Overview

File freerdp-CVE-2024-32661.patch of Package freerdp2

From fd900a4ca1c14851f48b4a284882956fc3e727c7 Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Sun, 21 Apr 2024 13:56:13 +0200
Subject: [PATCH] [core,info] fix missing check in rdp_write_logon_info_v1

---
 libfreerdp/core/info.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libfreerdp/core/info.c b/libfreerdp/core/info.c
index 9aaa6cff6..a0e147f31 100644
--- a/libfreerdp/core/info.c
+++ b/libfreerdp/core/info.c
@@ -23,6 +23,7 @@
 #include "config.h"
 #endif
 
+#include <winpr/assert.h>
 #include <winpr/crt.h>
 #include <freerdp/crypto/crypto.h>
 #include <freerdp/log.h>
@@ -1322,6 +1323,10 @@ static BOOL rdp_write_logon_info_v1(wStream* s, logon_info* info)
 		return FALSE;
 
 	/* domain */
+	WINPR_ASSERT(info);
+	if (!info->domain || !info->username)
+		return FALSE;
+
 	ilen = ConvertToUnicode(CP_UTF8, 0, info->domain, -1, &wString, 0);
 
 	if (ilen < 0)
-- 
2.45.0
openSUSE Build Service is sponsored by
Places