Mercurial > pidgin.yaz
diff libpurple/protocols/msn/slpmsg.h @ 29466:69077f3993f6
Fix CVE-2010-0277, a possible remote crash when parsing an incoming
SLP message. Discovered by Fabian Yamaguchi.
author | Mark Doliner <mark@kingant.net> |
---|---|
date | Tue, 16 Feb 2010 08:54:07 +0000 |
parents | 6aea98f6a5cd |
children | b98d1ca8422d |
line wrap: on
line diff
--- a/libpurple/protocols/msn/slpmsg.h Tue Feb 16 08:50:49 2010 +0000 +++ b/libpurple/protocols/msn/slpmsg.h Tue Feb 16 08:54:07 2010 +0000 @@ -57,7 +57,18 @@ gboolean ft; PurpleStoredImage *img; guchar *buffer; + + /** + * For outgoing messages this is the number of bytes from buffer that + * have already been sent out. For incoming messages this is the + * number of bytes that have been written to buffer. + */ long long offset; + + /** + * This is the size of buffer, unless this is an outgoing file transfer, + * in which case this is the size of the file. + */ long long size; GList *msgs; /**< The real messages. */