pidgin.2.5.9: 2692e904: Fix crashes when filenames end up being ...

[rekkanoryo at pidgin.im]

-----------------------------------------------------------------
Revision: 2692e904a56adcdbb8f4f5308c5de88b9e11e273
Ancestor: 0899f42c08f68d7811a5b0ebe68acd5b85eddc13
Author: qulogic at pidgin.im
Date: 2009-08-16T19:30:54
Branch: im.pidgin.pidgin.2.5.9
Tag: v2.5.9
URL: http://d.pidgin.im/viewmtn/revision/info/2692e904a56adcdbb8f4f5308c5de88b9e11e273

Modified files:
        ChangeLog NEWS libpurple/protocols/bonjour/bonjour_ft.c
        libpurple/protocols/jabber/oob.c
        libpurple/protocols/msn/slp.c

ChangeLog: 

Fix crashes when filenames end up being NULL in some prpls.

-------------- next part --------------
============================================================
--- ChangeLog	e3f16498a6222a899a7c4a5efe8498e62e8fe6c2
+++ ChangeLog	9f0f71fa23373aacf0a4cb3ec35e091a77091426
@@ -2,6 +2,8 @@ version 2.5.9 (08/18/2009):
 
 version 2.5.9 (08/18/2009):
 	* Fix a crash via a specially crafted MSN message (CVE-2009-2694).
+	* Fix a crash in Bonjour, MSN, and XMPP when trying to transfer files with
+	  NULL names.
 
 version 2.5.8 (06/27/2009):
 	ICQ:
============================================================
--- NEWS	780ff2df9c2974113878f17b4b31a14a1bc69067
+++ NEWS	1ffb977d148de1ffdbaf67dded747370599af925
@@ -4,7 +4,7 @@ 2.5.9 (08/18/2009):
 
 2.5.9 (08/18/2009):
 	John:  This release is just a crash fix release to address a security
-	issue reported to us by CORE.
+	issue reported to us by CORE and a couple crashes Elliott found.
 
 2.5.8 (06/27/2009):
 	John:  This release is another somewhat rushed bugfix release to fix
============================================================
--- libpurple/protocols/bonjour/bonjour_ft.c	6f80818d2a9d4999de657e50ef0168af44d7fdbe
+++ libpurple/protocols/bonjour/bonjour_ft.c	d020a4f0f441bd9cb9ff8824dbb5ad7a491b2eaa
@@ -448,9 +448,11 @@ xep_si_parse(PurpleConnection *pc, xmlno
 
 				/* TODO: Make sure that it is advertising a bytestreams transfer */
 
-				bonjour_xfer_receive(pc, id, sid, pb->name, filesize, filename, XEP_BYTESTREAMS);
+				if (filename) {
+					bonjour_xfer_receive(pc, id, sid, pb->name, filesize, filename, XEP_BYTESTREAMS);
 
-				parsed_receive = TRUE;
+					parsed_receive = TRUE;
+				}
 			}
 
 			if (!parsed_receive) {
============================================================
--- libpurple/protocols/jabber/oob.c	cb310fdba1498e02094662c003a340c42424a5bc
+++ libpurple/protocols/jabber/oob.c	c155c8a56363be820d8f8adcb79a72c46ff4ae89
@@ -207,7 +207,10 @@ void jabber_oob_parse(JabberStream *js, 
 	url = xmlnode_get_data(urlnode);
 
 	jox = g_new0(JabberOOBXfer, 1);
-	purple_url_parse(url, &jox->address, &jox->port, &jox->page, NULL, NULL);
+	if (!purple_url_parse(url, &jox->address, &jox->port, &jox->page, NULL, NULL)) {
+		g_free(url);
+		return;
+	}
 	g_free(url);
 	jox->js = js;
 	jox->headers = g_string_new("");
============================================================
--- libpurple/protocols/msn/slp.c	75ddba27c8537b193d1268d08fe4e4a6cf807695
+++ libpurple/protocols/msn/slp.c	b99e72a625c7752110e77ab2b341162597f2e4cf
@@ -363,7 +363,7 @@ got_sessionreq(MsnSlpCall *slpcall, cons
 
 			g_free(bin);
 
-			purple_xfer_set_filename(xfer, file_name);
+			purple_xfer_set_filename(xfer, file_name ? file_name : "");
 			g_free(file_name);
 			purple_xfer_set_size(xfer, file_size);
 			purple_xfer_set_init_fnc(xfer, msn_xfer_init);