From 71769b971559d0e4fa744d628cab392eb6551b0e Mon Sep 17 00:00:00 2001 From: Nick Couchman Date: Mon, 4 May 2020 19:49:15 -0400 Subject: [PATCH] GUACAMOLE-1059: Add missing check for manually copied buffer. --- src/protocols/rdp/channels/rdpsnd/rdpsnd-messages.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/protocols/rdp/channels/rdpsnd/rdpsnd-messages.c b/src/protocols/rdp/channels/rdpsnd/rdpsnd-messages.c index cd1ed8ba..af847022 100644 --- a/src/protocols/rdp/channels/rdpsnd/rdpsnd-messages.c +++ b/src/protocols/rdp/channels/rdpsnd/rdpsnd-messages.c @@ -307,6 +307,14 @@ void guac_rdpsnd_wave_handler(guac_rdp_common_svc* svc, guac_rdp_client* rdp_client = (guac_rdp_client*) client->data; guac_audio_stream* audio = rdp_client->audio; + + /* Verify we have at least 4 bytes, which is manually copied below. */ + if (Stream_Length(input_stream) < 4) { + guac_client_log(svc->client, GUAC_LOG_WARNING, "Sound stream does not " + "contain the expected number of bytes. Sound may not work as " + "expected."); + return; + } /* Wave Confirmation PDU */ wStream* output_stream = Stream_New(NULL, 8);