[PATCH] digest-md5 SASL challenges ending with a quoted value are parsed incorrectly
Evan Schoenberg
evan.s at dreskin.net
Wed Jan 21 18:12:21 EST 2009
On Jan 21, 2009, at 4:05 PM, Yann Kerherve wrote:
> In the case where parse_challenge is at the last token of a
> challenge and
> this token has a quoted value, then it needs to rewind one character
> when
> cur is positioned at the terminal NULL.
>
> This fixes an issue where libpurple would parse a realm value (for
> instance)
> as 'myrealm"' instead of 'myrealm' resulting in chaos and failure of
> the
> SASL negotiation.
AND
> Attached is a patch for what I think is a copy/paste error. I've not
> seen any bug caused by that, but I guess the bug exists if a challenge
> ends with a trailing newline.
Thanks, Yann. I committed both your patches to im.pidgin.pidgin in
8b089c2f6fe2d4dd78d481892094de09dc76c1ec and have also propagated them
to im.pidgin.adium.
-Evan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://pidgin.im/pipermail/devel/attachments/20090121/e07e6c62/attachment.sig>
More information about the Devel
mailing list