Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
freerdp.34025
freerdp-CVE-2022-39320.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File freerdp-CVE-2022-39320.patch of Package freerdp.34025
From ca1ff058bda0852b85891bd44d270f9c5bc4ac2a Mon Sep 17 00:00:00 2001 From: akallabeth <akallabeth@posteo.net> Date: Thu, 13 Oct 2022 09:00:48 +0200 Subject: [PATCH] Added missing length check in urb_control_transfer (cherry picked from commit ce838e2477cb8173ea5e98f35ad55ff41ea5117d) --- channels/urbdrc/client/data_transfer.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/channels/urbdrc/client/data_transfer.c b/channels/urbdrc/client/data_transfer.c index bbb6104e3..575e53c36 100644 --- a/channels/urbdrc/client/data_transfer.c +++ b/channels/urbdrc/client/data_transfer.c @@ -671,7 +671,11 @@ static UINT urb_control_transfer(IUDEVICE* pdev, URBDRC_CHANNEL_CALLBACK* callba buffer = Stream_Pointer(out); if (transferDir == USBD_TRANSFER_DIRECTION_OUT) + { + if (Stream_GetRemainingLength(s) < OutputBufferSize) + return ERROR_INVALID_DATA; Stream_Copy(s, out, OutputBufferSize); + } /** process TS_URB_CONTROL_TRANSFER */ if (!pdev->control_transfer(pdev, RequestId, EndpointAddress, TransferFlags, bmRequestType, -- 2.39.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor