morgan/FreeRDP
1
0
Fork 0
mirror of https://github.com/morgan9e/FreeRDP synced 2026-04-15 00:44:19 +09:00
Code Issues Packages Projects Releases Wiki Activity

[core,orders] improve input validation

Browse Source 
check length before subtracting. Might underflow and be cought by the
next check, but lets be strict.
This commit is contained in:
Armin Novak
2026-03-03 13:58:09 +01:00
parent 125b1ce99e
commit a9e0abf2ea
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libfreerdp/core/orders.c
View File

@@ -2354,6 +2354,8 @@ static CACHE_BITMAP_ORDER* update_read_cache_bitmap_order(rdpUpdate* update, wSt
goto fail; goto fail;
Stream_Read(s, bitmapComprHdr, 8); /* bitmapComprHdr (8 bytes) */ Stream_Read(s, bitmapComprHdr, 8); /* bitmapComprHdr (8 bytes) */
if (cache_bitmap->bitmapLength < 8)
goto fail;
cache_bitmap->bitmapLength -= 8; cache_bitmap->bitmapLength -= 8;
} }
} }