# HG changeset patch
# User Daniel Atallah <daniel.atallah@gmail.com>
# Date 1241293813 0
# Node ID 151004519917fee5c2daf8babddf1bc22fb8d876
# Parent  5e6999b6b5e427b78ea753c9f587d7acb7e75ac5
Make sure we call atoi on a NUL-terminated string.  It isn't safe to call on
a pointer to a single char.
This came out of the veracode analysis.

diff -r 5e6999b6b5e4 -r 151004519917 libpurple/protocols/qq/utils.c
--- a/libpurple/protocols/qq/utils.c	Sat May 02 19:39:45 2009 +0000
+++ b/libpurple/protocols/qq/utils.c	Sat May 02 19:50:13 2009 +0000
@@ -222,7 +222,8 @@
  * The return should be freed later. */
 guint8 *hex_str_to_bytes(const gchar *const buffer, gint *out_len)
 {
-	gchar *hex_str, *hex_buffer, *cursor, tmp;
+	gchar *hex_str, *hex_buffer, *cursor;
+	gchar tmp[2];
 	guint8 *bytes, nibble1, nibble2;
 	gint index;
 
@@ -242,7 +243,9 @@
 	index = 0;
 	for (cursor = hex_str; cursor < hex_str + sizeof(gchar) * (strlen(hex_str)) - 1; cursor++) {
 		if (g_ascii_isdigit(*cursor)) {
-			tmp = *cursor; nibble1 = atoi(&tmp);
+			tmp[0] = *cursor;
+			tmp[1] = '\0';
+			nibble1 = atoi(tmp);
 		} else if (g_ascii_isalpha(*cursor) && (gint) *cursor - 87 < 16) {
 			nibble1 = (gint) *cursor - 87;
 		} else {
@@ -254,7 +257,9 @@
 		nibble1 = nibble1 << 4;
 		cursor++;
 		if (g_ascii_isdigit(*cursor)) {
-			tmp = *cursor; nibble2 = atoi(&tmp);
+			tmp[0] = *cursor;
+			tmp[1] = '\0';
+			nibble2 = atoi(tmp);
 		} else if (g_ascii_isalpha(*cursor) && (gint) (*cursor - 87) < 16) {
 			nibble2 = (gint) *cursor - 87;
 		} else {