[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#780244: unblock: freerdp/1.1.0~git20140921.1.440916e+dfsg1-4

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package freerdp (already uploaded).

+  * debian/patches:
+    + Add 0002_handle-old-style-cmdline-options.patch. Command line detection
+      is run with dummy settings where not everything is allocated. Collections
+      (device, dynamic channel and static channel) didn't handle this case
+      properly. (Closes: #779312).

-> Fix an open RC bug. The problem here is that the freerdp devs have
implemented a new cmdline interface style (options starting with a "/"
slash). The old cmdline style (--<optionname>=value) is still supported
(legacy). However, various new features have new cmdline-style options,
but the legacy option parser lacks support for those. Even worse, some of
the new feature cannot be expressed via the old command line style,
syntactically.

Users are highly recommended to use the new cmdline style as proposed by
the latest version of the xfreerdp man page.

+    + Add 0003_copy-data-when-adding-glyph-to-cache.patch. Copy data when adding
+      glyph to cache. Fix double free or corruption inupdate_gdi_fast_glyph ->
+      glyph_cache_put -> _int_free (Closes: #740637).

-> Upstream provided another fix today for an issue that also has been
reported via Debian BTS (originally against package remmina). I have
included a fix for that double free or corruption issue with this upload.

light+love,
Mike


unblock freerdp/1.1.0~git20140921.1.440916e+dfsg1-4

-- System Information:
Debian Release: 8.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing-updates'), (500, 'testing-proposed-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

diff -Nru freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/changelog freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/changelog
--- freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/changelog	2015-02-13 06:02:21.000000000 +0100
+++ freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/changelog	2015-03-10 21:29:17.000000000 +0100
@@ -1,3 +1,16 @@
+freerdp (1.1.0~git20140921.1.440916e+dfsg1-4) unstable; urgency=medium
+
+  * debian/patches:
+    + Add 0002_handle-old-style-cmdline-options.patch. Command line detection
+      is run with dummy settings where not everything is allocated. Collections
+      (device, dynamic channel and static channel) didn't handle this case
+      properly. (Closes: #779312).
+    + Add 0003_copy-data-when-adding-glyph-to-cache.patch. Copy data when adding
+      glyph to cache. Fix double free or corruption inupdate_gdi_fast_glyph ->
+      glyph_cache_put -> _int_free (Closes: #740637).
+
+ -- Mike Gabriel <sunweaver@debian.org>  Tue, 10 Mar 2015 21:28:34 +0100
+
 freerdp (1.1.0~git20140921.1.440916e+dfsg1-3) unstable; urgency=medium
 
