Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
freerdp.31491
freerdp-CVE-2022-39282.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File freerdp-CVE-2022-39282.patch of Package freerdp.31491
From 85a055386a033143720007f659cc14aa68cce4b9 Mon Sep 17 00:00:00 2001 From: akallabeth <akallabeth@posteo.net> Date: Thu, 6 Oct 2022 09:12:40 +0200 Subject: [PATCH] Fix length checks in parallel driver The length requested was not checked against the length read from the port. (cherry picked from commit 094cc5a4596c299595b732effd59ee149181fd61) --- channels/parallel/client/parallel_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/channels/parallel/client/parallel_main.c b/channels/parallel/client/parallel_main.c index af3e82703..993605a65 100644 --- a/channels/parallel/client/parallel_main.c +++ b/channels/parallel/client/parallel_main.c @@ -159,7 +159,7 @@ static UINT parallel_process_irp_read(PARALLEL_DEVICE* parallel, IRP* irp) return ERROR_INVALID_DATA; Stream_Read_UINT32(irp->input, Length); Stream_Read_UINT64(irp->input, Offset); - buffer = (BYTE*)malloc(Length); + buffer = (BYTE*)calloc(Length, sizeof(BYTE)); if (!buffer) { @@ -178,6 +178,7 @@ static UINT parallel_process_irp_read(PARALLEL_DEVICE* parallel, IRP* irp) } else { + Length = status; } Stream_Write_UINT32(irp->output, Length); -- 2.26.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor