Remotely triggerable crash in libpurple
Daniel Atallah
daniel.atallah at gmail.com
Mon Oct 12 11:12:12 EDT 2009
On Mon, Oct 12, 2009 at 10:18, Ethan Blanton <elb at pidgin.im> wrote:
> Daniel Atallah spake unto us the following wisdom:
>> I've reviewed the patch and the one part I'm missing is where
>>
>> - for (i=0; i<strlen(text[0]); i++)
>> - num = num*10 + text[0][i]-48;
>> + num = strtoul(text[0], NULL, 10);
>>
>> are equivalent.
>
> 48 is the ASCII value of '0'. This starts with the leftmost character
> and decodes an ASCII string representing a base-10 number. That's
> exactly what strtoul does. :-)
Aha! makes sense.
-D
More information about the security
mailing list