Remote exploitable crash on win32
Eion Robb
eion at robbmob.com
Wed Jan 18 00:29:35 EST 2012
Just now was a user in #pidgin who managed to trigger a remote crash on my
windows system through what looks like a Pango glyph error. I've attached
the html file (renamed as htmlx since viewing the history caused crashes
too) of the log that was causing the crashes.
Nothing appears in the Pidgin crash RPT dump file but there is a single
line in the debug log:
Pango:ERROR:basic-win32.c:485:convert_log_clusters_to_byte_offsets:
assertion failed: (glyphs->log_clusters[glyphix] < n_chars)
In the html log file, there appears to be an invisible character on line 9
at offset 81
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20120118/f44e846e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2012-01-18.171008+1300NZDT.htmlx
Type: application/octet-stream
Size: 1503 bytes
Desc: not available
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20120118/f44e846e/attachment.obj>
More information about the security
mailing list