qulogic/pidgin
Clone
Summary
Browse
Changes
Graph
Merge TALOS-CAN-0119
release-2.x.y
2016-06-12, Gary Kramlich
1a892845935f
Parents
5077da39b6de
bc8fc1061ac2
Children
c5f640eaff47
Merge TALOS-CAN-0119
2 files changed, 5 insertions(+), 3 deletions(-)
+2
-0
ChangeLog
+3
-3
libpurple/protocols/mxit/http.c
--- a/ChangeLog Sun Jun 12 22:02:24 2016 -0500
+++ b/ChangeLog Sun Jun 12 22:06:26 2016 -0500
@@ -22,6 +22,8 @@
Talos. (TALOS-CAN-0138, TALOS-CAN-0135)
* Fixed an invalid read. Discovered by Yves Younan of Cisco Talos
(TALOS-CAN-0118)
+ * Fixed a remote buffer overflow vulnerability. Discovered by Yves
+ Younan of Cisco Talos. (TALOS-CAN-0119)
version 2.10.12 (12/31/15):
General:
--- a/libpurple/protocols/mxit/http.c Sun Jun 12 22:02:24 2016 -0500
+++ b/libpurple/protocols/mxit/http.c Sun Jun 12 22:06:26 2016 -0500
@@ -97,9 +97,9 @@
{
struct MXitSession* session = (struct MXitSession*) user_data;
char buf[256];
- int buflen;
+ unsigned int buflen;
char* body;
- int bodylen;
+ unsigned int bodylen;
char* ch;
int len;
char* tmp;
@@ -182,7 +182,7 @@
goto done;
}
tmp = g_strndup( ch, tmp - ch );
- bodylen = atoi( tmp );
+ bodylen = strtoul( tmp, NULL, 10 );
g_free( tmp );
tmp = NULL;