[GUACAMOLE-1900] Resizing an RDP connection produces segfault - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: 1.5.4
Fix Version/s: 1.5.5
Component/s: guacamole-server
Labels:
None
Environment:
Apache Guacamole: Ubuntu 22.04.3 (64 bit), Tomcat 9.0.58
RDP Server: Windows Server 2019 Datacenter Version 1809 (OS Build 17763.1817)
Browser: Google Chrome 120.0.6099.130 (Official Build) (64-bit) (cohort: Stable)

Description

Hello,

When resizing the browser window after connecting to an RDP server (Windows Server 2019), I see a disconnect with segfault.

I can see the following backtrace from the gdb:

Thread 4.5 "guacd" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe85fd640 (LWP 94749)]
0x00007ffff67e5ca7 in __guac_common_surface_touch_rect (surface=0x7fffe000f940, rect=0x7fffe85fc8d0, surface=0x7fffe000f940, rect=0x7fffe85fc8d0, time=21636686) at surface.c:643
643                heat_cell->history[heat_cell->oldest_entry] = time;
(gdb) bt
#0  0x00007ffff67e5ca7 in __guac_common_surface_touch_rect (surface=<optimized out>, rect=<optimized out>, surface=0x7fffe000f940, rect=0x7fffe85fc8d0, time=21636686) at surface.c:643
#1  guac_common_surface_draw (surface=0x7fffe000f940, x=<optimized out>, y=<optimized out>, src=src@entry=0x7fffe04e7f40) at surface.c:1374
#2  0x00007ffff67cfeec in guac_rdp_bitmap_paint (context=<optimized out>, bitmap=0x7fffe00b55a0) at bitmap.c:106
#3  0x00007ffff661d4a2 in gdi_bitmap_update () at /usr/local/lib/libfreerdp2.so.2
#4  0x00007ffff667b433 in fastpath_recv_update () at /usr/local/lib/libfreerdp2.so.2
#5  0x00007ffff667b7a8 in fastpath_recv_updates () at /usr/local/lib/libfreerdp2.so.2
#6  0x00007ffff6673dfa in rdp_recv_pdu () at /usr/local/lib/libfreerdp2.so.2
#7  0x00007ffff6674f2b in rdp_recv_callback () at /usr/local/lib/libfreerdp2.so.2
#8  0x00007ffff667ff74 in transport_check_fds () at /usr/local/lib/libfreerdp2.so.2
#9  0x00007ffff6675967 in rdp_check_fds () at /usr/local/lib/libfreerdp2.so.2
#10 0x00007ffff66599a3 in freerdp_check_fds () at /usr/local/lib/libfreerdp2.so.2
#11 0x00007ffff665aad7 in freerdp_check_event_handles () at /usr/local/lib/libfreerdp2.so.2
#12 0x00007ffff67df07e in guac_rdp_handle_connection (client=0x7ffff000b350) at rdp.c:559
#13 guac_rdp_client_thread (data=0x7ffff000b350) at rdp.c:822
#14 0x00007ffff7c94ac3 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
#15 0x00007ffff7d26660 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

The test case follows as below:

Start the guacd. (guacd -L debug -f)
Connect to a RDP server.
Resize the browser window.

If we repeat the step 3 more than 1 time, we can see this segfault issue.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

image-2023-12-29-07-27-47-520.png
29/Dec/23 15:27
36 kB
Jimmy

Issue Links

is duplicated by

GUACAMOLE-1902 SIGSEGV in __guac_common_surface_touch_rect for telnet and SSH

Closed

GUACAMOLE-1908 The "Display Update" channel added using RDP 8.1 to send signals to the server failed when the client display size changed.

Closed

GUACAMOLE-1913 Resize using RDP 8.1+ Method on server 1.5.4 cause disconnect

Closed

GUACAMOLE-1926 Consecutive window resizes cause a disconnect

Closed

GUACAMOLE-1883 RDP setting "resize-method" with value "reconnect" is failing to work.

Closed

GUACAMOLE-1934 Guacd1.5.4 VNC window size change, causing process crash

Closed

(1 is duplicated by)

Activity

People

Assignee:: Unassigned

Reporter:: Jimmy

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 29/Dec/23 15:29

Updated:: 03/Apr/24 01:31

Resolved:: 12/Jan/24 17:20