/pidgin/main: f7939a1534d8: Add some sanity checking to guard ag...
Daniel Atallah
datallah at pidgin.im
Sat Mar 2 14:00:10 EST 2013
Changeset: f7939a1534d8bda2fcc1396b9eddef3c2476f5a0
Author: Daniel Atallah <datallah at pidgin.im>
Date: 2013-03-02 13:59 -0500
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/f7939a1534d8
Description:
Add some sanity checking to guard against mismatched parameters.
diffstat:
libpurple/protocols/mxit/protocol.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diffs (20 lines):
diff --git a/libpurple/protocols/mxit/protocol.c b/libpurple/protocols/mxit/protocol.c
--- a/libpurple/protocols/mxit/protocol.c
+++ b/libpurple/protocols/mxit/protocol.c
@@ -867,9 +867,15 @@ void mxit_send_extprofile_update( struct
);
/* add attributes */
- for ( i = 1; i < nr_attrib * 3; i+=3 )
+ for ( i = 1; i < nr_attrib * 3; i+=3 ) {
+ if ( parts == NULL || parts[i] == NULL || parts[i + 1] == NULL || parts[i + 2] == NULL ) {
+ purple_debug_error( MXIT_PLUGIN_ID, "Invalid profile update attributes = '%s' - nbr=%u\n", attributes, nr_attrib );
+ g_strfreev( parts );
+ return;
+ }
datalen += sprintf( data + datalen, "%c%s%c%s%c%s", /* \1name\1type\1value */
CP_FLD_TERM, parts[i], CP_FLD_TERM, parts[i + 1], CP_FLD_TERM, parts[i + 2] );
+ }
/* queue packet for transmission */
mxit_queue_packet( session, data, datalen, CP_CMD_EXTPROFILE_SET );
More information about the Commits
mailing list