[Cabal] [Fwd: xmlnode memory leak patch]
elb at psg.com
Sun Dec 31 13:41:07 EST 2006
Luke Schierer spake unto us the following wisdom:
> Does this have security implications that it is not being discussed on
Yes. Malformed XML sent on Jabber, Bonjour, or UPnP can cause us to
leak an arbitrary (chosen by the "attacker") amount of memory.
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : http://pidgin.im/cgi-bin/mailman/private/cabal/attachments/20061231/db7bde47/attachment.pgp
More information about the Cabal