Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
freerdp.9501
freerdp-CVE-2018-8787.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File freerdp-CVE-2018-8787.patch of Package freerdp.9501
From 09b9d4f1994a674c4ec85b4947aa656eda1aed8a Mon Sep 17 00:00:00 2001 From: Armin Novak <armin.novak@thincast.com> Date: Mon, 22 Oct 2018 16:30:20 +0200 Subject: [PATCH 4/6] Fixed CVE-2018-8787 Thanks to Eyal Itkin from Check Point Software Technologies. --- libfreerdp/gdi/graphics.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) Index: b/libfreerdp/gdi/graphics.c =================================================================== --- a/libfreerdp/gdi/graphics.c 2019-01-08 20:00:53.343326261 +0800 +++ b/libfreerdp/gdi/graphics.c 2019-01-08 20:06:06.525425389 +0800 @@ -152,7 +152,7 @@ BOOL gdi_Bitmap_Decompress(rdpContext* c BOOL compressed, int codecId) { int status; - UINT16 size; + UINT32 size; BYTE* pSrcData; BYTE* pDstData; UINT32 SrcSize; @@ -161,8 +161,13 @@ BOOL gdi_Bitmap_Decompress(rdpContext* c rdpGdi* gdi = context->gdi; bytesPerPixel = (bpp + 7) / 8; - size = width * height * 4; + size = width * height; + if ((width == 0) || (height == 0) || (width > UINT32_MAX / height) || + (size > UINT32_MAX / 4)) + return FALSE; + + size *= 4; bitmap->data = (BYTE*) _aligned_malloc(size, 16); pSrcData = data;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor