Mercurial > pidgin
diff libpurple/log.c @ 31784:de1a7814023f
Bounds check log scanning, thanks to the EFF
author | Ethan Blanton <elb@pidgin.im> |
---|---|
date | Thu, 11 Aug 2011 16:10:33 +0000 |
parents | 3268f7da72c6 |
children | f75041cb3fec |
line wrap: on
line diff
--- a/libpurple/log.c Thu Aug 11 16:08:40 2011 +0000 +++ b/libpurple/log.c Thu Aug 11 16:10:33 2011 +0000 @@ -1838,7 +1838,7 @@ g_snprintf(convostart, length, "%s", temp); memset(&tm, 0, sizeof(tm)); - sscanf(convostart, "%*s %s %d %d:%d:%d %d", + sscanf(convostart, "%*s %3s %d %d:%d:%d %d", month, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec, &tm.tm_year); /* Ugly hack, in case current locale is not English */ if (purple_strequal(month, "Jan")) {