From 98602294d9fa0071e8d7f7bca676b00499d9c935 Mon Sep 17 00:00:00 2001
From: Alex Leitner <aleitner@keepersecurity.com>
Date: Mon, 22 Jul 2024 10:34:00 -0400
Subject: [PATCH] GUACAMOLE-1971: Safely multiply values to be used for memory
 allocation.

---
 src/protocols/rdp/pointer.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/protocols/rdp/pointer.c b/src/protocols/rdp/pointer.c
index 165cde13..104d57f6 100644
--- a/src/protocols/rdp/pointer.c
+++ b/src/protocols/rdp/pointer.c
@@ -29,6 +29,7 @@
 #include <freerdp/freerdp.h>
 #include <freerdp/gdi/gdi.h>
 #include <guacamole/client.h>
+#include <guacamole/mem.h>
 #include <winpr/crt.h>
 
 BOOL guac_rdp_pointer_new(rdpContext* context, rdpPointer* pointer) {
@@ -41,7 +42,8 @@ BOOL guac_rdp_pointer_new(rdpContext* context, rdpPointer* pointer) {
             rdp_client->display, pointer->width, pointer->height);
 
     /* Allocate data for image */
-    unsigned char* data = _aligned_malloc(pointer->width * pointer->height * 4, 16);
+    unsigned char* data = _aligned_malloc(guac_mem_ckd_mul_or_die(pointer->width, 
+            pointer->height, 4), 16);
 
     cairo_surface_t* surface;
 
@@ -122,4 +124,3 @@ BOOL guac_rdp_pointer_set_default(rdpContext* context) {
 
     return TRUE;
 }
-