security review and patches for libpurple

Mark Doliner mark at kingant.net
Tue Aug 9 15:26:20 EDT 2011


On Tue, Aug 9, 2011 at 9:26 AM, Ethan Blanton <elb at pidgin.im> wrote:
> In places, yeah.  I think you'll find my changes less offensive than
> their original patches, but certainly there are still checks which are
> not really *right*, but will simply prevent crashes.  As to whether
> overrunning the string is better ... I can't say.  Overrunning buffers
> doesn't always lead to crashing, sometimes it leads to much more
> subtle and difficult-to-identify bugs.  When stacks get smashed, even
> if there's a crash, it may not be easy to find from the backtrace.

True, but they WOULD show up in valgrind.

> I'll push my changes here before long, and we can take a collective
> look at them.  If there's agreement that some of them are bad, or
> could be fixed in a different, better way, or simply shouldn't be
> touched, we can always revert.

Cool, that sounds great to me.  Do you know if there are changes that
should be bundled with the other security patches in an embargoed
release?

--Mark


More information about the security mailing list