[PATCH] digest-md5 SASL challenges ending with a quoted value are parsed incorrectly

Evan Schoenberg evan.s at dreskin.net
Wed Jan 21 18:12:21 EST 2009

On Jan 21, 2009, at 4:05 PM, Yann Kerherve wrote:

> In the case where parse_challenge is at the last token of a  
> challenge and
> this token has a quoted value, then it needs to rewind one character  
> when
> cur is positioned at the terminal NULL.
> This fixes an issue where libpurple would parse a realm value (for  
> instance)
> as 'myrealm"' instead of 'myrealm' resulting in chaos and failure of  
> the
> SASL negotiation.


> Attached is a patch for what I think is a copy/paste error. I've not
> seen any bug caused by that, but I guess the bug exists if a challenge
> ends with a trailing newline.

Thanks, Yann. I committed both your patches to im.pidgin.pidgin in  
8b089c2f6fe2d4dd78d481892094de09dc76c1ec and have also propagated them  
to im.pidgin.adium.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://pidgin.im/pipermail/devel/attachments/20090121/e07e6c62/attachment.sig>

More information about the Devel mailing list