qulogic/pidgin

Merge TALOS-CAN-0119
release-2.x.y
2016-06-12, Gary Kramlich
1a892845935f
Parents 5077da39b6debc8fc1061ac2
Children c5f640eaff47
Merge TALOS-CAN-0119
2 files changed, 5 insertions(+), 3 deletions(-)
  • +2 -0
    ChangeLog
  • +3 -3
    libpurple/protocols/mxit/http.c
    • --- a/ChangeLog Sun Jun 12 22:02:24 2016 -0500
    +++ b/ChangeLog Sun Jun 12 22:06:26 2016 -0500
    @@ -22,6 +22,8 @@
    Talos. (TALOS-CAN-0138, TALOS-CAN-0135)
    * Fixed an invalid read. Discovered by Yves Younan of Cisco Talos
    (TALOS-CAN-0118)
    + * Fixed a remote buffer overflow vulnerability. Discovered by Yves
    + Younan of Cisco Talos. (TALOS-CAN-0119)
    version 2.10.12 (12/31/15):
    General:
    --- a/libpurple/protocols/mxit/http.c Sun Jun 12 22:02:24 2016 -0500
    +++ b/libpurple/protocols/mxit/http.c Sun Jun 12 22:06:26 2016 -0500
    @@ -97,9 +97,9 @@
    {
    struct MXitSession* session = (struct MXitSession*) user_data;
    char buf[256];
    - int buflen;
    + unsigned int buflen;
    char* body;
    - int bodylen;
    + unsigned int bodylen;
    char* ch;
    int len;
    char* tmp;
    @@ -182,7 +182,7 @@
    goto done;
    }
    tmp = g_strndup( ch, tmp - ch );
    - bodylen = atoi( tmp );
    + bodylen = strtoul( tmp, NULL, 10 );
    g_free( tmp );
    tmp = NULL;