Mercurial > pidgin.yaz
comparison libpurple/protocols/myspace/message.c @ 31053:943fce8ef142
Fix for CVE-2010-3711. Properly validate the return value from
purple_base64_decode() (the CVE issue) and purple_base16_decode() (just a bug).
Coincidentally, this should also fix #12614.
committer: John Bailey <rekkanoryo@rekkanoryo.org>
author | Daniel Atallah <daniel.atallah@gmail.com> |
---|---|
date | Sun, 17 Oct 2010 03:55:04 +0000 |
parents | df7705d4b19a |
children |
comparison
equal
deleted
inserted
replaced
31044:0050a61df60c | 31053:943fce8ef142 |
---|---|
1361 * a base64'd MSIM_TYPE_STRING that really is encoded binary. The values | 1361 * a base64'd MSIM_TYPE_STRING that really is encoded binary. The values |
1362 * will be escaped since strings are escaped, and / becomes /2; no good. | 1362 * will be escaped since strings are escaped, and / becomes /2; no good. |
1363 * | 1363 * |
1364 */ | 1364 */ |
1365 *binary_data = (gchar *)purple_base64_decode((const gchar *)elem->data, binary_length); | 1365 *binary_data = (gchar *)purple_base64_decode((const gchar *)elem->data, binary_length); |
1366 return TRUE; | 1366 return ((*binary_data) != NULL); |
1367 | 1367 |
1368 case MSIM_TYPE_BINARY: | 1368 case MSIM_TYPE_BINARY: |
1369 gs = (GString *)elem->data; | 1369 gs = (GString *)elem->data; |
1370 | 1370 |
1371 /* Duplicate data, so caller can g_free() it. */ | 1371 /* Duplicate data, so caller can g_free() it. */ |