Remotely triggerable crash in libpurple

Mark Doliner mark at
Thu Oct 15 19:54:04 EDT 2009

On Mon, Oct 12, 2009 at 6:42 AM, Daniel Atallah
<daniel.atallah at> wrote:
> On Mon, Oct 12, 2009 at 04:09, Mark Doliner <mark at> wrote:
>> A ticket was filed yesterday where a 3rd party IM (SIM) client can
>> cause a crash in Pidgin when a SIM ICQ user attempts to send a list of
>> contacts to a Pidgin user.
> <SNIP>
>> The format of the ICBM sent to us by SIM is pretty different from what
>> we're expecting, and I'm not quite sure why yet.  But it's pretty easy
>> to fix the erroneous assumptions in our code.  Can one or two people
>> look at the attached patch and also maybe the little bit of the
>> affected function and make sure I'm not missing anything?


> The rest looks fine to me.  It might be worth adding some debug output
> to an else statement for "if (num > 0 && errno == 0) {"

Done (in my local copy--I haven't checked in yet).

>> If all looks well with the patch then I propose throwing together a
>> lightweight 2.6.3, which is 2.6.2+this fix+any other small and
>> important bug fixes, with a minimum of string changes.
> Is there anything else to be done for the rash of AIM/ICQ issues that
> have come up lately?  Are we still pretty confident it is a server
> problem?

I just fixed the problem where the privacy lists weren't working.
It's possible this will also fix the problem with buddy lists not
showing up or people not showing up online or buddies presence not
updating.  I think it makes sense to release this privacy list change
along with the ICBM crash fix.


More information about the security mailing list