From 3fab12934699c00ed11c3646ca96f38250297fbe Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Sat, 11 Oct 2025 20:13:34 +0200
Subject: [PATCH] freerdp3: patch CVE-2024-32460

Details: https://nvd.nist.gov/vuln/detail/CVE-2024-32460

Pick the commit that marked as a solution for the related github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../freerdp/freerdp3/CVE-2024-32460.patch     | 26 +++++++++++++++++++
 .../recipes-support/freerdp/freerdp3_3.4.0.bb |  1 +
 2 files changed, 27 insertions(+)
 create mode 100644 meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32460.patch

diff --git a/meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32460.patch b/meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32460.patch
new file mode 100644
index 0000000000..95eb8cd076
--- /dev/null
+++ b/meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32460.patch
@@ -0,0 +1,26 @@
+From 4e64b3356b155835d991bcb70a9aa914252fece7 Mon Sep 17 00:00:00 2001
+From: akallabeth <akallabeth@posteo.net>
+Date: Tue, 16 Apr 2024 08:47:31 +0200
+Subject: [PATCH] fix off by one length check
+
+CVE: CVE-2024-32460
+Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/ecfafe4ad054435d84cb7b111ea73ebd46832fb6]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ libfreerdp/codec/interleaved.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libfreerdp/codec/interleaved.c b/libfreerdp/codec/interleaved.c
+index 75b2e2775..df148b667 100644
+--- a/libfreerdp/codec/interleaved.c
++++ b/libfreerdp/codec/interleaved.c
+@@ -237,7 +237,7 @@ static UINT ExtractRunLengthLiteFgBg(const BYTE* pbOrderHdr, const BYTE* pbEnd,
+ 	runLength = *pbOrderHdr & g_MaskLiteRunLength;
+ 	if (runLength == 0)
+ 	{
+-		if (!buffer_within_range(pbOrderHdr, 1, pbEnd))
++		if (!buffer_within_range(pbOrderHdr, 2, pbEnd))
+ 		{
+ 			*advance = 0;
+ 			return 0;
diff --git a/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb b/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
index ede4551a87..fd9df18b43 100644
--- a/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
+++ b/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
@@ -13,6 +13,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=master;protocol=https \
            file://CVE-2024-32040.patch \
            file://CVE-2024-32458.patch \
            file://CVE-2024-32459.patch \
+           file://CVE-2024-32460.patch \
            "
 
 S = "${WORKDIR}/git"