[Pidgin] #8672: resolver can sigabort trying to allocate a large amount of memory
Pidgin
trac at pidgin.im
Sat Mar 14 20:51:10 EDT 2009
#8672: resolver can sigabort trying to allocate a large amount of memory
------------------------+---------------------------------------------------
Reporter: paul.m | Type: defect
Status: new | Component: libpurple
Version: 2.5.5 | Keywords: resolver
Launchpad_bug: |
------------------------+---------------------------------------------------
A failed write call in write_to_parent (dnsquery.c:176) can cause the
host_resolved function to read wrong data (dnsquery.c:576) and use that
data as argument to g_malloc, causing a sigabort.
More exactly, it seems that if the write fails (or 0 bytes are written) it
is not retried nor the error is set accordingly in write_to_parent, called
by purple_dnsquery_resolver_run (dnsquery.c:576)
write_to_parent(child_out, &ai_addrlen, sizeof(ai_addrlen));
The read of err at dnsquery.c:561 succeeds (err equals 0) as it only
indicates the return value of getaddrinfo (dnsquery.c:259)
--
Ticket URL: <http://developer.pidgin.im/ticket/8672>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list