Buffer Underflow error when using FactoryTalk on a RDP session
search cancel

Buffer Underflow error when using FactoryTalk on a RDP session


Article ID: 244548


Updated On:


CA Privileged Access Manager (PAM)


Buffer Underflow and ArrayIndexOutOfBoundsException error when using FactoryTalk on a RDP session inside jump server on PAM.

The user reports that the error is displayed when he tries to copy and paste graphic objects in FactoryTalk Studio:

"While remoting into an Engineering Work Station using PAM, to work on some graphics in FactoryTalk Studio, PAM crashed when trying to copy and paste a graphics object. The error dialog box attached popped up, and then on acknowledging it my PAM session crashed."

The user is connecting to a jump server on PAM, and from this jump server is connecting to the engineering workstation that runs FactoryTalk Studio.


Release : Affects all PAM releases as of June 2022, including PAM 4.1.



The current PAM RDP client implementation has a limitation in the type of clipboard formats it supports. FactorTalk Studio uses other formats that the PAM RDP client cannot process correctly.


This limitation is documented under Known Issues for current PAM releases, see e.g. the following text on the PAM 4.1 Known Issues page:

RDP Client Does Not Support Custom Clipboard Formats (DE334815)
The RDP Client supports only the following standard clipboard formats for copy and paste operations:
  • CF_DIB
The RDP Client therefore does not support applications that use custom clipboard formats to handle data that cannot be translated into a standard clipboard format. Performing a cut and paste operation in such an application via the RDP client can result in data loss.
: Use the RDP proxy to run applications that use custom clipboard formats

Additional Information

For information on how to use the PAM RDP Proxy with a local native RDP client, such as mstsc.exe, see documentation page Create an RDP Proxy Service to Access a Device. Note that the mstsc.exe native client has a limited number of command line arguments. Specifically there is no argument to pass token <Device Name> into it so that it would show the name of the target device in the title bar. Consequently this client will display a connection to the local IP that is configured in the RDP Proxy service in PAM for connections to any target device. Typically RDP servers do show the hostname and other server information on the desktop.