pidgin: 9dd1c4c3: Fixes a buffer overflow in the ZDI-08-05...

khc at pidgin.im khc at pidgin.im
Sat May 2 15:15:37 EDT 2009


-----------------------------------------------------------------
Revision: 9dd1c4c3db68a80dbf157a0c0bc0c723e42b7a6e
Ancestor: caff038902b2bfe825a66afcd5d46df9a181b043
Author: khc at pidgin.im
Date: 2009-05-02T19:12:33
Branch: im.pidgin.pidgin
URL: http://d.pidgin.im/viewmtn/revision/info/9dd1c4c3db68a80dbf157a0c0bc0c723e42b7a6e

Modified files:
        libpurple/protocols/msn/slplink.c

ChangeLog: 

Fixes a buffer overflow in the ZDI-08-054 report


-------------- next part --------------
============================================================
--- libpurple/protocols/msn/slplink.c	3cd565e1ba25d733b996f028939c882f9b98f868
+++ libpurple/protocols/msn/slplink.c	cf3ed7b8faed95a3560cf36eb60525cfac37bdb0
@@ -493,7 +493,7 @@ msn_slplink_process_msg(MsnSlpLink *slpl
 {
 	MsnSlpMessage *slpmsg;
 	const char *data;
-	gsize offset;
+	guint64 offset;
 	gsize len;
 
 #ifdef MSN_DEBUG_SLP
@@ -565,6 +565,7 @@ msn_slplink_process_msg(MsnSlpLink *slpl
 			if (slpmsg->buffer == NULL)
 			{
 				purple_debug_error("msn", "Failed to allocate buffer for slpmsg\n");
+				msn_slpmsg_destroy(slpmsg);
 				return;
 			}
 		}


More information about the Commits mailing list