Пример #1
0
    void recv(InStream & stream)
    {
        if (!stream.in_check_rem(8)){
            LOG(LOG_ERR, "SC_CORE short header");
            throw Error(ERR_GCC);
        }

        this->userDataType = stream.in_uint16_le();
        this->length = stream.in_uint16_le();
        this->version = stream.in_uint32_le();
        if (this->length < 12) {
            if (this->length != 8) {
                LOG(LOG_ERR, "SC_CORE invalid length (%u)", this->length);
                throw Error(ERR_GCC);
            }
            return;
        }
        this->clientRequestedProtocols = stream.in_uint32_le();
        if (this->length < 16) {
            if (this->length != 12) {
                LOG(LOG_ERR, "SC_CORE invalid length (%u)", this->length);
                throw Error(ERR_GCC);
            }
            return;
        }
        this->earlyCapabilityFlags = stream.in_uint32_le();
        if (this->length != 16) {
            LOG(LOG_ERR, "SC_CORE invalid length (%u)", this->length);
            throw Error(ERR_GCC);
        }
    }
Пример #2
0
    void recv(InStream & stream, uint16_t len) override {
        this->len = len;

        /* terminalDescriptor(16) + pad4octetsA(4) + desktopSaveXGranularity(2) + desktopSaveYGranularity(2) +
         * pad2octetsA(2) + maximumOrderLevel(2) + numberFonts(2) + orderFlags(2) + orderSupport(NB_ORDER_SUPPORT) +
         * textFlags(2) + orderSupportExFlags(2) + pad4octetsB(4) + desktopSaveSize(4) + pad2octetsC(2) +
         * pad2octetsD(2) + textANSICodePage(2) + pad2octetsE(2)
         */
        const unsigned expected = 32 + NB_ORDER_SUPPORT + 20;
        if (!stream.in_check_rem(expected)){
            LOG(LOG_ERR, "Truncated OrderCaps, need=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_MCS_PDU_TRUNCATED);
        }

        stream.in_copy_bytes(this->terminalDescriptor, 16);
        this->pad4octetsA = stream.in_uint32_le();
        this->desktopSaveXGranularity = stream.in_uint16_le();
        this->desktopSaveYGranularity = stream.in_uint16_le();
        this->pad2octetsA = stream.in_uint16_le();
        this->maximumOrderLevel = stream.in_uint16_le();
        this->numberFonts = stream.in_uint16_le();
        this->orderFlags = stream.in_uint16_le();
        stream.in_copy_bytes(this->orderSupport, NB_ORDER_SUPPORT);
        this->textFlags = stream.in_uint16_le();
        this->orderSupportExFlags = stream.in_uint16_le();
        this->pad4octetsB = stream.in_uint32_le();
        this->desktopSaveSize = stream.in_uint32_le();
        this->pad2octetsC = stream.in_uint16_le();
        this->pad2octetsD = stream.in_uint16_le();
        this->textANSICodePage = stream.in_uint16_le();
        this->pad2octetsE = stream.in_uint16_le();
    }
Пример #3
0
    void recv(InStream & stream, uint16_t len) override {
        this->len = len;

        /* pad1(4) + pad2(4) + pad3(4) + pad4(4) + pad5(4) + pad6(4) + cache0Entries(2) + cache0MaximumCellSize(2) +
         * cache1Entries(2) + cache1MaximumCellSize(2) + cache2Entries(2) + cache2MaximumCellSize(2)
         */
        const unsigned expected = 36;
        if (!stream.in_check_rem(expected)){
            LOG(LOG_ERR, "Truncated BmpCacheCaps, need=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_MCS_PDU_TRUNCATED);
        }

        this->pad1 = stream.in_uint32_le();
        this->pad2 = stream.in_uint32_le();
        this->pad3 = stream.in_uint32_le();
        this->pad4 = stream.in_uint32_le();
        this->pad5 = stream.in_uint32_le();
        this->pad6 = stream.in_uint32_le();
        this->cache0Entries = stream.in_uint16_le();
        this->cache0MaximumCellSize = stream.in_uint16_le();
        this->cache1Entries = stream.in_uint16_le();
        this->cache1MaximumCellSize = stream.in_uint16_le();
        this->cache2Entries = stream.in_uint16_le();
        this->cache2MaximumCellSize = stream.in_uint16_le();
      }
Пример #4
0
 void process_filecontents_response(InStream& chunk, FieldIndex total_data_paste)
 {
     if (this->flag_filecontents == RDPECLIP::FILECONTENTS_SIZE) {
         chunk.in_skip_bytes(4);             // streamId(4 bytes)
         uint32_t nPositionLow = chunk.in_uint32_le();
         uint64_t nPositionHigh = chunk.in_uint32_le();
         this->metrics->add_to_current_data(
             total_data_paste, nPositionLow + (nPositionHigh << 32));
     }
 }
    explicit LogonInfoVersion1_Recv(InStream & stream) :
    cbDomain(0),
    cbUserName(0),
    SessionId(0) {
        memset(Domain,   0, sizeof(Domain));
        memset(UserName, 0, sizeof(UserName));

