pidgin.2.5.5.veracode: b1472837: Make sure that the chat room name is NUL...
datallah at pidgin.im
datallah at pidgin.im
Thu May 14 17:36:40 EDT 2009
-----------------------------------------------------------------
Revision: b14728379c16e92457492a7a4fc9a6b616e3fbe4
Ancestor: 8331e31aeb0f14ac9b94a06bea4353bd9a01ba5a
Author: datallah at pidgin.im
Date: 2009-05-02T19:21:11
Branch: im.pidgin.pidgin.2.5.5.veracode
URL: http://d.pidgin.im/viewmtn/revision/info/b14728379c16e92457492a7a4fc9a6b616e3fbe4
Modified files:
libpurple/protocols/oscar/family_oservice.c
ChangeLog:
Make sure that the chat room name is NUL-terminated when it is truncated or
exactly 128 chars.
This came out of the veracode analysis.
-------------- next part --------------
============================================================
--- libpurple/protocols/oscar/family_oservice.c 25093954f77cfe6b3f32e8b1eb135bcad739acd8
+++ libpurple/protocols/oscar/family_oservice.c 0725d2b0880fbcd1375894b18b3216765a1cf4ab
@@ -151,7 +151,8 @@ aim_chat_join(OscarData *od, guint16 exc
memset(&csi, 0, sizeof(csi));
csi.exchange = exchange;
- strncpy(csi.name, roomname, sizeof(csi.name));
+ strncpy(csi.name, roomname, sizeof(csi.name) - 1);
+ csi.name[sizeof(csi.name) - 1] = '\0';
csi.instance = instance;
/*
More information about the Commits
mailing list