Iyi ndiyo ongororo yechipiri munhevedzano yezvinyorwa zvekuyedza yakavhurika sosi zvirongwa zvekushanda neiyo RDP protocol. Mariri isu tichatarisa rdesktop mutengi uye xrdp server.
Inoshandiswa sechombo chekuziva zvikanganiso . Iyo static code analyzer yeC, C++, C# uye Java mitauro, inowanikwa paWindows, Linux uye macOS mapuratifomu.
Nyaya yacho inongopa zvikanganiso zviya zvaiita sezvinonakidza kwandiri. Nekudaro, mapurojekiti madiki, saka pakanga paine zvikanganiso zvishoma :).
taura pfungwa. Chinyorwa chakapfuura nezve FreeRDP purojekiti yekuongorora inogona kuwanikwa .
rdesktop
-Kuitwa kwemahara kwemutengi weRDP yeUNIX-based system. Inogonawo kushandiswa pasi peWindows kana iwe ukavaka purojekiti pasi peCygwin. Rezinesi pasi peGPLv3.
Mutengi uyu ane mukurumbira - anoshandiswa nekusarudzika muReactOS, uye iwe unogona zvakare kuwana yechitatu-bato graphical kumberi-kunopera kwayo. Zvisinei, akwegura: kusunungurwa kwake kwekutanga kwakaitika musi waApril 4, 2001 - panguva yekunyora, ane makore gumi nemanomwe.
Sezvandamboona, purojekiti idiki kwazvo. Iine angangoita zviuru makumi matatu mitsara yekodhi, zvinova zvisinganzwisisike tichifunga nezvezera rayo. Kuenzanisa, FreeRDP ine zviuru mazana matatu nemakumi maviri emitsara. Hezvino zvinobuda zvechirongwa cheCloc:
Kodhi isingasvikiki
Kodhi isingawanikwe yaonekwa. Zvinokwanisika kuti kukanganisa kuripo. rdesktop.c 1502
int
main(int argc, char *argv[])
{
....
return handle_disconnect_reason(deactivated, ext_disc_reason);
if (g_redirect_username)
xfree(g_redirect_username);
xfree(g_username);
}Iko kukanganisa kunosangana nesu pakarepo mubasa kuru: tinoona kodhi ichiuya mushure memushandisi dzokera - chidimbu ichi chinoita kuchenesa ndangariro. Nekudaro, iko kukanganisa hakuiti kutyisidzira: zvese zvakagoverwa memory zvichacheneswa neiyo inoshanda sisitimu mushure mekunge chirongwa chabuda.
Hapana kukanganisa kubata
Array underrun inogoneka. Kukosha kwe 'n' index kunogona kusvika -1. rdesktop.c 1872
RD_BOOL
subprocess(char *const argv[], str_handle_lines_t linehandler, void *data)
{
int n = 1;
char output[256];
....
while (n > 0)
{
n = read(fd[0], output, 255);
output[n] = ' '; // <=
str_handle_lines(output, &rest, linehandler, data);
}
....
}Iyo kodhi snippet mune iyi kesi inoverenga kubva mufaira ichipinda mubuffer kusvika iyo faira yapera. Nekudaro, hapana kukanganisa kubata pano: kana chimwe chinhu chikatadza, saka verenga ichadzoka -1, uye ipapo hurongwa huchapfuura Output.
Kushandisa EOF mumhando yechar
EOF haifanirwe kuenzaniswa nehukoshi hwemhando ye 'char'. Iyo '(c = fgetc(fp))' inofanira kunge iri ye'int' mhando. ctrl.c 500
int
ctrl_send_command(const char *cmd, const char *arg)
{
char result[CTRL_RESULT_SIZE], c, *escaped;
....
while ((c = fgetc(fp)) != EOF && index < CTRL_RESULT_SIZE && c != 'n')
{
result[index] = c;
index++;
}
....
}Pano tinoona kubata kusina kunaka kwekusvika kumagumo efaira: kana fgetc inodzorera munhu ane kodhi 0xFF, inodudzirwa sekuguma kwefaira (EOF).
EOF inogara iripo, kazhinji inotsanangurwa se -1. Semuenzaniso, muCP1251 encoding, iyo yekupedzisira mavara echiRussian alphabet ine kodhi 0xFF, iyo inoenderana nenhamba -1 kana tichitaura nezve shanduko yakafanana. SaIsakari. Zvinoitika kuti chiratidzo 0xFF, senge EOF (-1) inodudzirwa semagumo efaira. Kuti udzivise zvikanganiso zvakadaro, mhedzisiro yebasa iri fgetc inofanira kuchengetwa mune inoshanduka se Int.
Typos
Chikamu 1
Matauriro okuti 'nyora_nguva' anogara ari emanyepo. disk.c 805
RD_NTSTATUS
disk_set_information(....)
