(Possible) Null pointer deref in oscar protocol may cause pidgin to crash

Huzaifa Sidhpurwala huzaifas at redhat.com
Mon Mar 26 01:42:43 EDT 2012

Hi Folks,

I was looking through pidgin (2.10-2) code and i found i possible null
pointer deref, not sure if it can be reached via malicious input, but
it does seem likely to me,

In oscar/family_locate.c:1347

1347 aim_locate_setcaps(OscarData *od, guint64 caps)
1348 {
1349         FlapConnection *conn;
1350         PurpleAccount *account = purple_connection_get_account(od->gc);
1358         if (!od || !(conn = flap_connection_findbygroup(od, 
1359                 return -EINVAL;

Here on line 1350 od is referenced and then later at 1358 od is checked
if its null,

Looking at the callers of aim_locate_setcaps, there seems to be a 
possibility that "od" can be actually NULL, if this is the case,
it will cause pidgin to crash.


Huzaifa Sidhpurwala / Red Hat Security Response Team

More information about the security mailing list