/pidgin/main: 3c21af28962e: MXit: Rather use a GString to store ...

Andrew Victor andrew.victor at mxit.com
Tue Jan 29 16:20:26 EST 2013 

Changeset: 3c21af28962e009d298dd7555a3ccb715fdddfef
Author:	 Andrew Victor <andrew.victor at mxit.com>
Date:	 2013-01-29 23:20 +0200
Branch:	 release-2.x.y
URL: http://hg.pidgin.im/pidgin/main/rev/3c21af28962e

Description:

MXit: Rather use a GString to store the raw encrypted password.
The static buffer could probably be overflowed by entering a too long
password, and cause Pidgin to crash.

diffstat:

 libpurple/protocols/mxit/cipher.c |  16 ++++++++++------
 1 files changed, 10 insertions(+), 6 deletions(-)

diffs (40 lines):

diff --git a/libpurple/protocols/mxit/cipher.c b/libpurple/protocols/mxit/cipher.c
--- a/libpurple/protocols/mxit/cipher.c
+++ b/libpurple/protocols/mxit/cipher.c
@@ -110,14 +110,12 @@ char* mxit_encrypt_password( struct MXit
 	char		key[16 + 1];
 	char		exkey[512];
 	GString*	pass			= NULL;
-	char		encrypted[64];
+	GString*	encrypted		= NULL;
 	char*		base64;
 	int			i;
 
 	purple_debug_info( MXIT_PLUGIN_ID, "mxit_encrypt_password\n" );
 
-	memset( encrypted, 0x00, sizeof( encrypted ) );
-
 	/* build the AES encryption key */
 	g_strlcpy( key, INITIAL_KEY, sizeof( key ) );
 	memcpy( key, session->clientkey, strlen( session->clientkey ) );
@@ -129,11 +127,17 @@ char* mxit_encrypt_password( struct MXit
 	padding_add( pass );		/* add ISO10126 padding */
 
 	/* now encrypt the secret. we encrypt each block separately (ECB mode) */
-	for ( i = 0; i < pass->len; i += 16 )
-		Encrypt( (unsigned char*) pass->str + i, (unsigned char*) exkey, (unsigned char*) encrypted + i );
+	encrypted = g_string_sized_new( pass->len );
+	for ( i = 0; i < pass->len; i += 16 ) {
+		char	block[16];
+
+		Encrypt( (unsigned char*) pass->str + i, (unsigned char*) exkey, (unsigned char*) block );
+		g_string_append_len( encrypted, block, 16 );
+	}
 
 	/* now base64 encode the encrypted password */
-	base64 = purple_base64_encode( (unsigned char*) encrypted, pass->len );
+	base64 = purple_base64_encode( (unsigned char*) encrypted->str, encrypted->len );
+	g_string_free( encrypted, TRUE );
 
 	g_string_free( pass, TRUE );

More information about the Commits mailing list