[Pidgin] #14682: Segfault in g_markup_escape_text when receiving autorization denied message
Pidgin
trac at pidgin.im
Sat Dec 10 14:54:16 EST 2011
#14682: Segfault in g_markup_escape_text when receiving autorization denied message
-------------------------+--------------------------------------------------
Reporter: evgenyboger | Owner: MarkDoliner
Type: patch | Status: closed
Milestone: 2.10.1 | Component: ICQ
Version: 2.7.11 | Resolution: fixed
Keywords: |
-------------------------+--------------------------------------------------
Changes (by markdoliner at pidgin.im):
* status: new => closed
* resolution: => fixed
* milestone: => 2.10.1
Comment:
(In [757272a78a8ca6027d518e614712c3399e34dda3]):[[BR]]
Fix remotely-triggerable crashes by validating strings in a few
messages related to buddy list management. Fixes #14682
I changed the four functions that parse incoming authorization-related
SNACs. The changes are:
- Make sure we have a buddy name and it is valid UTF-8. If not, we
drop the SNAC and log a debug message (we can't do much with an empty,
invalid or incorrect buddy name). This wasn't a part of the bug
report and I doubt it's actually a problem, but it seems like a good
idea regardless.
- If the incoming message is not valid UTF-8 then use
purple_utf8_salvage() to replace invalid bytes with question marks. I
believe this fixes the bug in question.
--
Ticket URL: <http://developer.pidgin.im/ticket/14682#comment:3>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list