pidgin.2.5.5.veracode: 5de39b14: Prevent a NUL ptr deref caused by a malf...
datallah at pidgin.im
datallah at pidgin.im
Thu May 14 17:36:33 EDT 2009
-----------------------------------------------------------------
Revision: 5de39b1419de0a9a28ed05337206a356500c5581
Ancestor: 923515782d44c610768493eed9ddf3664c195b21
Author: datallah at pidgin.im
Date: 2009-05-02T19:39:45
Branch: im.pidgin.pidgin.2.5.5.veracode
URL: http://d.pidgin.im/viewmtn/revision/info/5de39b1419de0a9a28ed05337206a356500c5581
Modified files:
libpurple/protocols/msn/httpconn.c
ChangeLog:
Prevent a NUL ptr deref caused by a malformed session_id.
This came out of the veracode analysis.
-------------- next part --------------
============================================================
--- libpurple/protocols/msn/httpconn.c 95775bac8ce400e3d4c8befd69789162ba9580ae
+++ libpurple/protocols/msn/httpconn.c 3d00fc165bbdee5697b5aa212f9353d9a913d37a
@@ -219,7 +219,13 @@ msn_httpconn_parse_data(MsnHttpConn *htt
g_free(tmp);
t = strchr(full_session_id, '.');
- session_id = g_strndup(full_session_id, t - full_session_id);
+ if (t != NULL)
+ session_id = g_strndup(full_session_id, t - full_session_id);
+ else {
+ purple_debug_error("msn", "Malformed full_session_id[%s]\n",
+ full_session_id ? full_session_id : NULL);
+ session_id = g_strdup(full_session_id);
+ }
if (session_action == NULL || strcmp(session_action, "close") != 0)
{
More information about the Commits
mailing list