From 73897ebd3b90c4ab638c0eedcddd6e54f5ae5700 Mon Sep 17 00:00:00 2001
From: Armin Novak <armin.novak@thincast.com>
Date: Wed, 11 Sep 2019 11:45:59 +0200
Subject: [PATCH] Tighter error checking for integer options in RDP file.

---
 client/common/file.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/client/common/file.c b/client/common/file.c
index c47e525..0c27504 100644
--- a/client/common/file.c
+++ b/client/common/file.c
@@ -370,11 +370,13 @@ static BOOL freerdp_client_rdp_file_set_integer(rdpFile* file, const char* name,
 static BOOL freerdp_client_parse_rdp_file_integer(rdpFile* file, const char* name,
 												  const char* value, SSIZE_T index)
 {
+	char* endptr;
 	long ivalue;
 	errno = 0;
-	ivalue = strtol(value, NULL, 0);
+	ivalue = strtol(value, &endptr, 0);
 
-	if ((errno != 0) || (ivalue > INT32_MAX) || (ivalue < INT32_MIN))
+	if ((endptr == NULL) || (errno != 0) || (endptr == value) ||
+			(ivalue > INT32_MAX) || (ivalue < INT32_MIN))
 	{
 		WLog_ERR(TAG, "Failed to convert RDP file integer option %s [value=%s]", name, value);
 		return FALSE;
-- 
2.7.4