Overflow bug

Anderz Olsson anderz.olsson at gmail.com
Thu Nov 8 18:44:36 EST 2012


Thanks for giving us a great free IM client, that works on all
different kind of OS that I'm using.

I have found a bug though. I fell asleep and my wireless keyboard
pressed a key in an open chat (by some of all crap that is lying
around inhere), and when I woke up, i saw that the person I talked to
had answered, but when I tried to read it (by pressing ctrl+a iin my
text box, that was totally filled with a character due to the crap
that pressed a button for a "while"). As soon as I deleted
"ZZZZZZZZZZZZZZZZZZZZ ..." by selecting all my chars, all history in
the conversation was lost.

So I missed the important answer because I deleted the overflow of
chars in my text window.

Because I know some programming, I know it is a bug. I use Pidgin for
conversations and if I cannot read them due to a fault in the handling
of the amount of chars in my text box, it is for sure a bug. Whether
the bug lays in my operating system or in pidgin, i don't know. But if
pidgin produced this you for sure need to fix it. Maybe it's not a bug
in terms of security (despite the fact that the written respons I
really needed got lost as soon as I deleted my text), but maybe it's
insecure technically speaking, because the code couldn't handle an
overflow in a textbox. I'd call it a potential security threat. In any
case, I'd wish you fix it. For sure, I could try to fix it myself, if
I had time for it.

System: PC, Win6.1, Pidgin 2.10.6 (libpurple 2.10.6) (portable)

I'll attach debug.log, but it doesn't say much.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: debug.log
Type: application/octet-stream
Size: 790 bytes
Desc: not available
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20121109/94e1e68f/attachment.obj>

More information about the security mailing list