mirrors
/
FreeRDP
mirror of https://github.com/FreeRDP/FreeRDP
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed out of bound access.

This commit is contained in:
Armin Novak 2018-09-05 15:28:06 +02:00
parent 0de43c8b85
commit cf319001f9
1 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
libfreerdp/core/info.c
View File

@ -43,6 +43,8 @@ static const char* const INFO_TYPE_LOGON_STRINGS[4] =
"Logon Extended Info"
};
/* This define limits the length of the strings in the label field. */
#define MAX_LABEL_LENGTH 40
static struct
{
UINT32 flag;
@ -73,22 +75,17 @@ static struct
FREERDP_LOCAL char* rdp_info_package_flags_description(UINT32 flags)
{
char* result;
size_t maximum_size = 0;
size_t maximum_size = 1; /* Reserve space for the terminating '\0' by strcat if all flags set */
size_t i;
size_t size;
for (i = 0; i < ARRAYSIZE(info_flags); i ++)
{
maximum_size += strlen(info_flags[i].label) + 1;
}
maximum_size += strnlen(info_flags[i].label, MAX_LABEL_LENGTH) + 1;
result = malloc(maximum_size);
result = calloc(maximum_size, sizeof(char));
if (!result)
{
return 0;
}
result[0] = '\0';
for (i = 0; i < ARRAYSIZE(info_flags); i ++)
{
@ -99,7 +96,11 @@ FREERDP_LOCAL char* rdp_info_package_flags_description(UINT32 flags)
}
}
result[strlen(result) - 1] = '\0'; /* remove last "|" */
size = strnlen(result, maximum_size);
if (size > 0)
result[size - 1] = '\0'; /* remove last "|" */
return result;
}