Search bar input isn't sanitized, leading to crash
Test on the latest version before submitting a bug-report, and keep trying to reproduce it on any later versions
- Reporting back greatly increases the attention and hope of fixing your issue.
You can also ask questions via
- IRC room, on freenode.net, in the #remmina channel, you can also use a web client.
- General discussion mailing list.
Debuggin documentation
See our wiki at https://gitlab.com/Remmina/Remmina/-/wikis/Usage/Remmina-debugging
Local System Description
-
Client (OS name and version): Arch Linux, Kernel version 5.12.15
-
Remmina version (
remmina --version
): 1.4.20 -
Installation:
-
Distribution package. -
PPA. -
Snap. -
Flatpak. -
Compiled from sources. -
Other - detail:
-
-
Desktop environment (GNOME, Unity, KDE, ..): KDE
-
Plugin:
-
RDP - freerdp version ( xfreerdp --version
): 2.3.2 -
VNC -
SSH -
SFTP -
SPICE -
WWW -
EXEC -
Other (please specify):
-
-
GTK back-end (Wayland, Xorg): Xorg
-
Optional: Include the output of the following commands at the end of this text:
remmina --full-version
Load modules from /usr/lib/remmina/plugins
Remmina plugin kwallet (type=Secret) has been registered, but is not yet initialized/activated. The initialization order is 1000.
Remmina plugin glibsecret (type=Secret) has been registered, but is not yet initialized/activated. The initialization order is 2000.
kf.windowsystem: Cannot use KWindowSystem without a QGuiApplication
The kwallet secret plugin has been initialized and it will be your default secret plugin
org.remmina.Remmina - 1.4.20 (git n/a)
NAME TYPE DESCRIPTION PLUGIN AND LIBRARY VERSION
EXEC Protocol Execute a command 1.0
RDP Protocol RDP - Remote Desktop Protocol RDP plugin: 1.4.20 (Git n/a), Compiled with libfreerdp 2.3.2 (n/a), Running with libfreerdp 2.3.2 (rev n/a), H.264 Yes
RDPF File RDP - RDP File Handler RDP plugin: 1.4.20 (Git n/a), Compiled with libfreerdp 2.3.2 (n/a), Running with libfreerdp 2.3.2 (rev n/a), H.264 Yes
RDPS Preference RDP - Preferences RDP plugin: 1.4.20 (Git n/a), Compiled with libfreerdp 2.3.2 (n/a), Running with libfreerdp 2.3.2 (rev n/a), H.264 Yes
SPICE Protocol SPICE - Simple Protocol for Independent Computing Environments 1.4.20
VNC Protocol Remmina VNC Plugin 1.4.20
VNCI Protocol Remmina VNC listener Plugin 1.4.20
glibsecret Secret Secured password storage in the GNOME keyring 1.4.20
kwallet Secret Secured password storage in KWallet 1.4.20
Build configuration: HAVE_ARPA_INET_H=1 HAVE_ERRNO_H=1 HAVE_FCNTL_H=1 HAVE_NETDB_H=1 HAVE_NETINET_IN_H=1 HAVE_NETINET_TCP_H=1 HAVE_SYS_SOCKET_H=1 HAVE_SYS_UN_H=1 HAVE_TERMIOS_H=1 HAVE_UNISTD_H=1 WITH_APPINDICATOR=ON WITH_AVAHI=ON WITH_GCRYPT=ON WITH_ICON_CACHE=ON WITH_IPP=OFF WITH_KF5WALLET=ON WITH_LIBRARY_VERSIONING=ON WITH_MANPAGES=ON WITH_NEWS=OFF WITH_SSE2=ON WITH_TRANSLATIONS=ON WITH_UPDATE_DESKTOP_DB=ON
Build type: Release
CFLAGS: -D_FORTIFY_SOURCE=2 -march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fPIC -Wall -Wno-unused-result -Wno-unused-but-set-variable -Wno-deprecated-declarations -Wimplicit-function-declaration -Wredundant-decls
Compiler: GNU, 11.1.0
Target architecture: x64
sudo lshw -C video
*-display
description: VGA compatible controller
product: TU117 [GeForce GTX 1650]
vendor: NVIDIA Corporation
physical id: 0
bus info: pci@0000:26:00.0
version: a1
width: 64 bits
clock: 33MHz
capabilities: pm msi pciexpress vga_controller bus_master cap_list rom
configuration: driver=nvidia latency=0
resources: irq:98 memory:f6000000-f6ffffff memory:e0000000-efffffff memory:f0000000-f1ffffff ioport:f000(size=128) memory:c0000-dffff
uname -a
Linux Maxs-Arch 5.12.15-arch1-1 #1 SMP PREEMPT Wed, 07 Jul 2021 23:35:29 +0000 x86_64 GNU/Linux
Remote System Description
- Server (OS name and version): N/A
- Special notes regarding the remote system (i.e. gateways, tunnel, etc.):
Problem Description
The search bar input is not checked at all, and is send straight to the glibc g_network_address_parse
function. Because of this, when typing in certain strings, e.g. :
, vnc://
, etc. The program just crashes, writing free(): invalid pointer
in the console.
What is the expected correct behavior?
Instead, the program should warn the user the the string is invalid.
Relevant logs and/or screenshots
In remmina_public.c
, line 437:
address = (GNetworkAddress*)g_network_address_parse ((const gchar *) nul_terminated_server, defaultport, &err);
For some reason, instead of returning NULL
, the g_network_address_parse
function just crashes.