Mercurial > pidgin.yaz
changeset 29467:40623dd0bba0
Fix CVE-2010-0420, a possible remote crash when handling chat room
buddy names.
author | Mark Doliner <mark@kingant.net> |
---|---|
date | Tue, 16 Feb 2010 08:58:45 +0000 |
parents | 69077f3993f6 |
children | 89b4054deba1 |
files | ChangeLog finch/libgnt/gnttree.c |
diffstat | 2 files changed, 6 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Tue Feb 16 08:54:07 2010 +0000 +++ b/ChangeLog Tue Feb 16 08:58:45 2010 +0000 @@ -102,6 +102,8 @@ descriptions not to be displayed in the theme selector. Finch: + * Fix CVE-2010-0420, a possible remote crash when handling chat room + buddy names. * Rebindable 'move-first' and 'move-last' actions for tree widgets. So it is possible to jump to the first or last entry in the buddy list (and other such lists) by pressing home or end key (defaults)
--- a/finch/libgnt/gnttree.c Tue Feb 16 08:54:07 2010 +0000 +++ b/finch/libgnt/gnttree.c Tue Feb 16 08:58:45 2010 +0000 @@ -1346,6 +1346,10 @@ { GntTreeRow *pr = NULL; + if (g_hash_table_lookup(tree->hash, key)) { + gnt_tree_remove(tree, key); + } + row->tree = tree; row->key = key; row->data = NULL;