Mercurial > pidgin

diff libpurple/protocols/oscar/oscar.c @ 31786:a48d58e0512b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bounds check an OSCAR normalization. (EFF)
author Ethan Blanton <elb@pidgin.im>
date Thu, 11 Aug 2011 16:17:29 +0000
parents eec7f176e21d
children ade9644db2fe 5e1250393e28
line wrap: on
line diff
--- a/libpurple/protocols/oscar/oscar.c	Thu Aug 11 16:13:15 2011 +0000
+++ b/libpurple/protocols/oscar/oscar.c	Thu Aug 11 16:17:29 2011 +0000
@@ -5651,7 +5651,10 @@
 
 	tmp1 = g_utf8_strdown(buf, -1);
 	tmp2 = g_utf8_normalize(tmp1, -1, G_NORMALIZE_DEFAULT);
-	strcpy(buf, tmp2);
+	if (strlen(tmp2) > sizeof(buf) - 1) {
+		purple_debug_error("oscar", "normalized string exceeds buffer length!\n");
+	}
+	g_strlcpy(buf, tmp2, sizeof(buf));
 	g_free(tmp2);
 	g_free(tmp1);