Fwd: FYI: Remote DOS in Pidgin 2.2.0 over MSN

Luke Schierer lschiere at pidgin.im
Thu Sep 27 22:42:50 EDT 2007


On Thu, Sep 27, 2007 at 09:20:44PM -0400, Josh Bressers wrote:
> > 
> > An MSN nudge sent from a previously unknown buddy causes an immediate  
> > crash in libpurple 2.2.0.  I fixed this in  
> > a5dd91b5d76972cf72a56209503c7e32d71c6e3c - I wasn't sure how best to  
> > note the fix without advertising the DOS, so my log message:
> > 
> > serv_got_attention() doesn't expect an escaped string; it just wants a  
> > name. The str variable was unused.
> > 
> > is true but incomplete, as I didn't note that this also fixes the  
> > crash.  With the previous code, buddy was NULL for an unknown remote  
> > user; NULL was then dereferenced to get the name for passing to  
> > serv_got_attention().
> > 
> > What's the proper protocol for handling this sort of thing?
> > 
> 
> Thanks for the heads up Luke.  Is this public anywhere else?  If not I can
> assign it a CVE id.
> 
> -- 
>     JB

As best I am aware, it is not public.

luke



More information about the Packagers mailing list