pidgin: ffd6e338: Add a maximum length when parsing the P2...

qulogic at pidgin.im qulogic at pidgin.im
Thu Mar 10 01:31:14 EST 2011 

----------------------------------------------------------------------
Revision: ffd6e338597b87622301f54398703896e7124748
Parent:   90ad8eca0d468e9f2a7fa150a3fe0f8e4db9abc4
Author:   qulogic at pidgin.im
Date:     03/10/11 00:00:17
Branch:   im.pidgin.pidgin
URL: http://d.pidgin.im/viewmtn/revision/info/ffd6e338597b87622301f54398703896e7124748

Changelog: 

Add a maximum length when parsing the P2P wire data.

Changes against parent 90ad8eca0d468e9f2a7fa150a3fe0f8e4db9abc4

  patched  libpurple/protocols/msn/p2p.c
  patched  libpurple/protocols/msn/p2p.h
  patched  libpurple/protocols/msn/slplink.c
  patched  libpurple/protocols/msn/slpmsg_part.c

-------------- next part --------------
============================================================
--- libpurple/protocols/msn/slplink.c	542828002fd3461e9b1b984997c1b095808000fd
+++ libpurple/protocols/msn/slplink.c	c39ad626792dff61f26ac4d1f80ca5beab330e0e
@@ -289,7 +289,7 @@ msn_slplink_send_msgpart(MsnSlpLink *slp
 	/* Maybe we will want to create a new msg for this slpmsg instead of
 	 * reusing the same one all the time. */
 	info = slpmsg->p2p_info;
-	part = msn_slpmsgpart_new(info);
+	part = msn_slpmsgpart_new(msn_p2p_info_dup(info));
 	part->ack_data = slpmsg;
 
 	real_size = (msn_p2p_info_get_flags(info) == P2P_ACK) ? 0 : slpmsg->size;
============================================================
--- libpurple/protocols/msn/p2p.h	f4f11b3492534222d3f5d49cef8c6ec557651261
+++ libpurple/protocols/msn/p2p.h	7f31a2cfa43e749fcacef6c97cc8d2e5af5d9165
@@ -113,7 +113,7 @@ size_t
 msn_p2p_info_free(MsnP2PInfo *info);
 
 size_t
-msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire);
+msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire, size_t max_len);
 
 char *
 msn_p2p_header_to_wire(MsnP2PInfo *info, size_t *len);
============================================================
--- libpurple/protocols/msn/p2p.c	5df8d7afd6207ea006afa5f2f2440795a68d1326
+++ libpurple/protocols/msn/p2p.c	af119f89de0271f164d01e1efabc9f30ee42a834
@@ -88,7 +88,7 @@ size_t
 }
 
 size_t
-msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire)
+msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire, size_t max_len)
 {
 	size_t len;
 
============================================================
--- libpurple/protocols/msn/slpmsg_part.c	04872e920f062e46677804811987ebbd719b369d
+++ libpurple/protocols/msn/slpmsg_part.c	a222ab61724234e114161fb6f0c28652cecf03b8
@@ -34,8 +34,7 @@ MsnSlpMessagePart *msn_slpmsgpart_new(Ms
 
 	part = g_new0(MsnSlpMessagePart, 1);
 
-	if (info)
-		part->info = msn_p2p_info_dup(info);
+	part->info = info;
 
 	part->ack_cb = msn_slpmsgpart_ack;
 	part->nak_cb = msn_slpmsgpart_nak;
@@ -46,19 +45,20 @@ MsnSlpMessagePart *msn_slpmsgpart_new_fr
 MsnSlpMessagePart *msn_slpmsgpart_new_from_data(const char *data, size_t data_len)
 {
 	MsnSlpMessagePart *part;
+	MsnP2PInfo *info;
 	size_t len;
 	int body_len;
 
-	if (data_len < P2P_PACKET_HEADER_SIZE) {
+	info = msn_p2p_info_new(MSN_P2P_VERSION_ONE);
+
+	/* Extract the binary SLP header */
+	len = msn_p2p_header_from_wire(info, data, data_len);
+	if (len == 0) {
+		msn_p2p_info_free(info);
 		return NULL;
 	}
-
-	part = msn_slpmsgpart_new(NULL);
-	part->info = msn_p2p_info_new(MSN_P2P_VERSION_ONE);
-
-	/* Extract the binary SLP header */
-	len = msn_p2p_header_from_wire(part->info, data);
 	data += len;
+	part = msn_slpmsgpart_new(info);
 
 	/* Extract the body */
 	body_len = data_len - len - P2P_PACKET_FOOTER_SIZE;

More information about the Commits mailing list