# HG changeset patch
# User Paul Aurich <paul@darkrain42.org>
# Date 1241298577 0
# Node ID 9931796e176569d35d21cb29e555aa0b6e5b5d2a
# Parent  54dcfe059dd4cea6c99a291d5e2a8117ee59f7cb
*** Plucked rev 9dd1c4c3 (khc@pidgin.im):
Fixes a buffer overflow in the ZDI-08-054 report

diff -r 54dcfe059dd4 -r 9931796e1765 libpurple/protocols/msn/slplink.c
--- a/libpurple/protocols/msn/slplink.c	Sat May 02 21:08:59 2009 +0000
+++ b/libpurple/protocols/msn/slplink.c	Sat May 02 21:09:37 2009 +0000
@@ -493,7 +493,7 @@
 {
 	MsnSlpMessage *slpmsg;
 	const char *data;
-	gsize offset;
+	guint64 offset;
 	gsize len;
 
 #ifdef MSN_DEBUG_SLP
@@ -565,6 +565,7 @@
 			if (slpmsg->buffer == NULL)
 			{
 				purple_debug_error("msn", "Failed to allocate buffer for slpmsg\n");
+				msn_slpmsg_destroy(slpmsg);
 				return;
 			}
 		}