pidgin.2.4.3: c3831c91: MSN SLP fix
nosnilmot at pidgin.im
nosnilmot at pidgin.im
Thu Jun 26 15:11:22 EDT 2008
-----------------------------------------------------------------
Revision: c3831c9181f4f61b747321240086ee79e4a08fd8
Ancestor: e09d33c61a6e5a59bfc3a52a4370aadf0a90f254
Author: nosnilmot at pidgin.im
Date: 2008-06-26T19:04:52
Branch: im.pidgin.pidgin.2.4.3
URL: http://d.pidgin.im/viewmtn/revision/info/c3831c9181f4f61b747321240086ee79e4a08fd8
Modified files:
libpurple/protocols/msn/slplink.c
libpurple/protocols/msnp9/slplink.c
ChangeLog:
MSN SLP fix
-------------- next part --------------
============================================================
--- libpurple/protocols/msn/slplink.c 5cd3e67fd79fb13565deda09ed4e4d4610d3d378
+++ libpurple/protocols/msn/slplink.c dd6392955d4e3a5836d14f7b930a3af9148fe96e
@@ -593,7 +593,7 @@ msn_slplink_process_msg(MsnSlpLink *slpl
}
else if (slpmsg->size)
{
- if (offset < 0 || (offset + len) > slpmsg->size)
+ if (G_MAXSIZE - len < offset || (offset + len) > slpmsg->size)
{
purple_debug_error("msn",
"Oversized slpmsg - msgsize=%lld offset=%" G_GSIZE_FORMAT " len=%" G_GSIZE_FORMAT "\n",
============================================================
--- libpurple/protocols/msnp9/slplink.c 29b8832fc90a281ceb974d7b8a5e99f7a06f4f6e
+++ libpurple/protocols/msnp9/slplink.c f65596ea173bf7c9c1114edd7599140f470e7788
@@ -597,7 +597,7 @@ msn_slplink_process_msg(MsnSlpLink *slpl
}
else if (slpmsg->size)
{
- if (offset < 0 || (offset + len) > slpmsg->size)
+ if (G_MAXSIZE - len < offset || (offset + len) > slpmsg->size)
{
purple_debug_error("msn", "Oversized slpmsg\n");
g_return_if_reached();
More information about the Commits
mailing list