pidgin.2.4.3: 709ec9c2: MSN SLP fix
rlaager at pidgin.im
rlaager at pidgin.im
Thu Jun 26 05:21:43 EDT 2008
-----------------------------------------------------------------
Revision: 709ec9c29e9d76eebbded25061107ef0a2a2b148
Ancestor: 6eb1949a96fa80a4c744fc749c2562abc4cc9ed6
Author: rlaager at pidgin.im
Date: 2008-06-26T08:42:49
Branch: im.pidgin.pidgin.2.4.3
URL: http://d.pidgin.im/viewmtn/revision/info/709ec9c29e9d76eebbded25061107ef0a2a2b148
Modified files:
libpurple/protocols/msn/slplink.c
libpurple/protocols/msnp9/slplink.c
ChangeLog:
MSN SLP fix
-------------- next part --------------
============================================================
--- libpurple/protocols/msn/slplink.c 3b445961c805b0f26d74fcb25cc0b60b944d8f18
+++ libpurple/protocols/msn/slplink.c 5cd3e67fd79fb13565deda09ed4e4d4610d3d378
@@ -593,7 +593,7 @@ msn_slplink_process_msg(MsnSlpLink *slpl
}
else if (slpmsg->size)
{
- if ((offset + len) > slpmsg->size)
+ if (offset < 0 || (offset + len) > slpmsg->size)
{
purple_debug_error("msn",
"Oversized slpmsg - msgsize=%lld offset=%" G_GSIZE_FORMAT " len=%" G_GSIZE_FORMAT "\n",
============================================================
--- libpurple/protocols/msnp9/slplink.c 0148f31961bbe4a9a992377e70db082952505db4
+++ libpurple/protocols/msnp9/slplink.c 29b8832fc90a281ceb974d7b8a5e99f7a06f4f6e
@@ -597,7 +597,7 @@ msn_slplink_process_msg(MsnSlpLink *slpl
}
else if (slpmsg->size)
{
- if ((offset + len) > slpmsg->size)
+ if (offset < 0 || (offset + len) > slpmsg->size)
{
purple_debug_error("msn", "Oversized slpmsg\n");
g_return_if_reached();
More information about the Commits
mailing list