[Pidgin] #14682: Segfault in g_markup_escape_text when receiving autorization denied message

Pidgin trac at pidgin.im
Sat Dec 10 14:54:16 EST 2011


#14682: Segfault in g_markup_escape_text when receiving autorization denied message
-------------------------+--------------------------------------------------
 Reporter:  evgenyboger  |        Owner:  MarkDoliner
     Type:  patch        |       Status:  closed     
Milestone:  2.10.1       |    Component:  ICQ        
  Version:  2.7.11       |   Resolution:  fixed      
 Keywords:               |  
-------------------------+--------------------------------------------------
Changes (by markdoliner at pidgin.im):

  * status:  new => closed
  * resolution:  => fixed
  * milestone:  => 2.10.1


Comment:

 (In [757272a78a8ca6027d518e614712c3399e34dda3]):[[BR]]
 Fix remotely-triggerable crashes by validating strings in a few
 messages related to buddy list management.  Fixes #14682

 I changed the four functions that parse incoming authorization-related
 SNACs.  The changes are:

 - Make sure we have a buddy name and it is valid UTF-8.  If not, we
   drop the SNAC and log a debug message (we can't do much with an empty,
   invalid or incorrect buddy name).  This wasn't a part of the bug
   report and I doubt it's actually a problem, but it seems like a good
   idea regardless.

 - If the incoming message is not valid UTF-8 then use
   purple_utf8_salvage() to replace invalid bytes with question marks.  I
   believe this fixes the bug in question.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/14682#comment:3>
Pidgin <http://pidgin.im>
Pidgin


More information about the Tracker mailing list