{
time_t write_time, change_time, access_time, mod_time;
....
if (write_time || change_time)
mod_time = MIN(write_time, change_time);
else
mod_time = write_time ? write_time : change_time; // <=
....
}Zvichida munyori wekodhi iyi akazvitadza || ΠΈ && muchimiro. Ngatitarisei zvingasarudzwa zvezvinokosha kunyora_nguva ΠΈ change_time:
- Mabhizaunzi ese ari maviri akaenzana na 0: apa tinopedzisira tave mubazi mumwe: chinja mod_time ichagara iri 0 zvisinei nemamiriro anotevera.
- Imwe yezvakasiyana ndeye 0: mod_time ichaenzana na 0 (chero bedzi imwe vhezheni ine kukosha kusiri-negative), nekuti Min ichasarudza diki pane mbiri sarudzo.
- Zvose zvakasiyana-siyana hazvina kuenzana ne0: sarudza kukosha kwepasi.
Pakutsiva mamiriro acho ne kunyora_nguva &&kuchinja_nguva maitiro achaita seakanaka:
- Imwe kana ese ari maviri akasiyana haana kuenzana ne0: sarudza iyo isiri-zero kukosha.
- Zvose zvakasiyana-siyana hazvina kuenzana ne0: sarudza kukosha kwepasi.
Chikamu 2
Kutaura ndekwechokwadi nguva dzose. Pamwe iyo '&&' mushandisi anofanira kushandiswa pano. disk.c 1419
static RD_NTSTATUS
disk_device_control(RD_NTHANDLE handle, uint32 request, STREAM in,
STREAM out)
{
....
if (((request >> 16) != 20) || ((request >> 16) != 9))
return RD_STATUS_INVALID_PARAMETER;
....
}Sezviri pachena maopareta akasanganiswa pano futi || ΠΈ &&, kana == ΠΈ !=: Musiyano haugone kuve nehukoshi 20 uye 9 panguva imwe chete.
Unlimited line kukopa
Kufona kweiyo 'sprintf' basa kunotungamira mukufashukira kwebuffer 'fullpath'. disk.c 1257
RD_NTSTATUS
disk_query_directory(....)
{
....
char *dirname, fullpath[PATH_MAX];
....
/* Get information for directory entry */
sprintf(fullpath, "%s/%s", dirname, pdirent->d_name);
....
}Paunotarisa basa racho zvizere, zvichava pachena kuti iyi code haina kukonzera matambudziko. Nekudaro, ivo vanogona kumuka mune ramangwana: imwe shanduko isina hanya uye isu tichawana buffer kufashukira - kumhanya haina kuganhurirwa nechero chinhu, saka kana concatenating makwara tinogona kupfuura miganhu array. Zvinokurudzirwa kuona kufona uku snprintf(fullpath, PATH_MAX, ....).
Redundant condition
Chikamu chechirevo chezvimiso chinogara chiri chokwadi: wedzera > 0. scard.c 507
static void
inRepos(STREAM in, unsigned int read)
{
SERVER_DWORD add = 4 - read % 4;
if (add < 4 && add > 0)
{
....
}
}kuonorora wedzera > 0 hapana chinodiwa pano: shanduko ichagara yakakura kupfuura zero, nekuti verenga % 4 ichadzorera zvakasara zvechikamu, asi hazvizombofi zvakaenzana ne4.
xrdp
-Kuitwa kweyakavhurika sosi RDP server. Iyo purojekiti yakakamurwa kuita 2 zvikamu:
- xrdp - protocol kuita. Yakagoverwa pasi peiyo Apache 2.0 rezinesi.
- xorgxrdp - Seti yeXorg madhiraivha ekushandisa ne xrdp. Rezinesi - X11 (seMIT, asi inorambidza kushandiswa mukushambadzira)
Kuvandudzwa kweprojekiti kunoenderana nemhedzisiro yerdesktop uye FreeRDP. Pakutanga, kushanda nemagiraidhi, waifanira kushandisa yakaparadzana VNC sevha, kana yakakosha X11 server ine RDP rutsigiro - X11rdp, asi nekuuya kwexorgxrdp, kudiwa kwavo kwakanyangarika.
Muchikamu chino hatisi kuzovhara xorgxrdp.
Iyo xrdp purojekiti, senge yapfuura, idiki kwazvo uye ine ingangoita zviuru makumi masere mitsara.
More typos
Iyo kodhi ine muunganidzwa wemabhuroko akafanana. Tarisa zvinhu 'r', 'g', 'r' mumitsara 87, 88, 89. rfxencode_rgb_to_yuv.c 87
static int
rfx_encode_format_rgb(const char *rgb_data, int width, int height,
int stride_bytes, int pixel_format,
uint8 *r_buf, uint8 *g_buf, uint8 *b_buf)
{
....
switch (pixel_format)
{
case RFX_FORMAT_BGRA:
....
while (x < 64)
{
*lr_buf++ = r;
*lg_buf++ = g;
*lb_buf++ = r; // <=
x++;
}
....
