VirtualBox

Opened 14 years ago

Closed 9 years ago

#8053 closed defect (obsolete)

VirtualBox RDP server sends two PDUs inside userData of one sendDataIndication.

Reported by: kiilerix Owned by:
Component: RDP Version: VirtualBox 4.0.0
Keywords: Cc:
Guest type: other Host type: other

Description (last modified by Frank Mehnert)

VirtualBox RDP server will occasionally send extra data inside encrypted PDUs.

One example is that the VirtualBox server sends a sendDataIndication containing:

     initiator: User Channel
     channelId: I/O Channel
     dataPriority: high
     segmentation: begin end
     sec_flags: SEC_ENCRYPT

userData contains a security header that specifies encryption, and the decrypted data are:

18 00 07 00 00 00 00 00 00 00 00 00 06 00 1b 00 00 00 07 00 00 00 02 00
18 00 07 00 00 00 00 00 00 00 00 00 06 00 1b 00 00 00 07 00 00 00 03 00

It apparently contains two Share Data Header messages.

Note the similarity with the spurious message that is reported on http://www.virtualbox.org/ticket/8032 . I have also seen the issue with other "normal" (and much longer) PDUs.

I don't see any indication in the RDP specification that two messages in one sendDataIndication is permitted and I consider this a bug in the protocol implementation.

Microsofts RDP implementation never sends that.

AFAICS it is not defined how client implementations should handle such data, and they might choose to ignore the extra data or to fail because the received data obviously were wrong and nothing can be trusted.

I have only seen this when running XP (with Guest Additions) inside the VM. I have never seen it with linux and X (without additions) inside the VM. It mostly happens when minimizing/maximizing and moving the mouse in/out of the RDP client.

Please make sure that all Share Data Headers are sent in individual packages. That will allow interoperability with strictly protocol compliant clients.

VirtualBox-4.0-4.0.0_69151_fedora14-1.i686
Oracle_VM_VirtualBox_Extension_Pack-4.0.0-69151.vbox-extpack 

Change History (1)

comment:1 by Frank Mehnert, 9 years ago

Description: modified (diff)
Resolution: obsolete
Status: newclosed
Note: See TracTickets for help on using tickets.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette