pidgin.2.x.y: 94cbd5a6: Fix a possible MSN remote crash

markdoliner at pidgin.im markdoliner at pidgin.im
Mon May 7 00:08:18 EDT 2012


----------------------------------------------------------------------
Revision: 94cbd5a68ee237c970d8bd6d9d53106f1b9627ad
Parent:   d991ff6d558d185527a09eae0378edb3fc7057a5
Author:   markdoliner at pidgin.im
Date:     05/06/12 23:18:08
Branch:   im.pidgin.pidgin.2.x.y
URL: http://d.pidgin.im/viewmtn/revision/info/94cbd5a68ee237c970d8bd6d9d53106f1b9627ad

Changelog: 

Fix a possible MSN remote crash

Incoming messages with certain characters or character encodings
can cause clients to crash.  The fix is for the contents of all
incoming plaintext messages are converted to UTF-8 and validated
before used.

This was reported to us by Fabian Yamaguchi and this patch was written
by Elliott Sales de Andrade (maybe with small, insignificant changes by me)

Changes against parent d991ff6d558d185527a09eae0378edb3fc7057a5

  patched  libpurple/protocols/msn/msg.c

-------------- next part --------------
============================================================
--- libpurple/protocols/msn/msg.c	94fe3963ccab9a56f0311277c241efbc0242a4d6
+++ libpurple/protocols/msn/msg.c	417ae5cb2f85d578b7e00fcb9c450dad1171c499
@@ -257,13 +257,47 @@ msn_message_parse_payload(MsnMessage *ms
 		msg->body[msg->body_len] = '\0';
 	}
 
-	if ((!content_type || !strcmp(content_type, "text/plain"))
-			&& msg->charset == NULL) {
-		char *body = g_convert(msg->body, msg->body_len, "UTF-8",
-				"ISO-8859-1", NULL, &msg->body_len, NULL);
-		g_free(msg->body);
-		msg->body = body;
-		msg->charset = g_strdup("UTF-8");
+	if (msg->body && content_type && purple_str_has_prefix(content_type, "text/")) {
+		char *body = NULL;
+
+		if (msg->charset == NULL || g_str_equal(msg->charset, "UTF-8")) {
+			/* Charset is UTF-8 */
+			if (!g_utf8_validate(msg->body, msg->body_len, NULL)) {
+				purple_debug_warning("msn", "Message contains invalid "
+						"UTF-8. Attempting to salvage.\n");
+				body = purple_utf8_salvage(msg->body);
+				payload_len = strlen(body);
+			}
+		} else {
+			/* Charset is something other than UTF-8 */
+			GError *err = NULL;
+			body = g_convert(msg->body, msg->body_len, "UTF-8",
+					msg->charset, NULL, &payload_len, &err);
+			if (!body || err) {
+				purple_debug_warning("msn", "Unable to convert message from "
+						"%s to UTF-8: %s\n", msg->charset,
+						err ? err->message : "Unknown error");
+				if (err)
+					g_error_free(err);
+
+				/* Fallback to ISO-8859-1 */
+				g_free(body);
+				body = g_convert(msg->body, msg->body_len, "UTF-8",
+						"ISO-8859-1", NULL, &payload_len, NULL);
+				if (!body) {
+					g_free(msg->body);
+					msg->body = NULL;
+					msg->body_len = 0;
+				}
+			}
+		}
+
+		if (body) {
+			g_free(msg->body);
+			msg->body = body;
+			msg->body_len = payload_len;
+			msn_message_set_charset(msg, "UTF-8");
+		}
 	}
 
 	g_free(tmp_base);


More information about the Commits mailing list