[Pidgin] #15289: exchndl.dll issues
Pidgin
trac at pidgin.im
Mon Aug 27 07:23:53 EDT 2012
#15289: exchndl.dll issues
----------------------+-----------------------------------------------------
Reporter: ioerror | Owner: datallah
Type: defect | Status: new
Milestone: | Component: winpidgin (gtk)
Version: 2.10.6 | Resolution:
Keywords: security |
----------------------+-----------------------------------------------------
Comment(by datallah):
Replying to [comment:5 ioerror]:
> I think LoadLibrary vulnerable to CVE-2010-x+n but I don't see an
obvious way to exploit it. That is a classic problem with CVE-2010-x+n, of
course.
>
> I'm not sure about [_tcsrchr] but I'm sure ultramegaman will let us know
if it is an issue.
>
> Regarding rprintf(), yes, I think I agree regarding the ability to
overflow the static buffer. That can be easily fixed by checking the
length of the string.
>
> I'd probably just rewrite a lot of the possibly problematic code to be
safe. I opened this ticket with the developers:
http://code.google.com/p/jrfonseca/issues/detail?id=73
If you were to do that, that would certainly be welcome.
> As I'm still not sure of the final file's contents, I'm not clear if
this would be a CVE only for exchndl.dll proper or both exchndl.dll and
pidgin's derivative exchndl.dll. I think it is in both - though it isn't
clear in what scenarios it would be exploitable by a malicious party, so
it isn't terribly critical for all issues. Though the rprintf() issue
seems like it will be triggered exactly when a malicious attacker has
taken it upon themselves to mess with things...
The source of the exchndl.dll that we distribute is the
[https://code.google.com/p/jrfonseca.drmingw/ upstream git repo] at
revision db7edd55a561, with the `exchndl_daa4.diff` patch in
[http://developer.pidgin.im/static/win32/pidgin-inst-deps-20100315.tar.gz
pidgin-inst-deps-20100315.tar.gz] applied.
--
Ticket URL: <http://developer.pidgin.im/ticket/15289#comment:6>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list