        unsigned expected = 4;  // cbDomain(4)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Logon Info Version 1 (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        this->cbDomain = stream.in_uint32_le();

        expected = 52 +	// Domain(52)
                   4;   // cbUserName(4)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Logon Info Version 1 (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        stream.in_uni_to_ascii_str(this->Domain, this->cbDomain,
            sizeof(this->Domain));

        stream.in_skip_bytes(52 -  // Domain(52)
            this->cbDomain);

        this->cbUserName = stream.in_uint32_le();

        expected = 512 +    // UserName(512)
                   4;       // SessionId(4)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Logon Info Version 1 (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        stream.in_uni_to_ascii_str(this->UserName, this->cbUserName,
            sizeof(this->UserName));

        stream.in_skip_bytes(512 - // UserName(512)
            this->cbUserName);

        this->SessionId = stream.in_uint32_le();

        LOG(LOG_INFO,
            "Logon Info Version 1 (data): Domain=\"%s\" UserName=\"%s\" SessionId=%d",
            this->Domain, this->UserName, this->SessionId);
    }   // LogonInfoVersion1_Recv(InStream & stream)
    explicit LogonInfoVersion2_Recv(InStream & stream) :
    Version(0),
    Size(0),
    SessionId(0),
    cbDomain(0),
    cbUserName(0) {
        memset(Pad,      0, sizeof(Pad));
        memset(Domain,   0, sizeof(Domain));
        memset(UserName, 0, sizeof(UserName));

        unsigned expected = 2 +     // Version(2)
                            4 +     // Size(4)
                            4 +     // SessionId(4)
                            4 +     // cbDomain(4)
                            4 +     // cbUserName(4)
                            558;    // Pad(558)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Logon Info Version 2 (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        this->Version    = stream.in_uint16_le();
        this->Size       = stream.in_uint32_le();
        this->SessionId  = stream.in_uint32_le();
        this->cbDomain   = stream.in_uint32_le();
        this->cbUserName = stream.in_uint32_le();

        stream.in_copy_bytes(this->Pad, sizeof(this->Pad));

        expected = this->cbDomain +
                   this->cbUserName;    // SessionId(4)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Logon Info Version 2 (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        stream.in_uni_to_ascii_str(this->Domain, this->cbDomain,
            sizeof(this->Domain));
        stream.in_uni_to_ascii_str(this->UserName, this->cbUserName,
            sizeof(this->UserName));

        LOG(LOG_INFO,
            "Logon Info Version 2 (data): Domain=\"%s\" UserName=\"%s\" SessionId=%d",
            this->Domain, this->UserName, this->SessionId);
    }   // LogonInfoVersion2_Recv(InStream & stream)
Пример #7
0
 void recv(InStream & stream, uint16_t len)
 {
     this->len = len;
     this->WndSupportLevel = stream.in_uint32_le();
     this->NumIconCaches = stream.in_uint8();
     this->NumIconCacheEntries = stream.in_uint16_le();
 }
Пример #8
0
    explicit ShareData_Recv(InStream & stream, rdp_mppc_dec * dec = nullptr)
    //==============================================================================
    : CheckShareData_Recv(stream)
    , share_id(stream.in_uint32_le())
    , pad1(stream.in_uint8())
    , streamid(stream.in_uint8())
    , len(stream.in_uint16_le())
    , pdutype2(stream.in_uint8())
    , compressedType(stream.in_uint8())
    , compressedLen(stream.in_uint16_le())
    , payload([&stream, dec, this]() {
          if (this->compressedType & PACKET_COMPRESSED) {
              if (!dec) {
                  LOG(LOG_INFO, "ShareData_Recv: got unexpected compressed share data");
                  throw Error(ERR_SEC);
              }

              const uint8_t * rdata;
              uint32_t        rlen;

              dec->decompress(stream.get_data()+stream.get_offset(), stream.in_remain(),
                  this->compressedType, rdata, rlen);

