From c8956513d64e470752e9e0034c26f5e625967fd7 Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Fri, 25 Nov 2022 10:05:32 +0100
Subject: [PATCH] [core,rdp] Add a check for broken RDP security

RDP security is rarely used nowadays, but there have been reports about
situations where the encryption key is missing.
Add this check to properly terminate the connection in case of such an
unexpected event.
---
 libfreerdp/core/security.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/libfreerdp/core/security.c b/libfreerdp/core/security.c
index 54a70ecbb..79267bee5 100644
--- a/libfreerdp/core/security.c
+++ b/libfreerdp/core/security.c
@@ -730,6 +730,12 @@ BOOL security_encrypt(BYTE* data, size_t length, rdpRdp* rdp)
 {
 	BOOL rc = FALSE;
 	EnterCriticalSection(&rdp->critical);
+	if (!rdp->rc4_encrypt_key)
+	{
+		WLog_ERR(TAG, "[%s] rdp->rc4_encrypt_key=%p", __FUNCTION__, rdp->rc4_encrypt_key);
+		goto fail;
+	}
+
 	if (rdp->encrypt_use_count >= 4096)
 	{
 		if (!security_key_update(rdp->encrypt_key, rdp->encrypt_update_key, rdp->rc4_key_len, rdp))
@@ -763,8 +769,11 @@ BOOL security_decrypt(BYTE* data, size_t length, rdpRdp* rdp)
 	WINPR_ASSERT(rdp);
 
 	EnterCriticalSection(&rdp->critical);
-	if (rdp->rc4_decrypt_key == NULL)
+	if (!rdp->rc4_decrypt_key)
+	{
+		WLog_ERR(TAG, "[%s] rdp->rc4_decrypt_key=%p", __FUNCTION__, rdp->rc4_decrypt_key);
 		goto fail;
+	}
 
 	if (rdp->decrypt_use_count >= 4096)
 	{