changeset 31768:8cf9270acf4c

Add a maximum length when parsing the P2P wire data.
author Elliott Sales de Andrade <qulogic@pidgin.im>
date Thu, 10 Mar 2011 05:00:17 +0000
parents a01d958f7b26
children eeca86db288b
files libpurple/protocols/msn/p2p.c libpurple/protocols/msn/p2p.h libpurple/protocols/msn/slplink.c libpurple/protocols/msn/slpmsg_part.c
diffstat 4 files changed, 12 insertions(+), 12 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/protocols/msn/p2p.c	Thu Mar 10 03:18:45 2011 +0000
+++ b/libpurple/protocols/msn/p2p.c	Thu Mar 10 05:00:17 2011 +0000
@@ -88,7 +88,7 @@
 }
 
 size_t
-msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire)
+msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire, size_t max_len)
 {
 	size_t len;
 
--- a/libpurple/protocols/msn/p2p.h	Thu Mar 10 03:18:45 2011 +0000
+++ b/libpurple/protocols/msn/p2p.h	Thu Mar 10 05:00:17 2011 +0000
@@ -113,7 +113,7 @@
 msn_p2p_info_free(MsnP2PInfo *info);
 
 size_t
-msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire);
+msn_p2p_header_from_wire(MsnP2PInfo *info, const char *wire, size_t max_len);
 
 char *
 msn_p2p_header_to_wire(MsnP2PInfo *info, size_t *len);
--- a/libpurple/protocols/msn/slplink.c	Thu Mar 10 03:18:45 2011 +0000
+++ b/libpurple/protocols/msn/slplink.c	Thu Mar 10 05:00:17 2011 +0000
@@ -289,7 +289,7 @@
 	/* Maybe we will want to create a new msg for this slpmsg instead of
 	 * reusing the same one all the time. */
 	info = slpmsg->p2p_info;
-	part = msn_slpmsgpart_new(info);
+	part = msn_slpmsgpart_new(msn_p2p_info_dup(info));
 	part->ack_data = slpmsg;
 
 	real_size = (msn_p2p_info_get_flags(info) == P2P_ACK) ? 0 : slpmsg->size;
--- a/libpurple/protocols/msn/slpmsg_part.c	Thu Mar 10 03:18:45 2011 +0000
+++ b/libpurple/protocols/msn/slpmsg_part.c	Thu Mar 10 05:00:17 2011 +0000
@@ -34,8 +34,7 @@
 
 	part = g_new0(MsnSlpMessagePart, 1);
 
-	if (info)
-		part->info = msn_p2p_info_dup(info);
+	part->info = info;
 
 	part->ack_cb = msn_slpmsgpart_ack;
 	part->nak_cb = msn_slpmsgpart_nak;
@@ -46,19 +45,20 @@
 MsnSlpMessagePart *msn_slpmsgpart_new_from_data(const char *data, size_t data_len)
 {
 	MsnSlpMessagePart *part;
+	MsnP2PInfo *info;
 	size_t len;
 	int body_len;
 
-	if (data_len < P2P_PACKET_HEADER_SIZE) {
+	info = msn_p2p_info_new(MSN_P2P_VERSION_ONE);
+
+	/* Extract the binary SLP header */
+	len = msn_p2p_header_from_wire(info, data, data_len);
+	if (len == 0) {
+		msn_p2p_info_free(info);
 		return NULL;
 	}
-
-	part = msn_slpmsgpart_new(NULL);
-	part->info = msn_p2p_info_new(MSN_P2P_VERSION_ONE);
-
-	/* Extract the binary SLP header */
-	len = msn_p2p_header_from_wire(part->info, data);
 	data += len;
+	part = msn_slpmsgpart_new(info);
 
 	/* Extract the body */
 	body_len = data_len - len - P2P_PACKET_FOOTER_SIZE;