Mercurial > pidgin.yaz
comparison libpurple/protocols/myspace/message.c @ 31053:943fce8ef142
Fix for CVE-2010-3711. Properly validate the return value from
purple_base64_decode() (the CVE issue) and purple_base16_decode() (just a bug).
Coincidentally, this should also fix #12614.
committer: John Bailey <rekkanoryo@rekkanoryo.org>
| author | Daniel Atallah <daniel.atallah@gmail.com> |
|---|---|
| date | Sun, 17 Oct 2010 03:55:04 +0000 |
| parents | df7705d4b19a |
| children |
comparison
equal
deleted
inserted
replaced
| 31044:0050a61df60c | 31053:943fce8ef142 |
|---|---|
| 1361 * a base64'd MSIM_TYPE_STRING that really is encoded binary. The values | 1361 * a base64'd MSIM_TYPE_STRING that really is encoded binary. The values |
| 1362 * will be escaped since strings are escaped, and / becomes /2; no good. | 1362 * will be escaped since strings are escaped, and / becomes /2; no good. |
| 1363 * | 1363 * |
| 1364 */ | 1364 */ |
| 1365 *binary_data = (gchar *)purple_base64_decode((const gchar *)elem->data, binary_length); | 1365 *binary_data = (gchar *)purple_base64_decode((const gchar *)elem->data, binary_length); |
| 1366 return TRUE; | 1366 return ((*binary_data) != NULL); |
| 1367 | 1367 |
| 1368 case MSIM_TYPE_BINARY: | 1368 case MSIM_TYPE_BINARY: |
| 1369 gs = (GString *)elem->data; | 1369 gs = (GString *)elem->data; |
| 1370 | 1370 |
| 1371 /* Duplicate data, so caller can g_free() it. */ | 1371 /* Duplicate data, so caller can g_free() it. */ |