}
....
}Iyi kodhi yakatorwa kubva ku librfxcodec raibhurari, iyo inoshandisa iyo jpeg2000 codec yeRemoteFX. Pano, sezviri pachena, graphic data channels dzakasanganiswa - panzvimbo ye "blue" ruvara, "tsvuku" yakanyorwa. Kukanganisa uku kunonyanya kuoneka semhedzisiro yecopy-paste.
Dambudziko rimwechete rakaitika mukushanda kwakafanana rfx_encode_format_argb, izvo zvakatiudzawo nemuongorori:
Iyo kodhi ine muunganidzwa wemabhuroko akafanana. Tarisa zvinhu 'a', 'r', 'g', 'r' mumitsara 260, 261, 262, 263. rfxencode_rgb_to_yuv.c 260
while (x < 64)
{
*la_buf++ = a;
*lr_buf++ = r;
*lg_buf++ = g;
*lb_buf++ = r;
x++;
}Array Declaration
Array overrun inogoneka. Kukosha kwe 'i - 8' indekisi inogona kusvika 129. genkeymap.c 142
// evdev-map.c
int xfree86_to_evdev[137-8+1] = {
....
};
// genkeymap.c
extern int xfree86_to_evdev[137-8];
int main(int argc, char **argv)
{
....
for (i = 8; i <= 137; i++) /* Keycodes */
{
if (is_evdev)
e.keycode = xfree86_to_evdev[i-8];
....
}
....
}Chiziviso uye tsananguro yezvirongwa mumafaira maviri aya hazvienderani - ukuru hunosiyana ne 1. Zvisinei, hapana zvikanganiso zvinoitika - ukuru hwakarurama hunotsanangurwa mu evdev-map.c faira, saka hapana kunze kwemiganhu. Saka iyi ingori tsikidzi inogona kugadziriswa nyore.
Kuenzanisa kusina kururama
Chikamu chechirevo chekutaura chinogara chiri chenhema: (cap_len <0). xrdp_caps.c 616
// common/parse.h
#if defined(B_ENDIAN) || defined(NEED_ALIGN)
#define in_uint16_le(s, v) do
....
#else
#define in_uint16_le(s, v) do
{
(v) = *((unsigned short*)((s)->p));
(s)->p += 2;
} while (0)
#endif
int
xrdp_caps_process_confirm_active(struct xrdp_rdp *self, struct stream *s)
{
int cap_len;
....
in_uint16_le(s, cap_len);
....
if ((cap_len < 0) || (cap_len > 1024 * 1024))
{
....
}
....
}Basa racho rinoverenga rudzi rwakasiyana isina kusaina ipfupi kuita shanduko yakafanana Int. Kutarisa hakudiwe pano nekuti tiri kuverenga vhezheni isina kusaina uye tichipa mhedzisiro kune yakakura musiyano, saka shanduko haigone kutora kukosha kwakashata.
Macheki asina basa
Chikamu chechirevo chechirevo chinogara chiri chechokwadi: (bpp != 16). libxrdp.c 704
int EXPORT_CC
libxrdp_send_pointer(struct xrdp_session *session, int cache_idx,
char *data, char *mask, int x, int y, int bpp)
{
....
if ((bpp == 15) && (bpp != 16) && (bpp != 24) && (bpp != 32))
{
g_writeln("libxrdp_send_pointer: error");
return 1;
}
....
}Kusaenzana cheki hakuna musoro pano sezvo isu tatova nekuenzanisa pakutanga. Zvingangodaro kuti iyi i typo uye mugadziri aida kushandisa mushandisi || kusefa nharo dzisiridzo.
mhedziso
Panguva yekuongorora, hapana zvikanganiso zvakakomba zvakaonekwa, asi zvikanganiso zvakawanda zvakawanikwa. Nekudaro, magadzirirwo aya anoshandiswa mune akawanda masisitimu, kunyangwe ari madiki muhukuru. Purojekiti diki haifanire kunge ine zvikanganiso zvakawanda, saka haufanirwe kutonga mashandiro emuongorori chete pamapurojekiti madiki. Unogona kuverenga zvakawanda pamusoro peizvi mune chinyorwa "".
Unogona kudhawunirodha vhezheni yePVS-Studio kubva kwatiri .
Kana iwe uchida kugovera chinyorwa ichi nevateereri vanotaura Chirungu, ndapota shandisa chinongedzo chekushandura: Sergey Larin.
Source: www.habr.com