changeset 29467:40623dd0bba0

Fix CVE-2010-0420, a possible remote crash when handling chat room buddy names.
author Mark Doliner <mark@kingant.net>
date Tue, 16 Feb 2010 08:58:45 +0000
parents 69077f3993f6
children 89b4054deba1
files ChangeLog finch/libgnt/gnttree.c
diffstat 2 files changed, 6 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Tue Feb 16 08:54:07 2010 +0000
+++ b/ChangeLog	Tue Feb 16 08:58:45 2010 +0000
@@ -102,6 +102,8 @@
 	  descriptions not to be displayed in the theme selector.
 
 	Finch:
+	* Fix CVE-2010-0420, a possible remote crash when handling chat room
+	  buddy names.
 	* Rebindable 'move-first' and 'move-last' actions for tree widgets. So
 	  it is possible to jump to the first or last entry in the buddy list
 	  (and other such lists) by pressing home or end key (defaults)
--- a/finch/libgnt/gnttree.c	Tue Feb 16 08:54:07 2010 +0000
+++ b/finch/libgnt/gnttree.c	Tue Feb 16 08:58:45 2010 +0000
@@ -1346,6 +1346,10 @@
 {
 	GntTreeRow *pr = NULL;
 
+	if (g_hash_table_lookup(tree->hash, key)) {
+		gnt_tree_remove(tree, key);
+	}
+
 	row->tree = tree;
 	row->key = key;
 	row->data = NULL;