pidgin: b9e212da: Fix a potential null pointer dereference...
markdoliner at pidgin.im
markdoliner at pidgin.im
Tue Jun 7 05:06:00 EDT 2011
----------------------------------------------------------------------
Revision: b9e212da7b6be83dc98389e7c99c7d423b8b595d
Parent: 51986df4594dc8bf393f2697a4ef561167cbdcf0
Author: markdoliner at pidgin.im
Date: 06/07/11 04:13:59
Branch: im.pidgin.pidgin
URL: http://d.pidgin.im/viewmtn/revision/info/b9e212da7b6be83dc98389e7c99c7d423b8b595d
Changelog:
Fix a potential null pointer dereference in the MSN protocol, discovered
by Marius Wachtler and reported to security at pidgin.im on March 22nd.
This one is kinda rare, and requires someone to perform a man-in-the-middle
attack in order to cause the crash. So we're not going to go through the
CVE process for it (at least... probably not).
Changes against parent 51986df4594dc8bf393f2697a4ef561167cbdcf0
patched libpurple/protocols/msn/httpconn.c
-------------- next part --------------
============================================================
--- libpurple/protocols/msn/httpconn.c f3ca08ffa5671a256777e2791c1c2bd7307744cb
+++ libpurple/protocols/msn/httpconn.c 6bfb5c975be23a647a5f61f0e15174adddb30ea6
@@ -217,7 +217,7 @@ msn_httpconn_parse_data(MsnHttpConn *htt
g_free(tmp);
- t = strchr(full_session_id, '.');
+ t = full_session_id ? strchr(full_session_id, '.') : NULL;
if (t != NULL)
session_id = g_strndup(full_session_id, t - full_session_id);
else {
More information about the Commits
mailing list