              return InStream(rdata, 0, rlen);
          }
          else {
              return InStream(stream.get_current(), stream.in_remain());
          }
      }())
    // BEGIN CONSTRUCTOR
    {
        //LOG( LOG_INFO, "ShareData_Recv: pdutype2=%u len=%u compressedLen=%u payload_size=%u"
        //   , this->pdutype2, this->len, this->compressedLen, this->payload.size());
        stream.in_skip_bytes(stream.in_remain());
    } // END CONSTRUCTOR
    explicit LogonErrorsInfo_Recv(InStream & stream) :
    ErrorNotificationData(0),
    ErrorNotificationType(0) {
        const unsigned expected = 4 +   // ErrorNotificationData(4)
                                  4;    // ErrorNotificationType(4)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Logon Info Field (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        this->ErrorNotificationType = stream.in_uint32_le();
        this->ErrorNotificationData = stream.in_uint32_le();

        if ((this->ErrorNotificationType != LOGON_MSG_SESSION_CONTINUE) ||
            (this->ErrorNotificationData != LOGON_FAILED_OTHER)) {
            LOG(LOG_INFO,
                "ErrorNotificationType=%s(0x%08X) \"%s\" ErrorNotificationData=%s(0x%08X) \"%s\"",
                ErrorNotificationTypeToString(this->ErrorNotificationType),
                this->ErrorNotificationType,
                ErrorNotificationTypeToMessage(this->ErrorNotificationType),
                ErrorNotificationDataToString(this->ErrorNotificationData),
                this->ErrorNotificationData,
                ErrorNotificationDataToMessage(this->ErrorNotificationData));
        }
    }
Пример #10
0
    void process_format_data_request(
        InStream& chunk,
        FieldIndex nb_paste_text, FieldIndex nb_paste_image, FieldIndex nb_paste_file)
    {
        this->last_formatID = chunk.in_uint32_le();

        switch (this->last_formatID) {
            case RDPECLIP::CF_TEXT:
            case RDPECLIP::CF_OEMTEXT:
            case RDPECLIP::CF_UNICODETEXT:
            case RDPECLIP::CF_DSPTEXT:
            case RDPECLIP::CF_LOCALE:
                this->metrics->add_to_current_data(nb_paste_text, 1);
                break;
            case RDPECLIP::CF_METAFILEPICT:
            case RDPECLIP::CF_DSPMETAFILEPICT:
                this->metrics->add_to_current_data(nb_paste_image, 1);
                break;
            default:
                if (this->file_contents_format_ID == this->last_formatID){
                    this->metrics->add_to_current_data(nb_paste_file, 1);
                }
                break;
        }
    }
Пример #11
0
 void recv(InStream & stream, uint16_t len)override {
     this->len = len;
     if (len != CAPLEN_BITMAPCACHE_REV2 || !stream.in_check_rem(len)) {
         LOG(LOG_ERR, "Broken CAPSTYPE_BITMAPCACHE_REV2, need=%u (%" PRIu16 ") remains=%zu",
                 CAPLEN_BITMAPCACHE_REV2, len, stream.in_remain());
                 throw Error(ERR_MCS_PDU_TRUNCATED);
     }
     this->cacheFlags    = stream.in_uint16_le();
     this->pad1          = stream.in_uint8();
     this->numCellCaches = stream.in_uint8();
     this->bitmapCache0CellInfo = stream.in_uint32_le();
     this->bitmapCache1CellInfo = stream.in_uint32_le();
     this->bitmapCache2CellInfo = stream.in_uint32_le();
     this->bitmapCache3CellInfo = stream.in_uint32_le();
     this->bitmapCache4CellInfo = stream.in_uint32_le();
     stream.in_skip_bytes(12);
 }
Пример #12
0
 void recv(InStream & stream, uint16_t len)
 {
     this->len               = len;
     for (auto & glyph : this->GlyphCache) {
         glyph.CacheEntries         = stream.in_uint16_le();
         glyph.CacheMaximumCellSize = stream.in_uint16_le();
     }
     this->FragCache         = stream.in_uint32_le();
     this->GlyphSupportLevel = stream.in_uint16_le();
     this->pad2octets        = stream.in_uint16_le();
 }
Пример #13
0
    void recv(InStream & stream, uint16_t len)override {
        this->len = len;

        if (!stream.in_check_rem(4)){
            LOG(LOG_ERR, "Truncated BrushCacheCaps, need=4 remains=%zu",
                stream.in_remain());
            throw Error(ERR_MCS_PDU_TRUNCATED);
        }

