[Pidgin] #15755: Adium crash as a result of bug in purple_xfer_set_local_filename

Pidgin trac at pidgin.im
Sat Sep 14 12:05:16 EDT 2013 

#15755: Adium crash as a result of bug in purple_xfer_set_local_filename
--------------------+------------------------
 Reporter:  fain    |       Owner:
     Type:  patch   |      Status:  pending
Milestone:          |   Component:  libpurple
  Version:  2.10.7  |  Resolution:
 Keywords:          |
--------------------+------------------------
Description changed by Robby:

Old description:

> purple_xfer_set_local_filename (in libpurple/ft.c) frees the
> "xfer->local_filename" before setting it to the passed-in value. However,
> if the passed-in "filename" is the same pointer as local_filename, the
> string will be nil and the app will crash under libgmalloc (see:
> https://trac.adium.im/ticket/16352#no1 ). The fix is simple: just check
> if the pointer values are equal, and if so, don't free the old string and
> copy the new one.
>
> basically the new function should look like:
>
> void
> purple_xfer_set_local_filename(PurpleXfer *xfer, const char *filename)
> {
>         g_return_if_fail(xfer != NULL);
>
>         if (filename != xfer->local_filename) {
>                 g_free(xfer->local_filename);
>                 xfer->local_filename = g_strdup(filename);
>         }
> }
>

> A lot of the functions in this file have this problem, so it might be
> worth running through it.

New description:

 purple_xfer_set_local_filename (in libpurple/ft.c) frees the
 "xfer->local_filename" before setting it to the passed-in value. However,
 if the passed-in "filename" is the same pointer as local_filename, the
 string will be nil and the app will crash under libgmalloc (see:
 https://trac.adium.im/ticket/16352#no1 ). The fix is simple: just check if
 the pointer values are equal, and if so, don't free the old string and
 copy the new one.

 basically the new function should look like:

 {{{
 void
 purple_xfer_set_local_filename(PurpleXfer *xfer, const char *filename)
 {
         g_return_if_fail(xfer != NULL);

         if (filename != xfer->local_filename) {
                 g_free(xfer->local_filename);
                 xfer->local_filename = g_strdup(filename);
         }
 }
 }}}

 A lot of the functions in this file have this problem, so it might be
 worth running through it.

--

-- 
Ticket URL: <https://developer.pidgin.im/ticket/15755#comment:3>
Pidgin <http://pidgin.im>
Pidgin

More information about the Tracker mailing list