pidgin/android/libpurple

Bounds check an OSCAR normalization. (EFF)

2011-08-11, Ethan Blanton
c45bf1739fea
Parents a577544f30d7
Children 4f4a9244be96
Bounds check an OSCAR normalization. (EFF)
1 files changed, 4 insertions(+), 1 deletions(-)
  • +4 -1
    libpurple/protocols/oscar/oscar.c
    • --- a/libpurple/protocols/oscar/oscar.c Thu Aug 11 16:13:15 2011 +0000
    +++ b/libpurple/protocols/oscar/oscar.c Thu Aug 11 16:17:29 2011 +0000
    @@ -5651,7 +5651,10 @@
    tmp1 = g_utf8_strdown(buf, -1);
    tmp2 = g_utf8_normalize(tmp1, -1, G_NORMALIZE_DEFAULT);
    - strcpy(buf, tmp2);
    + if (strlen(tmp2) > sizeof(buf) - 1) {
    + purple_debug_error("oscar", "normalized string exceeds buffer length!\n");
    + }
    + g_strlcpy(buf, tmp2, sizeof(buf));
    g_free(tmp2);
    g_free(tmp1);