   [ Bernhard Miklautz ]
diff -Nru freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0002_handle-old-style-cmdline-options.patch freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0002_handle-old-style-cmdline-options.patch
--- freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0002_handle-old-style-cmdline-options.patch	1970-01-01 01:00:00.000000000 +0100
+++ freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0002_handle-old-style-cmdline-options.patch	2015-03-10 21:09:23.000000000 +0100
@@ -0,0 +1,64 @@
+From 85856224f63cd6e356a386f096156ff85e2f64e9 Mon Sep 17 00:00:00 2001
+From: Bernhard Miklautz <bernhard.miklautz@thincast.com>
+Date: Tue, 10 Mar 2015 13:10:39 +0100
+Subject: [PATCH] settings: handle collection_add in detection case
+
+Command line detection is run with dummy settings where not everything
+is allocated. Collections (device, dynamic channel and static
+channel) didn't handle this case properly.
+
+(cherry picked from commit e9985c20938954f7df8f57b43c30c74c9d480dde)
+
+Conflicts:
+    client/common/test/TestClientCmdLine.c
+---
+ client/common/test/TestClientCmdLine.c | 5 +++++
+ libfreerdp/common/settings.c           | 9 +++++++++
+ 2 files changed, 14 insertions(+)
+
+--- a/client/common/test/TestClientCmdLine.c
++++ b/client/common/test/TestClientCmdLine.c
+@@ -108,6 +108,11 @@
+ 	char* cmd22[] = { "xfreerdp", "-g", "1920x1200", "-d", "domain", "-u", "username", "-D", "-a", "16", "--plugin", "rdpsnd", "--plugin", "rdpdr", "--data", "disk:media:/home/username/media/", "--", "-x", "l", "--rfx", "--ignore-certificate", "--plugin", "cliprdr", "some.host.name.com"};
+ 	TESTCASE_SUCCESS(cmd22);
+ 
++#if 0
++	char* cmd23[] = {"xfreerdp -z --plugin cliprdr --plugin rdpsnd --data alsa latency:100 -- --plugin rdpdr --data disk:w7share:/home/w7share -- --plugin drdynvc --data tsmf:decoder:gstreamer -- -u test host.example.com"};
++	TESTCASE(cmd23, COMMAND_LINE_STATUS_PRINT);
++#endif
++
+ 	return 0;
+ }
+ 
+--- a/libfreerdp/common/settings.c
++++ b/libfreerdp/common/settings.c
+@@ -135,6 +135,9 @@
+ 
+ void freerdp_device_collection_add(rdpSettings* settings, RDPDR_DEVICE* device)
+ {
++	if (!settings->DeviceArray)
++		return;
++
+ 	if (settings->DeviceArraySize < (settings->DeviceCount + 1))
+ 	{
+ 		settings->DeviceArraySize *= 2;
+@@ -204,6 +207,9 @@
+ 
+ void freerdp_static_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel)
+ {
++	if (!settings->StaticChannelArray)
++		return;
++
+ 	if (settings->StaticChannelArraySize < (settings->StaticChannelCount + 1))
+ 	{
+ 		settings->StaticChannelArraySize *= 2;
+@@ -252,6 +258,9 @@
+ 
+ void freerdp_dynamic_channel_collection_add(rdpSettings* settings, ADDIN_ARGV* channel)
+ {
++	if (!settings->DynamicChannelArray)
++		return;
++
+ 	if (settings->DynamicChannelArraySize < (settings->DynamicChannelCount + 1))
+ 	{
+ 		settings->DynamicChannelArraySize *= 2;
diff -Nru freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0003_copy-data-when-adding-glyph-to-cache.patch freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0003_copy-data-when-adding-glyph-to-cache.patch
--- freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0003_copy-data-when-adding-glyph-to-cache.patch	1970-01-01 01:00:00.000000000 +0100
+++ freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0003_copy-data-when-adding-glyph-to-cache.patch	2015-03-10 21:15:21.000000000 +0100
@@ -0,0 +1,106 @@
+From daea54925b2e8c7606eb22e65ab6b2397306363b Mon Sep 17 00:00:00 2001
+From: Bernhard Miklautz <bmiklautz@thinstuff.at>
+Date: Tue, 24 Sep 2013 23:25:18 +0200
+Subject: [PATCH] core/glyph: copy data when adding glyph to cache
+
+fixes #2439
+
+(cherry picked from commit c99d9ee72bae06d19a15cce46eb4f3230a97f296)
+---
+ libfreerdp/cache/glyph.c | 15 +++++----------
+ libfreerdp/core/orders.c |  4 ++--
+ libfreerdp/core/update.c |  2 ++
+ 3 files changed, 9 insertions(+), 12 deletions(-)
+
+--- a/libfreerdp/cache/glyph.c
++++ b/libfreerdp/cache/glyph.c
+@@ -279,7 +279,7 @@
+ 	if (y == -32768)
+ 		y = fast_glyph->bkTop;
+ 
+-	if (fast_glyph->cbData > 1)
++	if (fast_glyph->cbData > 1 && NULL != fast_glyph->glyphData.aj)
+ 	{
+ 		/* got option font that needs to go into cache */
+ 		glyph_data = &fast_glyph->glyphData;
+@@ -290,7 +290,8 @@
+ 		glyph->cx = glyph_data->cx;
+ 		glyph->cy = glyph_data->cy;
+ 		glyph->cb = glyph_data->cb;
+-		glyph->aj = glyph_data->aj;
++		glyph->aj = malloc(glyph_data->cb);
++		CopyMemory(glyph->aj, glyph_data->aj, glyph->cb);
+ 		Glyph_New(context, glyph);
+ 
+ 		glyph_cache_put(cache->glyph, fast_glyph->cacheId, fast_glyph->data[0], glyph);
+@@ -370,16 +371,14 @@
+ 
+ 	if (index > glyph_cache->glyphCache[id].number)
+ 	{
+-		fprintf(stderr, "invalid glyph cache index: %d in cache id: %d\n", index, id);
++		fprintf(stderr, "index %d out of range for cache id: %d\n", index, id);
+ 		return NULL;
+ 	}
+ 
+ 	glyph = glyph_cache->glyphCache[id].entries[index];
+ 
+ 	if (glyph == NULL)
+-	{
+-		fprintf(stderr, "invalid glyph at cache index: %d in cache id: %d\n", index, id);
+-	}
++		fprintf(stderr, "no glyph found at cache index: %d in cache id: %d\n", index, id);
+ 
+ 	return glyph;
+ }
+@@ -420,9 +419,7 @@
+ 	*size = (BYTE) glyph_cache->fragCache.entries[index].size;
+ 
+ 	if (fragment == NULL)
+-	{
+ 		fprintf(stderr, "invalid glyph fragment at index:%d\n", index);
+-	}
+ 
+ 	return fragment;
+ }
+@@ -437,9 +434,7 @@
+ 	glyph_cache->fragCache.entries[index].size = size;
+ 
+ 	if (prevFragment != NULL)
+-	{
+ 		free(prevFragment);
+-	}
+ }
+ 
+ void glyph_cache_register_callbacks(rdpUpdate* update)
+--- a/libfreerdp/core/orders.c
++++ b/libfreerdp/core/orders.c
+@@ -485,9 +485,7 @@
+ 		Stream_Write_UINT8(s, byte);
+ 	}
+ 	else
+-	{
+ 		return FALSE;
+-	}
+ 
+ 	return TRUE;
+ }
+@@ -1670,6 +1668,8 @@
+ 			if (Stream_GetRemainingLength(s) < glyph->cb)
+ 				return FALSE;
+ 
++			if (glyph->aj)
++				free(glyph->aj);
+ 			glyph->aj = (BYTE*) malloc(glyph->cb);
+ 			Stream_Read(s, glyph->aj, glyph->cb);
+ 		}
+--- a/libfreerdp/core/update.c
++++ b/libfreerdp/core/update.c
+@@ -1596,6 +1596,8 @@
+ 
+ 		free(update->primary->polyline.points);
+ 		free(update->primary->polygon_sc.points);
++		if (NULL != update->primary->fast_glyph.glyphData.aj)
++			free(update->primary->fast_glyph.glyphData.aj);
+ 		free(update->primary);
+ 
+ 		free(update->secondary);
diff -Nru freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/series freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/series
--- freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/series	2015-02-13 05:21:05.000000000 +0100
+++ freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/series	2015-03-10 21:20:50.000000000 +0100
@@ -8,3 +8,5 @@
 1008_gcc-fPIC-on-arm64.patch
 2001_detect-ffmpeg-on-Debian.patch
 0001_fix-cmdline-parser.patch
+0002_handle-old-style-cmdline-options.patch
+0003_copy-data-when-adding-glyph-to-cache.patch
Reply to: