Overview

File freerdp-CVE-2018-8786.patch of Package freerdp.13065

From 445a5a42c500ceb80f8fa7f2c11f3682538033f3 Mon Sep 17 00:00:00 2001
From: Armin Novak <armin.novak@thincast.com>
Date: Mon, 22 Oct 2018 16:25:13 +0200
Subject: [PATCH 3/6] Fixed CVE-2018-8786

Thanks to Eyal Itkin from Check Point Software Technologies.
---
 libfreerdp/core/update.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

Index: b/libfreerdp/core/update.c
===================================================================
--- a/libfreerdp/core/update.c	2019-01-08 19:57:45.510067294 +0800
+++ b/libfreerdp/core/update.c	2019-01-08 19:59:33.482790990 +0800
@@ -180,13 +180,10 @@ BOOL update_read_bitmap_update(rdpUpdate
 
 	if (bitmapUpdate->number > bitmapUpdate->count)
 	{
-		UINT16 count;
-		BITMAP_DATA *newdata;
+		UINT32 count = bitmapUpdate->number * 2;
+		BITMAP_DATA* newdata = (BITMAP_DATA*) realloc(bitmapUpdate->rectangles,
+		                       sizeof(BITMAP_DATA) * count);
 
-		count = bitmapUpdate->number * 2;
-
-		newdata = (BITMAP_DATA*) realloc(bitmapUpdate->rectangles,
-				sizeof(BITMAP_DATA) * count);
 		if (!newdata)
 			return FALSE;
openSUSE Build Service is sponsored by
Places