        this->brushSupportLevel = stream.in_uint32_le();
    }
 explicit SaveSessionInfoPDUData_Recv(InStream & stream) :
 infoType([&stream](){
     if (!stream.in_check_rem(4)) {
         LOG(LOG_ERR,
             "Truncated Save Session Info PDU (data): expected=4 remains=%zu",
              stream.in_remain());
         throw Error(ERR_RDP_DATA_TRUNCATED);
     }
     return stream.in_uint32_le();
 }()),
 payload(stream.get_current(), stream.in_remain())
 {
     stream.in_skip_bytes(this->payload.get_capacity());
 }
Пример #15
0
        explicit SynchronizeEvent_Recv(InStream & stream)
        : toggleFlags(0) {
            const unsigned expected =
                6; // pad2Octets(2) + toggleFlags(2)
            if (!stream.in_check_rem(expected)) {
                LOG(LOG_ERR, "SlowPath::SynchronizeEvent: data truncated, expected=%u remains=%zu",
                    expected, stream.in_remain());
                throw Error(ERR_RDP_SLOWPATH);
            }

            stream.in_skip_bytes(2); // pad2Octets

            this->toggleFlags = stream.in_uint32_le();
        }
    explicit LogonInfoField_Recv(InStream & stream)
    : cbFieldData([&stream](){
        const unsigned expected = 4;    // cbFieldData(4)
        if (!stream.in_check_rem(expected)) {
            LOG(LOG_ERR,
                "Truncated Logon Info Field (data): expected=%u remains=%zu",
                expected, stream.in_remain());
            throw Error(ERR_RDP_DATA_TRUNCATED);
        }

        return stream.in_uint32_le();
    }())
    , payload(stream.get_current(), stream.in_remain())
    {
        stream.in_skip_bytes(this->payload.get_capacity());
    }
Пример #17
0
 explicit InputEvent_Recv(InStream & stream)
 : eventTime([&stream](){
     // time(4) + mes_type(2) + device_flags(2) + param1(2) + param2(2)
     if (!stream.in_check_rem(12)) {
         LOG(LOG_ERR, "SlowPath::InputEvent: data truncated, expected=12 remains=%zu", stream.in_remain());
         throw Error(ERR_RDP_SLOWPATH);
     }
     return stream.in_uint32_le();
 }())
 , messageType(stream.in_uint16_le())
  // device_flags(2) + param1(2) + param2(2)
 , payload(stream.get_current(), 6)
 // Body of constructor
 {
     stream.in_skip_bytes(this->payload.get_capacity());
 }
Пример #18
0
    void recv(InStream & stream)
    {
        if (!stream.in_check_rem(12)){
            LOG(LOG_ERR, "CS_SECURITY short header");
            throw Error(ERR_GCC);
        }
        this->userDataType         = stream.in_uint16_le();
        this->length               = stream.in_uint16_le();

        if (this->length != 12){
            LOG(LOG_ERR, "CS_SECURITY bad header length=%d", this->length);
            throw Error(ERR_GCC);
        }

        this->encryptionMethods    = stream.in_uint32_le();
        this->extEncryptionMethods = stream.in_uint32_le();
    }
Пример #19
0
    void recv(InStream & stream)
    {
        //LOG(LOG_INFO, "CSMultiTransport");
        //hexdump_c(stream.get_current(), 8);
        if (!stream.in_check_rem(8)){
            LOG(LOG_ERR, "CS_MULTITRANSPORT short header");
            throw Error(ERR_GCC);
        }
        this->userDataType         = stream.in_uint16_le();
        this->length               = stream.in_uint16_le();

        if (this->length != 8){
            LOG(LOG_ERR, "CS_MULTITRANSPORT bad header length=%d", this->length);
            throw Error(ERR_GCC);
        }

        this->flags = stream.in_uint32_le();
    }
Пример #20
0
 void recv(InStream & stream, uint16_t len) override {
     this->len = len;
     this->drawNineGridSupportLevel = stream.in_uint32_le();
     this->drawNineGridCacheSize = stream.in_uint16_le();
     this->drawNineGridCacheEntries = stream.in_uint16_le();
 }
Пример #21
0
 void recv(InStream & stream, uint16_t len) override {
     this->len = len;
     this->cmdFlags = stream.in_uint32_le();
     this->reserved = stream.in_uint32_le();
 }
Пример #22
0
 void recv(InStream & stream, uint16_t len)
 {
     this->len = len;
     this->MaxRequestSize = stream.in_uint32_le();
 }
Пример #23
0
 void recv(InStream & stream, uint16_t len)override {
     this->len = len;
     this->offscreenSupportLevel = stream.in_uint32_le();
     this->offscreenCacheSize = stream.in_uint16_le();
     this->offscreenCacheEntries = stream.in_uint16_le();
 }
Пример #24
0
 void process_filecontents_request(InStream& chunk)
 {
     chunk.in_skip_bytes(8); // streamId(4 bytes) + lindex(4 bytes)
     this->flag_filecontents = chunk.in_uint32_le();
 }
 void receive(InStream & stream, const AltsecDrawingOrderHeader & header) {
     this->action = stream.in_uint32_le();
 }