File xrdp-CVE-2022-23484.patch of Package xrdp.37241
From 7cd5ae5bdca2c28984524367d2f6eecf05ba8d0e Mon Sep 17 00:00:00 2001
From: matt335672 <30179339+matt335672@users.noreply.github.com>
Date: Wed, 7 Dec 2022 10:03:24 +0000
Subject: [PATCH 09/10] CVE-2022-23484
Add check for RAIL window text size
---
xrdp/xrdp_mm.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/xrdp/xrdp_mm.c b/xrdp/xrdp_mm.c
index 2a8d29c2..7c8fca62 100644
--- a/xrdp/xrdp_mm.c
+++ b/xrdp/xrdp_mm.c
@@ -947,6 +947,10 @@ xrdp_mm_process_rail_update_window_text(struct xrdp_mm* self, struct stream* s)
g_memset(&rwso, 0, sizeof(rwso));
in_uint32_le(s, size); /* title size */
+ if (size < 0 || !s_check_rem(s, size))
+ {
+ return 1;
+ }
rwso.title_info = g_new(char, size + 1);
in_uint8a(s, rwso.title_info, size);
rwso.title_info[size] = 0;
--
2.39.0
