Mercurial > pidgin.yaz
comparison libpurple/protocols/msn/nexus.c @ 28875:8464e695c62b
Fixes a bad MSN bug where passwords with multi-byte utf8 characters near
the 16 byte mark would cause a segmentation fault due to chopping the
multi-byte character and turning the string into invalidate utf8.
Thanks to Shaun Lindsay at Meebo for tracking this down and fixing it.
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Wed, 04 Nov 2009 18:41:21 +0000 |
| parents | 428d85859b4e |
| children | e77894113a14 |
comparison
equal
deleted
inserted
replaced
| 28789:e7bb163434c7 | 28875:8464e695c62b |
|---|---|
| 397 purple_debug_info("msn", "Starting Windows Live ID authentication\n"); | 397 purple_debug_info("msn", "Starting Windows Live ID authentication\n"); |
| 398 msn_session_set_login_step(session, MSN_LOGIN_STEP_GET_COOKIE); | 398 msn_session_set_login_step(session, MSN_LOGIN_STEP_GET_COOKIE); |
| 399 | 399 |
| 400 username = purple_account_get_username(session->account); | 400 username = purple_account_get_username(session->account); |
| 401 password = purple_connection_get_password(session->account->gc); | 401 password = purple_connection_get_password(session->account->gc); |
| 402 password_xml = g_markup_escape_text(password, MIN(strlen(password), 16)); | 402 if (g_utf8_strlen(password, -1) > 16) { |
| 403 /* max byte size for 16 utf8 characters is 64 + 1 for the null */ | |
| 404 gchar truncated[65]; | |
| 405 g_utf8_strncpy(truncated, password, 16); | |
| 406 password_xml = g_markup_escape_text(truncated, -1); | |
| 407 } else { | |
| 408 password_xml = g_markup_escape_text(password, -1); | |
| 409 } | |
| 403 | 410 |
| 404 purple_debug_info("msn", "Logging on %s, with policy '%s', nonce '%s'\n", | 411 purple_debug_info("msn", "Logging on %s, with policy '%s', nonce '%s'\n", |
| 405 username, nexus->policy, nexus->nonce); | 412 username, nexus->policy, nexus->nonce); |
| 406 | 413 |
| 407 domains = g_string_new(NULL); | 414 domains = g_string_new(NULL); |