# HG changeset patch # User Elliott Sales de Andrade # Date 1299733217 0 # Node ID 8cf9270acf4cadc598ba22f198c38677cc8efac2 # Parent a01d958f7b26c2601da06b70250164ad2401575e Add a maximum length when parsing the P2P wire data. diff -r a01d958f7b26 -r 8cf9270acf4c libpurple/protocols/msn/p2p.c --- a/libpurple/protocols/msn/p2p.c Thu Mar 10 03:18:45 2011 +0000 +++ b/libpurple/protocols/msn/p2p.c Thu Mar 10 05:00:17 2011 +0000 @@ -88,7 +88,7 @@ } size_t -msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire) +msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire, size_t max_len) { size_t len; diff -r a01d958f7b26 -r 8cf9270acf4c libpurple/protocols/msn/p2p.h --- a/libpurple/protocols/msn/p2p.h Thu Mar 10 03:18:45 2011 +0000 +++ b/libpurple/protocols/msn/p2p.h Thu Mar 10 05:00:17 2011 +0000 @@ -113,7 +113,7 @@ msn_p2p_info_free(MsnP2PInfo *info); size_t -msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire); +msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire, size_t max_len); char * msn_p2p_header_to_wire(MsnP2PInfo *info, size_t *len); diff -r a01d958f7b26 -r 8cf9270acf4c libpurple/protocols/msn/slplink.c --- a/libpurple/protocols/msn/slplink.c Thu Mar 10 03:18:45 2011 +0000 +++ b/libpurple/protocols/msn/slplink.c Thu Mar 10 05:00:17 2011 +0000 @@ -289,7 +289,7 @@ /* Maybe we will want to create a new msg for this slpmsg instead of * reusing the same one all the time. */ info = slpmsg->p2p_info; - part = msn_slpmsgpart_new(info); + part = msn_slpmsgpart_new(msn_p2p_info_dup(info)); part->ack_data = slpmsg; real_size = (msn_p2p_info_get_flags(info) == P2P_ACK) ? 0 : slpmsg->size; diff -r a01d958f7b26 -r 8cf9270acf4c libpurple/protocols/msn/slpmsg_part.c --- a/libpurple/protocols/msn/slpmsg_part.c Thu Mar 10 03:18:45 2011 +0000 +++ b/libpurple/protocols/msn/slpmsg_part.c Thu Mar 10 05:00:17 2011 +0000 @@ -34,8 +34,7 @@ part = g_new0(MsnSlpMessagePart, 1); - if (info) - part->info = msn_p2p_info_dup(info); + part->info = info; part->ack_cb = msn_slpmsgpart_ack; part->nak_cb = msn_slpmsgpart_nak; @@ -46,19 +45,20 @@ MsnSlpMessagePart *msn_slpmsgpart_new_from_data(const char *data, size_t data_len) { MsnSlpMessagePart *part; + MsnP2PInfo *info; size_t len; int body_len; - if (data_len < P2P_PACKET_HEADER_SIZE) { + info = msn_p2p_info_new(MSN_P2P_VERSION_ONE); + + /* Extract the binary SLP header */ + len = msn_p2p_header_from_wire(info, data, data_len); + if (len == 0) { + msn_p2p_info_free(info); return NULL; } - - part = msn_slpmsgpart_new(NULL); - part->info = msn_p2p_info_new(MSN_P2P_VERSION_ONE); - - /* Extract the binary SLP header */ - len = msn_p2p_header_from_wire(part->info, data); data += len; + part = msn_slpmsgpart_new(info); /* Extract the body */ body_len = data_len - len - P2P_PACKET_FOOTER_SIZE;