Wrong buffer size calcualtion in msn_httpconn_parse_data

Marius Wachtler undingen at gmail.com
Tue Aug 16 13:20:44 EDT 2011


Sorry for my late response...

> What compiler are you using??  It seems to be good at finding bugs.

I used the clang static analyzer.
If you want to run it by yourself download and compile llvm and clang first.
Then I used something like this to test pidgin: (This is written out
of my head but something like this should work)

$ scan-build ./configure
$ scan-build make

and then to see the result:

$ scan-view <outputdir>

-- Marius

More information about the security mailing list