From d4756790be4c00ff91c444d31705f90df7660af4 Mon Sep 17 00:00:00 2001 From: Ondrej Holy Date: Sat, 27 Nov 2021 10:31:07 +0100 Subject: [PATCH] Fix datatype mismatch / big-endian breakage See: https://github.com/FreeRDP/FreeRDP/issues/7436 (cherry picked from Fedora commit 3e1767838718ef6676d20e39bab69104e64aabbd) Related: #2023182 Related: #2017950 --- ...ype-mismatch-to-crypto_base64_decode.patch | 25 ++++++++++++++ Fixed-7436-Datatype-mismatch.patch | 34 +++++++++++++++++++ freerdp.spec | 9 ++++- 3 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 Fixed-7436-Datatype-mismatch-to-crypto_base64_decode.patch create mode 100644 Fixed-7436-Datatype-mismatch.patch diff --git a/Fixed-7436-Datatype-mismatch-to-crypto_base64_decode.patch b/Fixed-7436-Datatype-mismatch-to-crypto_base64_decode.patch new file mode 100644 index 0000000..3279a28 --- /dev/null +++ b/Fixed-7436-Datatype-mismatch-to-crypto_base64_decode.patch @@ -0,0 +1,25 @@ +From 2ddb22f7a453f3429b3246ca8ffa1ff2c31fe71d Mon Sep 17 00:00:00 2001 +From: akallabeth +Date: Fri, 12 Nov 2021 11:24:38 +0100 +Subject: [PATCH] Fixed #7436: Datatype mismatch to crypto_base64_decode + +--- + libfreerdp/core/gateway/rdg.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libfreerdp/core/gateway/rdg.c b/libfreerdp/core/gateway/rdg.c +index 72019ede8..44de2c137 100644 +--- a/libfreerdp/core/gateway/rdg.c ++++ b/libfreerdp/core/gateway/rdg.c +@@ -1190,7 +1190,7 @@ static BOOL rdg_handle_ntlm_challenge(rdpNtlm* ntlm, HttpResponse* response) + BOOL continueNeeded = FALSE; + size_t len; + const char* token64 = NULL; +- size_t ntlmTokenLength = 0; ++ int ntlmTokenLength = 0; + BYTE* ntlmTokenData = NULL; + long StatusCode; + +-- +2.33.1 + diff --git a/Fixed-7436-Datatype-mismatch.patch b/Fixed-7436-Datatype-mismatch.patch new file mode 100644 index 0000000..22c3987 --- /dev/null +++ b/Fixed-7436-Datatype-mismatch.patch @@ -0,0 +1,34 @@ +From 403402607214092d20277af3aa959ce87768580a Mon Sep 17 00:00:00 2001 +From: akallabeth +Date: Fri, 12 Nov 2021 16:01:39 +0100 +Subject: [PATCH] Fixed #7436: Datatype mismatch + +--- + libfreerdp/core/gateway/ncacn_http.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libfreerdp/core/gateway/ncacn_http.c b/libfreerdp/core/gateway/ncacn_http.c +index f288a0f3c..75da83d62 100644 +--- a/libfreerdp/core/gateway/ncacn_http.c ++++ b/libfreerdp/core/gateway/ncacn_http.c +@@ -105,7 +105,7 @@ BOOL rpc_ncacn_http_send_in_channel_request(RpcChannel* inChannel) + BOOL rpc_ncacn_http_recv_in_channel_response(RpcChannel* inChannel, HttpResponse* response) + { + const char* token64 = NULL; +- size_t ntlmTokenLength = 0; ++ int ntlmTokenLength = 0; + BYTE* ntlmTokenData = NULL; + rdpNtlm* ntlm; + +@@ -259,7 +259,7 @@ BOOL rpc_ncacn_http_send_out_channel_request(RpcChannel* outChannel, BOOL replac + BOOL rpc_ncacn_http_recv_out_channel_response(RpcChannel* outChannel, HttpResponse* response) + { + const char* token64 = NULL; +- size_t ntlmTokenLength = 0; ++ int ntlmTokenLength = 0; + BYTE* ntlmTokenData = NULL; + rdpNtlm* ntlm; + +-- +2.33.1 + diff --git a/freerdp.spec b/freerdp.spec index aac94ad..069cf8e 100644 --- a/freerdp.spec +++ b/freerdp.spec @@ -22,7 +22,7 @@ Name: freerdp Version: 2.4.1 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 2 Summary: Free implementation of the Remote Desktop Protocol (RDP) License: ASL 2.0 @@ -30,6 +30,10 @@ URL: http://www.freerdp.com/ Source0: https://github.com/FreeRDP/FreeRDP/archive/%{version}/FreeRDP-%{version}.tar.gz +# https://github.com/FreeRDP/FreeRDP/issues/7436 +Patch0: Fixed-7436-Datatype-mismatch-to-crypto_base64_decode.patch +Patch1: Fixed-7436-Datatype-mismatch.patch + BuildRequires: gcc BuildRequires: gcc-c++ BuildRequires: alsa-lib-devel @@ -295,6 +299,9 @@ find %{buildroot} -name "*.a" -delete %{_libdir}/pkgconfig/winpr-tools2.pc %changelog +* Fri Nov 26 2021 Ondrej Holy - 2:2.4.1-2 +- Fix datatype mismatch / big-endian breakage + * Wed Nov 10 2021 Ondrej Holy - 2:2.4.1-1 - Update to 2.4.1 (CVE-2021-41159, CVE-2021-41160).