Mercurial > pidgin
diff libpurple/protocols/msn/nexus.c @ 28500:8464e695c62b
Fixes a bad MSN bug where passwords with multi-byte utf8 characters near
the 16 byte mark would cause a segmentation fault due to chopping the
multi-byte character and turning the string into invalidate utf8.
Thanks to Shaun Lindsay at Meebo for tracking this down and fixing it.
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Wed, 04 Nov 2009 18:41:21 +0000 |
| parents | 428d85859b4e |
| children | e77894113a14 |
line wrap: on
line diff
--- a/libpurple/protocols/msn/nexus.c Thu Oct 22 01:21:25 2009 +0000 +++ b/libpurple/protocols/msn/nexus.c Wed Nov 04 18:41:21 2009 +0000 @@ -399,7 +399,14 @@ username = purple_account_get_username(session->account); password = purple_connection_get_password(session->account->gc); - password_xml = g_markup_escape_text(password, MIN(strlen(password), 16)); + if (g_utf8_strlen(password, -1) > 16) { + /* max byte size for 16 utf8 characters is 64 + 1 for the null */ + gchar truncated[65]; + g_utf8_strncpy(truncated, password, 16); + password_xml = g_markup_escape_text(truncated, -1); + } else { + password_xml = g_markup_escape_text(password, -1); + } purple_debug_info("msn", "Logging on %s, with policy '%s', nonce '%s'\n", username, nexus->policy, nexus->nonce);