FYI: 7e159eaa14b0041fcc3ee5783cd1e4f2d039a1a1 (included in pidgin-2.7.2) is unneeded cruft

Paul Aurich paul at darkrain42.org
Tue Aug 3 20:58:22 EDT 2010


On 2010-08-03 17:35, Yuriy Kaminskiy wrote:
> Hello!
> This patch had sense only before pidgin-2.5.8 (seems someone was even more slow
> with pushing patches upstream than me :-)).
> My patch (included in 2.5.8) fixed this problem in more generic way - now it is
> impossible to allocate those "big amount of memory", as *before* allocation
> byte_stream_getstr would check for available buffer size (which was already read
> from network and allocated [more than once; pidgin is far from being zero-copy
> design], and so cannot be "large").
> So no wonder you could not reproduce this issue (it *was* very real [with
> security implications] issue before, but already fixed [in different way] long
> time ago).

Sadly, this is incorrect.  There were at least two people who reported
intermittent (unreproducible-ish) crashes in this area in post-2.5.8
code (I'm uncertain on versions, but I know at least one of those MUST
have been using 2.6.0+).

~Paul


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://pidgin.im/pipermail/devel/attachments/20100803/e9fdc5b2/attachment.sig>


More information about the Devel mailing list