--- a/ChangeLog Thu Jan 16 13:02:42 2014 +0100
+++ b/ChangeLog Sat Jan 18 09:01:20 2014 -0800
@@ -95,6 +95,8 @@
matches the 'to' address of the iq request. (Discovered by Fabian
Yamaguchi and Christian Wressnegger of the University of Goettingen)
+ * Fix crash on some systems when receiving fake delay timestamps with + extreme values. (Discovered by Jaime Breva Ribes) (CVE-2013-6477) * Fix possible crash or other erratic behavior when selecting a very
small file for your own buddy icon.
* Fix crash if the user tries to initiate a voice/video session with a
--- a/libpurple/conversation.c Thu Jan 16 13:02:42 2014 +0100
+++ b/libpurple/conversation.c Sat Jan 18 09:01:20 2014 -0800
@@ -1551,6 +1551,14 @@
if (purple_conv_chat_is_user_ignored(chat, who))
+ purple_debug_error("conversation", + "purple_conv_chat_write ignoring negative timestamp\n"); + /* TODO: Would be more appropriate to use a value that indicates + that the timestamp is unknown, and surface that in the UI. */ if (!(flags & PURPLE_MESSAGE_WHISPER)) {
--- a/libpurple/log.c Thu Jan 16 13:02:42 2014 +0100
+++ b/libpurple/log.c Sat Jan 18 09:01:20 2014 -0800
@@ -753,7 +753,7 @@
show_date = (log->type == PURPLE_LOG_SYSTEM) || (time(NULL) > when + 20*60);
@@ -763,11 +763,11 @@
- tm = *(localtime(&when));
- return g_strdup(purple_date_format_long(&tm));
+ return g_strdup(purple_date_format_long(tm)); - return g_strdup(purple_time_format(&tm));
+ return g_strdup(purple_time_format(tm)); /* NOTE: This can return msg (which you may or may not want to g_free())
--- a/libpurple/server.c Thu Jan 16 13:02:42 2014 +0100
+++ b/libpurple/server.c Sat Jan 18 09:01:20 2014 -0800
@@ -567,6 +567,14 @@
account = purple_connection_get_account(gc);
+ purple_debug_error("server", + "serv_got_im ignoring negative timestamp\n"); + /* TODO: Would be more appropriate to use a value that indicates + that the timestamp is unknown, and surface that in the UI. */ * XXX: Should we be setting this here, or relying on prpls to set it?
@@ -905,6 +913,14 @@
g_return_if_fail(who != NULL);
g_return_if_fail(message != NULL);
+ purple_debug_error("server", + "serv_got_chat_in ignoring negative timestamp\n"); + /* TODO: Would be more appropriate to use a value that indicates + that the timestamp is unknown, and surface that in the UI. */ for (bcs = g->buddy_chats; bcs != NULL; bcs = bcs->next) {
conv = (PurpleConversation *)bcs->data;