From 3629a84d3fe49547b3be46168db211c5e96c70fd Mon Sep 17 00:00:00 2001
From: Armin Novak <armin.novak@thincast.com>
Date: Tue, 16 Oct 2018 17:10:03 +0200
Subject: [PATCH] Fixed missing input validation.

---
 libfreerdp/gdi/graphics.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libfreerdp/gdi/graphics.c b/libfreerdp/gdi/graphics.c
index cf2edefaf..4bc07056c 100644
--- a/libfreerdp/gdi/graphics.c
+++ b/libfreerdp/gdi/graphics.c
@@ -176,6 +176,9 @@ static BOOL gdi_Bitmap_Decompress(rdpContext* context, rdpBitmap* bitmap,
 	{
 		SrcFormat = gdi_get_pixel_format(bpp);
 
+		if (SrcSize < bitmap->length)
+			return FALSE;
+
 		if (!freerdp_image_copy(bitmap->data, bitmap->format, 0, 0, 0,
 		                        DstWidth, DstHeight, pSrcData, SrcFormat,
 		                        0, 0, 0, &gdi->palette, FREERDP_FLIP_VERTICAL))