Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
freerdp.31491
freerdp-CVE-2022-41877.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File freerdp-CVE-2022-41877.patch of Package freerdp.31491
From 2fbb6ea6caafc9a894c914414b9dfc6cc0213503 Mon Sep 17 00:00:00 2001 From: akallabeth <akallabeth@posteo.net> Date: Mon, 24 Oct 2022 08:45:05 +0200 Subject: [PATCH] Fixed missing stream length check in drive_file_query_directory (cherry picked from commit 4e4bb79795d6ac85473fb7a83e53ccf63d204b93) --- channels/drive/client/drive_main.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/channels/drive/client/drive_main.c b/channels/drive/client/drive_main.c index d3776381c..f809dbab6 100644 --- a/channels/drive/client/drive_main.c +++ b/channels/drive/client/drive_main.c @@ -629,6 +629,9 @@ static UINT drive_process_irp_query_directory(DRIVE_DEVICE* drive, IRP* irp) Stream_Read_UINT32(irp->input, PathLength); Stream_Seek(irp->input, 23); /* Padding */ path = (WCHAR*)Stream_Pointer(irp->input); + if (Stream_GetRemainingLength(irp->input) < PathLength) + return ERROR_INVALID_DATA; + file = drive_get_file_by_id(drive, irp->FileId); if (file == NULL) -- 2.39.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor