mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 04:17:25 +00:00
freerdp: patch CVE-2026-22854
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-22854 Backport the patch that is referenced by the relevant Github advisory[1]. [1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
@@ -0,0 +1,29 @@
|
|||||||
|
From 94d3791abcdbc1e72827921906d5f9c14a2b0a78 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gyorgy Sarvari <skandigraun@gmail.com>
|
||||||
|
Date: Mon, 12 Jan 2026 03:44:06 +0100
|
||||||
|
Subject: [PATCH] fix constant type
|
||||||
|
|
||||||
|
From: akallabeth <akallabeth@posteo.net>
|
||||||
|
|
||||||
|
ensure constant is of 64bit integer type
|
||||||
|
|
||||||
|
CVE: CVE-2026-22854
|
||||||
|
Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/3da319570c8a6be0a79b3306f1ed354c4a943259]
|
||||||
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
||||||
|
---
|
||||||
|
channels/drive/client/drive_main.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/channels/drive/client/drive_main.c b/channels/drive/client/drive_main.c
|
||||||
|
index b6cf2ad32..5df7fbe97 100644
|
||||||
|
--- a/channels/drive/client/drive_main.c
|
||||||
|
+++ b/channels/drive/client/drive_main.c
|
||||||
|
@@ -295,7 +295,7 @@ static UINT drive_process_irp_read(DRIVE_DEVICE* drive, IRP* irp)
|
||||||
|
Length = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (!Stream_EnsureRemainingCapacity(irp->output, Length + 4))
|
||||||
|
+ if (!Stream_EnsureRemainingCapacity(irp->output, 4ull + Length))
|
||||||
|
{
|
||||||
|
WLog_ERR(TAG, "Stream_EnsureRemainingCapacity failed!");
|
||||||
|
return ERROR_INTERNAL_ERROR;
|
||||||
@@ -24,6 +24,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=stable-2.0;protocol=https
|
|||||||
file://0002-Do-not-install-tools-a-CMake-targets.patch \
|
file://0002-Do-not-install-tools-a-CMake-targets.patch \
|
||||||
file://0001-Fixed-compilation-warnings-in-ainput-channel.patch \
|
file://0001-Fixed-compilation-warnings-in-ainput-channel.patch \
|
||||||
file://CVE-2024-32661.patch \
|
file://CVE-2024-32661.patch \
|
||||||
|
file://CVE-2026-22854.patch \
|
||||||
"
|
"
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user