kaua koe e whakawa i nga mahi a te kaitirotiro mo nga kaupapa iti anake. Ka taea e koe te panui atu mo tenei i roto i te tuhinga "Nga kare-a-roto i whakapumautia e nga tau".

Ka taea e koe te tango i tetahi putanga whakamatautau o PVS-Studio mai i a maatau pae.

Te tirotiro i te rdesktop me te xrdp ma te whakamahi i te kaitirotiro PVS-Studio

Ki te hiahia koe ki te tiri i tenei tuhinga ki te hunga whakarongo ki te reo Ingarihi, whakamahia te hononga whakamaori: Sergey Larin. Te tirotiro i te rdesktop me te xrdp me te PVS-Studio

Source: will.com

Tāpiri i te kōrero