/pidgin/main: ccde331355d8: Merged TALOS-CAN-0128
Gary Kramlich
grim at reaperworld.com
Mon Jun 20 20:09:59 EDT 2016
Changeset: ccde331355d8baa8a8bee07e062eb872439f4fdf
Author: Gary Kramlich <grim at reaperworld.com>
Date: 2016-06-12 22:10 -0500
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/ccde331355d8
Description:
Merged TALOS-CAN-0128
diffstat:
ChangeLog | 2 ++
libpurple/protocols/mxit/splashscreen.c | 4 ++--
2 files changed, 4 insertions(+), 2 deletions(-)
diffs (33 lines):
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -26,6 +26,8 @@ version 2.10.13 (MM/DD/YY):
Younan of Cisco Talos. (TALOS-CAN-0119)
* Fixed an out-of-bounds read discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0123)
+ * Fixed a directory traversal issue. Discovered by Yves Younan of Cisco
+ Talos (TALOS-CAN-0128)
version 2.10.12 (12/31/15):
General:
diff --git a/libpurple/protocols/mxit/splashscreen.c b/libpurple/protocols/mxit/splashscreen.c
--- a/libpurple/protocols/mxit/splashscreen.c
+++ b/libpurple/protocols/mxit/splashscreen.c
@@ -93,7 +93,7 @@ void splash_remove(struct MXitSession* s
purple_debug_info(MXIT_PLUGIN_ID, "Removing splashId: '%s'\n", splashId);
/* Delete stored splash image */
- filename = g_strdup_printf("%s" G_DIR_SEPARATOR_S "mxit" G_DIR_SEPARATOR_S "%s.png", purple_user_dir(), splashId);
+ filename = g_strdup_printf("%s" G_DIR_SEPARATOR_S "mxit" G_DIR_SEPARATOR_S "%s.png", purple_user_dir(), purple_escape_filename(splashId));
g_unlink(filename);
g_free(filename);
@@ -179,7 +179,7 @@ void splash_display(struct MXitSession*
purple_debug_info(MXIT_PLUGIN_ID, "Display Splash: '%s'\n", splashId);
/* Load splash-screen image from file */
- filename = g_strdup_printf("%s" G_DIR_SEPARATOR_S "mxit" G_DIR_SEPARATOR_S "%s.png", purple_user_dir(), splashId);
+ filename = g_strdup_printf("%s" G_DIR_SEPARATOR_S "mxit" G_DIR_SEPARATOR_S "%s.png", purple_user_dir(), purple_escape_filename(splashId));
if (g_file_get_contents(filename, &imgdata, &imglen, NULL)) {
char buf[128];
More information about the Commits
mailing list