hugo/content/about/security/advisories/independent-20041019-01.md@8400662befb3
hugo/content/about/security/advisories/independent-20041019-01.md
Fri, 28 Feb 2025 00:58:39 -0600
- author
- Gary Kramlich <grim@reaperworld.com>
- date
- Fri, 28 Feb 2025 00:58:39 -0600
- changeset 547
- 8400662befb3
- parent 365
- 7571fe2f78df
- permissions
- -rw-r--r--
Add the Meshtastic plugin
I meant to add this awhile ago but somehow missed it.
Testing Done:
Ran `npm run hugo:server` and verified the plugin showed up.
Reviewed at https://reviews.imfreedom.org/r/3861/
--- title: independent-20041019-01 date: 2004-10-19T00:00:00.000Z summary: MSN SLP DOS (malloc error) discoveredBy: Gaim fixedInRelease: 1.0.2 type: security layout: cve hidden: true --- ### Description Remote crash. Gaim allocates a buffer for the payload of each message received based on the size field in the header of the message. A malicious peer could specify an invalid size that exceeds the amount of available memory. ### Mitigation Replace call to `g_malloc()` with call to `g_try_malloc()`. If the memory could not be allocated the function returns instead of causing the application to crash.
