You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@guacamole.apache.org by "Michael Jumper (JIRA)" <ji...@apache.org> on 2019/03/23 21:12:00 UTC
[jira] [Updated] (GUACAMOLE-764) RDPDR file read/write may be
truncated to 32 bits
[ https://issues.apache.org/jira/browse/GUACAMOLE-764?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Michael Jumper updated GUACAMOLE-764:
-------------------------------------
Summary: RDPDR file read/write may be truncated to 32 bits (was: RDPDR file size may be truncated to 32 bits)
> RDPDR file read/write may be truncated to 32 bits
> -------------------------------------------------
>
> Key: GUACAMOLE-764
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-764
> Project: Guacamole
> Issue Type: Bug
> Components: RDP
> Reporter: Michael Jumper
> Priority: Major
>
> While file sizes are now properly-represented with 64-bit integers (see GUACAMOLE-268), the offset of each read/write is still a simple {{int}}. This will limit the location of each read or write to a 32-bit addressable space, thus effectively limiting the size of files transferred to 4 GB:
> {code:none}
> int guac_rdp_fs_write(guac_rdp_fs* fs, int file_id, int offset,
> void* buffer, int length) {
> ...
> /* Attempt write */
> lseek(file->fd, offset, SEEK_SET);
> bytes_written = write(file->fd, buffer, length);
> ...
> {code}
> See: https://github.com/apache/guacamole-server/blob/67680bd2d51e7949453f0f7ffc7f4234a1136715/src/protocols/rdp/rdp_fs.c#L405-L452
> It couldn't hurt to check over the rest of the RDP implementation to see where we might be reading a 64-bit value into an {{int}}. Usages of the {{Stream_Read_UINT64()}} macro which read into an {{int}} will happily truncate the result without any compiler warning due to the type cast included within the macro definition.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)