/pidgin/main: 048d46315e91: Merged TALOS-CAN-0142

Mon Jun 20 20:09:59 EDT 2016

Changeset: 048d46315e91881135c7198498063bac50d69c14
Author:	 Gary Kramlich <grim at reaperworld.com>
Date:	 2016-06-12 22:22 -0500
Branch:	 release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/048d46315e91

Description:

Merged TALOS-CAN-0142

diffstat:

 ChangeLog                          |  2 ++
 libpurple/protocols/mxit/multimx.c |  2 +-
 2 files changed, 3 insertions(+), 1 deletions(-)

diffs (24 lines):

diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -37,6 +37,8 @@ version 2.10.13 (MM/DD/YY):
 	  Cisco Talos.  (TALOS-CAN-0136)
 	* Fixed a remote NULL pointer dereference.  Discovered by Yves Younan of
 	  Cisco Talos (TALOS-CAN-0137)
+	* Fixed a remote code execution issue discovered by Yves Younan of Cisco
+	  Talos.  (TALOS-CAN-0142)
 
 version 2.10.12 (12/31/15):
 	General:
diff --git a/libpurple/protocols/mxit/multimx.c b/libpurple/protocols/mxit/multimx.c
--- a/libpurple/protocols/mxit/multimx.c
+++ b/libpurple/protocols/mxit/multimx.c
@@ -360,7 +360,7 @@ void multimx_message_received(struct RXM
 		unsigned int i;
 
 		for (i = 1; i < strlen(msg); i++) {		/* search for end of nickname */
-			if (msg[i] == '>') {
+			if ((msg[i] == '>') && (msg[i+1] == '\n')) {
 				msg[i] = '\0';
 				g_free(mx->from);
 				mx->from = g_strdup(&msg[1]);

