Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/FreeRDP/FreeRDP.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/libfreerdp/core/orders.c
diff options
context:
space:
mode:
Diffstat (limited to 'libfreerdp/core/orders.c')
-rw-r--r--libfreerdp/core/orders.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/libfreerdp/core/orders.c b/libfreerdp/core/orders.c
index 0e14bbe6a..34ccbb7b0 100644
--- a/libfreerdp/core/orders.c
+++ b/libfreerdp/core/orders.c
@@ -1881,6 +1881,13 @@ static BOOL update_read_fast_glyph_order(wStream* s, const ORDER_INFO* orderInfo
!update_read_2byte_unsigned(&sub, &glyph->cy))
return FALSE;
+ if ((glyph->cx == 0) || (glyph->cy == 0))
+ {
+ WLog_ERR(TAG, "GLYPH_DATA_V2::cx=%" PRIu32 ", GLYPH_DATA_V2::cy=%" PRIu32,
+ glyph->cx, glyph->cy);
+ return FALSE;
+ }
+
glyph->cb = Stream_GetRemainingLength(&sub);
if (glyph->cb > 0)
{
@@ -2867,6 +2874,13 @@ update_read_create_offscreen_bitmap_order(wStream* s,
Stream_Read_UINT16(s, create_offscreen_bitmap->cy); /* cy (2 bytes) */
deleteList = &(create_offscreen_bitmap->deleteList);
+ if ((create_offscreen_bitmap->cx == 0) || (create_offscreen_bitmap->cy == 0))
+ {
+ WLog_ERR(TAG, "Invalid OFFSCREEN_DELETE_LIST: cx=%" PRIu16 ", cy=%" PRIu16,
+ create_offscreen_bitmap->cx, create_offscreen_bitmap->cy);
+ return FALSE;
+ }
+
if (deleteListPresent)
{
UINT32 i;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-05 14:53:33 +0300