[Pidgin] #14682: Segfault in g_markup_escape_text when receiving autorization denied message
Pidgin
trac at pidgin.im
Thu Dec 15 11:44:23 EST 2011
#14682: Segfault in g_markup_escape_text when receiving autorization denied message
-------------------------+--------------------------------------------------
Reporter: evgenyboger | Owner: MarkDoliner
Type: patch | Status: closed
Milestone: 2.10.1 | Component: ICQ
Version: 2.7.11 | Resolution: fixed
Keywords: |
-------------------------+--------------------------------------------------
Comment(by thijsalkemade at gmail.com):
(In [e135769d57c55a9ec473ff0537f6eb62c0575408]):[[BR]]
*** Plucked rev 757272a78a8ca6027d518e614712c3399e34dda3
(markdoliner at pidgin.im):
Fix remotely-triggerable crashes by validating strings in a few
messages related to buddy list management. Fixes #14682
I changed the four functions that parse incoming authorization-related
SNACs. The changes are:
- Make sure we have a buddy name and it is valid UTF-8. If not, we
drop the SNAC and log a debug message (we can't do much with an empty,
invalid or incorrect buddy name). This wasn't a part of the bug
report and I doubt it's actually a problem, but it seems like a good
idea regardless.
- If the incoming message is not valid UTF-8 then use
purple_utf8_salvage() to replace invalid bytes with question marks. I
believe this fixes the bug in question.
--
Ticket URL: <http://developer.pidgin.im/ticket/14682#comment:5>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list