From 3bc45c028e10579ced3bb1ea0f0180ce130ef80d Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Sat, 11 Oct 2025 20:13:33 +0200
Subject: [PATCH] freerdp3: patch CVE-2024-32459

Details: https://nvd.nist.gov/vuln/detail/CVE-2024-32459

Pick the patch that is marked to resolve the related github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../freerdp/freerdp3/CVE-2024-32459.patch     | 30 +++++++++++++++++++
 .../recipes-support/freerdp/freerdp3_3.4.0.bb |  1 +
 2 files changed, 31 insertions(+)
 create mode 100644 meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32459.patch

diff --git a/meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32459.patch b/meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32459.patch
new file mode 100644
index 0000000000..8370f055a5
--- /dev/null
+++ b/meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32459.patch
@@ -0,0 +1,30 @@
+From 8e385887fb3ffe0ec50f8c2cbdcbc66b5ff1569e Mon Sep 17 00:00:00 2001
+From: akallabeth <akallabeth@posteo.net>
+Date: Tue, 16 Apr 2024 08:45:03 +0200
+Subject: [PATCH] fix missing input length check
+
+CVE: CVE-2024-32459
+Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/91a1535f88a00bbb2b212b6a808a021aa4f486f8]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ libfreerdp/codec/ncrush.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/libfreerdp/codec/ncrush.c b/libfreerdp/codec/ncrush.c
+index 4a7162c89..69921853b 100644
+--- a/libfreerdp/codec/ncrush.c
++++ b/libfreerdp/codec/ncrush.c
+@@ -2068,6 +2068,12 @@ int ncrush_decompress(NCRUSH_CONTEXT* ncrush, const BYTE* pSrcData, UINT32 SrcSi
+ 		return 1;
+ 	}
+ 
++	if (SrcSize < 4)
++	{
++		WLog_ERR(TAG, "Input size short: SrcSize %" PRIu32 " < 4", SrcSize);
++		return -1;
++	}
++
+ 	const BYTE* SrcEnd = &pSrcData[SrcSize];
+ 	const BYTE* SrcPtr = pSrcData + 4;
+ 
diff --git a/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb b/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
index 8d41063811..ede4551a87 100644
--- a/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
+++ b/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
@@ -12,6 +12,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=master;protocol=https \
            file://CVE-2024-32039.patch \
            file://CVE-2024-32040.patch \
            file://CVE-2024-32458.patch \
+           file://CVE-2024-32459.patch \
            "
 
 S = "${WORKDIR}/git"