soc.2010.msn-tlc: f9e92250: Manually propagate the fix for CVE-2010-...
masca at cpw.pidgin.im
masca at cpw.pidgin.im
Sat Oct 30 13:51:44 EDT 2010
----------------------------------------------------------------------
Revision: f9e92250cfa7d84022736153e2c970889805aaab
Parent: 831bbdc90079b81e553775314d1975f738470a84
Author: masca at cpw.pidgin.im
Date: 10/30/10 13:45:46
Branch: im.pidgin.soc.2010.msn-tlc
URL: http://d.pidgin.im/viewmtn/revision/info/f9e92250cfa7d84022736153e2c970889805aaab
Changelog:
Manually propagate the fix for CVE-2010-3711.
Changes against parent 831bbdc90079b81e553775314d1975f738470a84
patched libpurple/protocols/msn/slpcall.c
-------------- next part --------------
============================================================
--- libpurple/protocols/msn/slpcall.c ddd88164103534dbb88d4b2e57a2e92af7d5c937
+++ libpurple/protocols/msn/slpcall.c b60a5b2653d2e9c275871227e8756c45da0c8024
@@ -527,7 +527,7 @@ got_sessionreq(MsnSlpCall *slpcall, cons
slpcall->slplink->remote_user);
header = (MsnFileContext *)purple_base64_decode(context, &bin_len);
- if (bin_len >= sizeof(MsnFileContext) - 1 &&
+ if (header != NULL && bin_len >= sizeof(MsnFileContext) - 1 &&
(header->version == 2 ||
(header->version == 3 && header->length == sizeof(MsnFileContext) + 63))) {
file_size = GUINT64_FROM_LE(header->file_size);
More information about the Commits
mailing list