[debian-edu-commits] debian-edu/ 07/08: VUL: check bytes remaining in xrdp_rdp_process_data_input
Dominik George
natureshadow-guest at moszumanska.debian.org
Thu Oct 6 21:01:36 UTC 2016
This is an automated email from the git hooks/post-receive script.
natureshadow-guest pushed a commit to annotated tag v0.6.1
in repository xrdp.
commit fc0be10bc54752bb8e57bf3903488d2354ea8fde
Author: Jay Sorg <jay.sorg at gmail.com>
Date: Tue Sep 10 11:28:30 2013 -0700
VUL: check bytes remaining in xrdp_rdp_process_data_input
---
libxrdp/xrdp_rdp.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c
index d72057f..dca5e4f 100644
--- a/libxrdp/xrdp_rdp.c
+++ b/libxrdp/xrdp_rdp.c
@@ -857,11 +857,19 @@ xrdp_rdp_process_data_input(struct xrdp_rdp* self, struct stream* s)
int param2;
int time;
+ if (!s_check_rem(s, 4))
+ {
+ return 1;
+ }
in_uint16_le(s, num_events);
in_uint8s(s, 2); /* pad */
DEBUG(("in xrdp_rdp_process_data_input %d events", num_events));
for (index = 0; index < num_events; index++)
{
+ if (!s_check_rem(s, 12))
+ {
+ return 1;
+ }
in_uint32_le(s, time);
in_uint16_le(s, msg_type);
in_uint16_le(s, device_flags);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/pkg-team/xrdp.git
More information about the debian-edu-commits
mailing list