pidgin/pidgin

Fix an out of bounds write in purple_markup_linkify.
release-2.x.y
2021-07-08, Gary Kramlich
71df0a528a5a
Parents aabad5c7d76c
Children 7f87a83083b0
Fix an out of bounds write in purple_markup_linkify.

This was found by Thomas Roth , Dominik Maier
, and Fabian Freyer .

Testing Done:
Compiled and ran the `purple_markup_linkify_fuzzer` from the google oss-fuzz project to verify the fix.

Reviewed at https://reviews.imfreedom.org/r/781/
--- a/libpurple/util.c Thu Jul 08 19:19:47 2021 -0500
+++ b/libpurple/util.c Thu Jul 08 19:33:19 2021 -0500
@@ -2286,8 +2286,9 @@
/* strip off trailing periods */
if (strlen(url_buf) > 0) {
- for (d = url_buf + strlen(url_buf) - 1; *d == '.'; d--, t--)
+ for (d = url_buf + strlen(url_buf) - 1; (d >= url_buf) && (*d == '.'); d--, t--) {
*d = '\0';
+ }
}
tmpurlbuf = purple_unescape_html(url_buf);