[Pidgin] #13034: a potential buffer overflow in msn
Pidgin
trac at pidgin.im
Thu Dec 2 21:56:29 EST 2010
#13034: a potential buffer overflow in msn
-----------------------------------+----------------------------------------
Reporter: underground-stockholm | Owner: QuLogic
Type: defect | Status: new
Component: MSN | Version: 2.7.7
Keywords: crash buffer-overflow |
-----------------------------------+----------------------------------------
Hello,
I think I have found a potential buffer overflow in pidgin, where it will
write outside of allocated memory in certain cases.
The function encode_spaces() in libpurple/protocols/msn/msnutils.c has a
fixed size buffer called buf, and it will be used to store data of up to
three times the length of the input in str.
-- Frank | [http://underground-stockholm.com/ Underground Stockholm]
--
Ticket URL: <http://developer.pidgin.im/ticket/13034>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list