[debian-edu-commits] debian-edu/ 02/08: VUL: fix some possible buffer overruns

Dominik George natureshadow-guest at moszumanska.debian.org
Thu Oct 6 21:01:08 UTC 2016


This is an automated email from the git hooks/post-receive script.

natureshadow-guest pushed a commit to annotated tag v0.6.1
in repository xrdp.

commit 384425f79f39a257936f7e16fdcf337263d7bc8c
Author: Jay Sorg <jay.sorg at gmail.com>
Date:   Thu Sep 5 14:37:50 2013 -0700

    VUL: fix some possible buffer overruns
---
 libxrdp/xrdp_mcs.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libxrdp/xrdp_mcs.c b/libxrdp/xrdp_mcs.c
index 06a3841..9839cb0 100644
--- a/libxrdp/xrdp_mcs.c
+++ b/libxrdp/xrdp_mcs.c
@@ -324,6 +324,11 @@ xrdp_mcs_recv_connect_initial(struct xrdp_mcs* self)
     free_stream(s);
     return 1;
   }
+  if (!s_check_rem(s, len))
+  {
+    free_stream(s);
+    return 1;
+  }
   /* make a copy of client mcs data */
   init_stream(self->client_mcs_data, len);
   out_uint8a(self->client_mcs_data, s->p, len);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/pkg-team/xrdp.git



More information about the debian-edu-commits mailing list