From a682f5efd050123fa0e61631942c14f00747d7f6 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Sat, 11 Oct 2025 20:13:36 +0200
Subject: [PATCH] freerdp3: patch CVE-2025-32659

Details: https://nvd.nist.gov/vuln/detail/CVE-2024-32659

Pick the commit that mentioned in the above CVE report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../freerdp/freerdp3/CVE-2024-32659.patch     | 27 +++++++++++++++++++
 .../recipes-support/freerdp/freerdp3_3.4.0.bb |  1 +
 2 files changed, 28 insertions(+)
 create mode 100644 meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32659.patch

diff --git a/meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32659.patch b/meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32659.patch
new file mode 100644
index 0000000000..25d2613cda
--- /dev/null
+++ b/meta-oe/recipes-support/freerdp/freerdp3/CVE-2024-32659.patch
@@ -0,0 +1,27 @@
+From 47d18566159cefd714187e9b143a6ecbd1b13781 Mon Sep 17 00:00:00 2001
+From: akallabeth <akallabeth@posteo.net>
+Date: Sun, 21 Apr 2024 10:18:43 +0200
+Subject: [PATCH] fix out of bound read
+
+CVE: CVE-2024-32659
+Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/6430945ce003a5e24d454d8566f54aae1b6b617b]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ libfreerdp/codec/color.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libfreerdp/codec/color.c b/libfreerdp/codec/color.c
+index 186d477c8..9aba6df65 100644
+--- a/libfreerdp/codec/color.c
++++ b/libfreerdp/codec/color.c
+@@ -847,6 +847,9 @@ BOOL freerdp_image_copy(BYTE* pDstData, DWORD DstFormat, UINT32 nDstStep, UINT32
+ 	if (!pDstData || !pSrcData)
+ 		return FALSE;
+ 
++	if ((nWidth == 0) || (nHeight == 0))
++		return TRUE;
++
+ 	if (nDstStep == 0)
+ 		nDstStep = nWidth * FreeRDPGetBytesPerPixel(DstFormat);
+ 
diff --git a/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb b/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
index f71cc06ebd..8649e28ecb 100644
--- a/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
+++ b/meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
@@ -15,6 +15,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=master;protocol=https \
            file://CVE-2024-32459.patch \
            file://CVE-2024-32460.patch \
            file://CVE-2024-32658.patch \
+           file://CVE-2024-32659.patch \
            "
 
 S = "${WORKDIR}/git"