# HG changeset patch # User Mark Doliner # Date 1095549438 0 # Node ID cf02e7104706da8d208981a0078c330ebbf52014 # Parent eb8ccdd6f5f20057bfc6d6447dee57a511cb5297 [gaim-migrate @ 10998] A patch from rian hunter (chrono86): In src/protocols/oscar/oscar.c, in the function gaim_plugin_oscar_convert_to_best_encoding. g_convert is called multiple times. As its 5th argument g_convert takes a gsize* (8 byte), yet the argument to gaim_plugin_oscar_convert_to_best_encoding is a int* (4 byte). On LP64 machines this can allow the int* to be overwritten. This is especially bad on big endian 64-bit machines, causing the high 32-bits to be written into the low 32-bits of the int. This is a quick fix patch that lets g_convert deal with a gsize* pointer instead, then casting the value at gsize* to the value at the int*. A real fix would be to fix the aim_sendimext_args structure to have a gsize instead of an int (and all functions that use the aim_sendimext_args struct), and changing gaim_plugin_oscar_convert_to_best_encoding to accept a gsize*. of course, this woudl promote glib2 dependence, so that's probably not the best thing to do. committer: Tailor Script diff -r eb8ccdd6f5f2 -r cf02e7104706 COPYRIGHT --- a/COPYRIGHT Sat Sep 18 22:25:12 2004 +0000 +++ b/COPYRIGHT Sat Sep 18 23:17:18 2004 +0000 @@ -73,6 +73,7 @@ Casey Ho Iain Holmes Karsten Huneycutt +Rian Hunter Henry Jen Akuke Kok Cole Kowalski diff -r eb8ccdd6f5f2 -r cf02e7104706 src/protocols/oscar/oscar.c --- a/src/protocols/oscar/oscar.c Sat Sep 18 22:25:12 2004 +0000 +++ b/src/protocols/oscar/oscar.c Sat Sep 18 23:17:18 2004 +0000 @@ -497,7 +497,7 @@ static void gaim_plugin_oscar_convert_to_best_encoding(GaimConnection *gc, const char *destsn, const gchar *from, - gchar **msg, int *msglen, + gchar **msg, int *msglen_int, fu16_t *charset, fu16_t *charsubset) { OscarData *od = gc->proto_data; @@ -505,12 +505,14 @@ GError *err = NULL; aim_userinfo_t *userinfo = NULL; const gchar *charsetstr; + gsize msglen; /* Attempt to send as ASCII */ - *msg = g_convert(from, strlen(from), "ASCII", "UTF-8", NULL, msglen, NULL); + *msg = g_convert(from, strlen(from), "ASCII", "UTF-8", NULL, &msglen, NULL); if (*msg != NULL) { *charset = AIM_CHARSET_ASCII; *charsubset = 0x0000; + *msglen_int = msglen; return; } @@ -522,10 +524,11 @@ userinfo = aim_locate_finduserinfo(od->sess, destsn); if ((userinfo != NULL) && (userinfo->capabilities & AIM_CAPS_ICQUTF8)) { - *msg = g_convert(from, strlen(from), "UCS-2BE", "UTF-8", NULL, msglen, NULL); + *msg = g_convert(from, strlen(from), "UCS-2BE", "UTF-8", NULL, &msglen, NULL); if (*msg != NULL) { *charset = AIM_CHARSET_UNICODE; *charsubset = 0x0000; + *msglen_int = msglen; return; } } @@ -538,20 +541,22 @@ if ((destsn != NULL) && aim_sn_is_icq(destsn)) charsetstr = gaim_account_get_string(account, "encoding", OSCAR_DEFAULT_CUSTOM_ENCODING); - *msg = g_convert(from, strlen(from), charsetstr, "UTF-8", NULL, msglen, NULL); + *msg = g_convert(from, strlen(from), charsetstr, "UTF-8", NULL, &msglen, NULL); if (*msg != NULL) { *charset = AIM_CHARSET_CUSTOM; *charsubset = 0x0000; + *msglen_int = msglen; return; } /* * Nothing else worked, so send as UCS-2BE. */ - *msg = g_convert(from, strlen(from), "UCS-2BE", "UTF-8", NULL, msglen, &err); + *msg = g_convert(from, strlen(from), "UCS-2BE", "UTF-8", NULL, &msglen, &err); if (*msg != NULL) { *charset = AIM_CHARSET_UNICODE; *charsubset = 0x0000; + *msglen_int = msglen; return; } @@ -560,7 +565,7 @@ gaim_debug_error("oscar", "This should NEVER happen! Sending UTF-8 text flagged as ASCII.\n"); *msg = g_strdup(from); - *msglen = strlen(*msg); + *msglen_int = strlen(*msg); *charset = AIM_CHARSET_ASCII; *charsubset = 0x0000; return;