HGKeeper

Patch submitted to gaim-devel...
oldstatus
2005-07-25, Richard Laager

fad67df529e4

Parents 082bd8d4e408
Children 44fc3c6c1a91

Patch submitted to gaim-devel...

"Marcin Owsiany sent you a draft advisory regarding multiple libgadu
vulnerabilities. "Fortunately" gaim contains an extremely old version of
libgadu and is affected only by memory alignment bug, which cannot be
exploited on x86. No other critical vulnerabilities are known in gaim's
version of libgadu.

You'll find the patch in attachment.

Regards,
Wojtek Kaniewski
ekg/libgadu maintainer"

1 files changed, 5 insertions(+), 2 deletions(-)

+5 -2

src/protocols/gg/libgg.c

~~--- a/src/protocols/gg/libgg.c Sun Jul 24 15:27:39 2005 -0400~~

+++ b/src/protocols/gg/libgg.c Mon Jul 25 17:21:02 2005 -0400

@@ -1098,8 +1098,11 @@

e->event.status60.descr = buf;

~~- if (len > 4 && p[h->length - 5] == 0)~~

~~- e->event.status60.time = *((int*) (p + h->length - 4));~~

+ if (len > 4 && p[h->length - 5] == 0) {

+ uint32_t t;

+ memcpy(&t, p + h->length - 4, sizeof(uint32_t));

+ e->event.status60.time = t;

+ }

}

break;

gaim/gaim