pidgin.yaz: libpurple/protocols/msn/slpmsg

Add a maximum length when parsing the P2P wire data.

author	Elliott Sales de Andrade <qulogic@pidgin.im>
date	Thu, 10 Mar 2011 05:00:17 +0000
parents	9562a7baa9e4
children	eb1bbaae3427

comparison

equal deleted inserted replaced

-:a01d958f7b26
+:8cf9270acf4c
 {
 	MsnSlpMessagePart *part;
 	part = g_new0(MsnSlpMessagePart, 1);
-	if (info)
+	part->info = info;
-		part->info = msn_p2p_info_dup(info);
 	part->ack_cb = msn_slpmsgpart_ack;
 	part->nak_cb = msn_slpmsgpart_nak;
 	return msn_slpmsgpart_ref(part);
 }
 MsnSlpMessagePart *msn_slpmsgpart_new_from_data(const char *data, size_t data_len)
 {
 	MsnSlpMessagePart *part;
+	MsnP2PInfo *info;
 	size_t len;
 	int body_len;
-	if (data_len < P2P_PACKET_HEADER_SIZE) {
+	info = msn_p2p_info_new(MSN_P2P_VERSION_ONE);
+	/* Extract the binary SLP header */
+	len = msn_p2p_header_from_wire(info, data, data_len);
+	if (len == 0) {
+		msn_p2p_info_free(info);
 		return NULL;
 	}
-	part = msn_slpmsgpart_new(NULL);
-	part->info = msn_p2p_info_new(MSN_P2P_VERSION_ONE);
-	/* Extract the binary SLP header */
-	len = msn_p2p_header_from_wire(part->info, data);
 	data += len;
+	part = msn_slpmsgpart_new(info);
 	/* Extract the body */
 	body_len = data_len - len - P2P_PACKET_FOOTER_SIZE;
 	/* msg->body_len = msg->msnslp_header.length; */

Mercurial > pidgin.yaz