Fixed Out-of-bound read in glyph_cache_put

CVE-2020-11098 thanks to @antonio-morales for finding this. (cherry picked from commit c0fd449ec0)
2020-05-25 09:42:02 +02:00 · 2020-05-25 09:42:02 +02:00 · d1da09f7e1
--- a/libfreerdp/cache/glyph.c
+++ b/libfreerdp/cache/glyph.c
@ -579,7 +579,7 @@ BOOL glyph_cache_put(rdpGlyphCache* glyphCache, UINT32 id, UINT32 index, rdpGlyp
 		return FALSE;
 	}

-	if (index > glyphCache->glyphCache[id].number)
+	if (index >= glyphCache->glyphCache[id].number)
 	{
 		WLog_ERR(TAG, "invalid glyph cache index: %" PRIu32 " in cache id: %" PRIu32 "", index, id);
 		return FALSE;