GUACAMOLE-2263: Harden CLIPRDR channel against FreeRDP 3.x clipboard state machine.#661
Open
escra wants to merge 1 commit intoapache:staging/1.6.1from
Open
GUACAMOLE-2263: Harden CLIPRDR channel against FreeRDP 3.x clipboard state machine.#661escra wants to merge 1 commit intoapache:staging/1.6.1from
escra wants to merge 1 commit intoapache:staging/1.6.1from
Conversation
Five fixes for the clipboard redirection (CLIPRDR) plugin that prevent RDP session disconnects when clipboard operations are performed with FreeRDP 3.x: 1. Add request_pending flag with request_lock mutex to prevent overlapping Format Data Requests that desync FreeRDP's internal state tracking (error 1359). 2. Check CB_RESPONSE_FAIL in format_data_response before processing data to prevent NULL pointer dereference on failed server responses. 3. Send FAIL response for unsupported formats in format_data_request instead of silently dropping — FreeRDP 3.x times out and tears down the session if no response arrives. 4. Guard against NULL or empty requestedFormatData in format_data_response to prevent crash on malformed PDUs. 5. Clear stale pending requests when a new Format List arrives. 6. All CLIPRDR callbacks now always return CHANNEL_RC_OK — FreeRDP 3.x treats non-OK returns as fatal channel errors that disconnect the entire session. Related: FreeRDP/FreeRDP#11847
escra
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Six fixes for the clipboard redirection (CLIPRDR) plugin that prevent RDP
session disconnects when clipboard operations are performed with FreeRDP 3.x
clients.
FreeRDP 3.x has a significantly stricter CLIPRDR state machine than 2.x.
Several patterns that were harmless with FreeRDP 2.x now cause session
teardowns:
Overlapping Format Data Requests - FreeRDP 3.x tracks pending requests
internally and disconnects with error 1359 if a second request arrives
before the first is answered. Fix: add
request_pendingflag withrequest_lockmutex.CB_RESPONSE_FAIL not checked - If the server responds with a failure
flag, the old code would attempt to process the (NULL/garbage) data,
causing a crash. Fix: check
msgFlags & CB_RESPONSE_FAILearly.No response for unsupported formats - When the server requests an
unsupported clipboard format, the old code silently drops the request.
FreeRDP 3.x times out after 10 seconds and tears down the session. Fix:
send
CB_RESPONSE_FAILfor unsupported formats.NULL/empty data guard -
requestedFormatDatacan be NULL ordataLencan be zero in edge cases. Fix: guard before processing.Stale pending requests - When a new Format List arrives (server
clipboard content changed), any pending request for old data becomes
stale. Fix: clear
request_pendingwhen a new Format List is received.Non-OK return codes treated as fatal - FreeRDP 3.x treats non-OK
returns from CLIPRDR callbacks as fatal channel errors. Fix: all callbacks
now return
CHANNEL_RC_OKand log errors instead.Related
FreeRDP 3.x disconnects with error 1359 on clipboard operations
Sporadic hanging connections after upgrade
Affected versions
staging/1.6.1- with FreeRDP 3.x (default in Docker image)main- same patterns existTest plan