hugo/content/about/security/advisories/independent-20040826-00.md

Wed, 22 Jan 2025 21:35:51 -0600

author
Gary Kramlich <grim@reaperworld.com>
date
Wed, 22 Jan 2025 21:35:51 -0600
changeset 546
c30ec89f7dd7
parent 365
7571fe2f78df
permissions
-rw-r--r--

Updates for the 2.14.14 release

Testing Done:
Ran `npm run hugo:server` and verified the download links and changelog were displayed properly.

Reviewed at https://reviews.imfreedom.org/r/3782/

---
title: independent-20040826-00
date: 2004-08-26T00:00:00.000Z
cveNumber:
talosReportId:
summary: Content-length DOS (malloc error)
discoveredBy: Sean (infamous42md)
fixedInRelease: 0.82
type: security
layout: cve
hidden: true
---

### Description

Remote crash.  When a remote server provides a large `content-length` header
value, Gaim will attempt to allocate a buffer to store the content, however
this allocation attempt will cause Gaim to crash if the length exceeds the
amount of possible memory.  This happens when reading profile information on
some protocols.  It also happens when smiley themes are installed via drag and
drop.

### Mitigation

The call to `g_malloc()` was replaced with a call to `g_try_malloc()`.  If the
memory could not be allocated the function returns instead of causing the
application to crash.

mercurial