--- a/libpurple/protocols/oscar/family_auth.c Thu May 03 08:36:47 2012 +0000
+++ b/libpurple/protocols/oscar/family_auth.c Thu May 03 09:28:11 2012 +0000
@@ -27,6 +27,7 @@
+#include "oscarcommon.h" @@ -506,14 +507,29 @@
keyparse(OscarData *od, FlapConnection *conn, aim_module_t *mod, FlapFrame *frame, aim_modsnac_t *snac, ByteStream *bs)
- aim_rxcallback_t userfunc;
+ PurpleAccount *account; + ClientInfo aiminfo = CLIENTINFO_PURPLE_AIM; + ClientInfo icqinfo = CLIENTINFO_PURPLE_ICQ; + account = purple_connection_get_account(gc); keylen = byte_stream_get16(bs);
keystr = byte_stream_getstr(bs, keylen);
+ if (!g_utf8_validate(keystr, -1, NULL)) { + purple_debug_warning("oscar", "Received SNAC %04hx/%04hx with " + "invalid UTF-8 keystr.\n", snac->family, snac->subtype); + purple_connection_error(gc, PURPLE_CONNECTION_ERROR_OTHER_ERROR, + _("Received unexpected response from server")); tlvlist = aim_tlvlist_read(bs);
@@ -527,13 +543,18 @@
* for the netscape network. This SNAC had a type 0x0058 TLV with length 10.
* Data is 0x0007 0004 3e19 ae1e 0006 0004 0000 0005 */
- if ((userfunc = aim_callhandler(od, snac->family, snac->subtype)))
- ret = userfunc(od, conn, frame, keystr, (int)truncate_pass);
+ aim_send_login(od, conn, purple_account_get_username(account), + purple_connection_get_password(gc), truncate_pass, + od->icq ? &icqinfo : &aiminfo, keystr, + purple_account_get_bool(account, "allow_multiple_logins", OSCAR_DEFAULT_ALLOW_MULTIPLE_LOGINS)); + purple_connection_update_progress(gc, + _("Password sent"), 2, OSCAR_CONNECT_STEPS); aim_tlvlist_free(tlvlist);
--- a/libpurple/protocols/oscar/family_bart.c Thu May 03 08:36:47 2012 +0000
+++ b/libpurple/protocols/oscar/family_bart.c Thu May 03 09:28:11 2012 +0000
@@ -143,6 +143,12 @@
guint8 iconcsumtype, iconcsumlen, *iconcsum, *icon;
bn = byte_stream_getstr(bs, byte_stream_get8(bs));
+ if (!g_utf8_validate(bn, -1, NULL)) { + purple_debug_warning("oscar", "Received SNAC %04hx/%04hx with " + "invalid UTF-8 buddy name.\n", snac->family, snac->subtype); flags = byte_stream_get16(bs);
iconcsumtype = byte_stream_get8(bs);
iconcsumlen = byte_stream_get8(bs);
--- a/libpurple/protocols/oscar/family_icbm.c Thu May 03 08:36:47 2012 +0000
+++ b/libpurple/protocols/oscar/family_icbm.c Thu May 03 09:28:11 2012 +0000
@@ -2095,6 +2095,12 @@
channel = byte_stream_get16(bs);
bnlen = byte_stream_get8(bs);
bn = byte_stream_getstr(bs, bnlen);
+ if (!g_utf8_validate(bn, -1, NULL)) { + purple_debug_warning("oscar", "Received SNAC %04hx/%04hx with " + "invalid UTF-8 buddy name.\n", snac->family, snac->subtype); event = byte_stream_get16(bs);
if ((userfunc = aim_callhandler(od, snac->family, snac->subtype)))
--- a/libpurple/protocols/oscar/oscar.c Thu May 03 08:36:47 2012 +0000
+++ b/libpurple/protocols/oscar/oscar.c Thu May 03 09:28:11 2012 +0000
@@ -55,8 +55,6 @@
#define AIMHASHDATA "http://pidgin.im/aim_data.php3"
-#define OSCAR_CONNECT_STEPS 6
static guint64 purple_caps =
| OSCAR_CAPABILITY_BUDDYICON
@@ -89,7 +87,6 @@
/* Only used when connecting with the old-style BUCP login */
static int purple_parse_auth_resp (OscarData *, FlapConnection *, FlapFrame *, ...);
-static int purple_parse_login (OscarData *, FlapConnection *, FlapFrame *, ...);
static int purple_parse_auth_securid_request(OscarData *, FlapConnection *, FlapFrame *, ...);
static int purple_handle_redirect (OscarData *, FlapConnection *, FlapFrame *, ...);
@@ -673,7 +670,6 @@
/* These are only needed when connecting with the old-style BUCP login */
oscar_data_addhandler(od, SNAC_FAMILY_AUTH, 0x0003, purple_parse_auth_resp, 0);
- oscar_data_addhandler(od, SNAC_FAMILY_AUTH, 0x0007, purple_parse_login, 0);
oscar_data_addhandler(od, SNAC_FAMILY_AUTH, SNAC_SUBTYPE_AUTH_SECURID_REQUEST, purple_parse_auth_securid_request, 0);
oscar_data_addhandler(od, SNAC_FAMILY_BART, SNAC_SUBTYPE_BART_RESPONSE, purple_icon_parseicon, 0);
@@ -1232,38 +1228,6 @@
- * Only used when connecting with the old-style BUCP login.
-purple_parse_login(OscarData *od, FlapConnection *conn, FlapFrame *fr, ...)
- PurpleAccount *account;
- ClientInfo aiminfo = CLIENTINFO_PURPLE_AIM;
- ClientInfo icqinfo = CLIENTINFO_PURPLE_ICQ;
- gboolean truncate_pass;
- account = purple_connection_get_account(gc);
- key = va_arg(ap, char *);
- truncate_pass = va_arg(ap, int);
- aim_send_login(od, conn, purple_account_get_username(account),
- purple_connection_get_password(gc), truncate_pass,
- od->icq ? &icqinfo : &aiminfo, key,
- purple_account_get_bool(account, "allow_multiple_logins", OSCAR_DEFAULT_ALLOW_MULTIPLE_LOGINS));
- purple_connection_update_progress(gc, _("Password sent"), 2, OSCAR_CONNECT_STEPS);
purple_handle_redirect(OscarData *od, FlapConnection *conn, FlapFrame *fr, ...)
--- a/libpurple/protocols/oscar/oscar.h Thu May 03 08:36:47 2012 +0000
+++ b/libpurple/protocols/oscar/oscar.h Thu May 03 09:28:11 2012 +0000
@@ -114,6 +114,8 @@
#define AIM_MD5_STRING "AOL Instant Messenger (SM)"
+#define OSCAR_CONNECT_STEPS 6 * Client info. Filled in by the client and passed in to
* aim_send_login(). The information ends up getting passed to OSCAR