# HG changeset patch
# User Ethan Blanton <elb@pidgin.im>
# Date 1310934975 0
# Node ID 4ad2a0668687eaed82d9f410591b29c552e965ca
# Parent  e529d0b57a5f737f1639be127d387a386db0c9aa
Changed a strcpy in the mxit prpl to a bounds-checked g_strlcpy.

Thanks to the Electronic Frontier Foundation (https://www.eff.org/) for
this patch.

diff -r e529d0b57a5f -r 4ad2a0668687 libpurple/protocols/mxit/cipher.c
--- a/libpurple/protocols/mxit/cipher.c	Sun Jul 17 17:48:47 2011 +0000
+++ b/libpurple/protocols/mxit/cipher.c	Sun Jul 17 20:36:15 2011 +0000
@@ -84,12 +84,12 @@
 	pass[sizeof( pass ) - 1] = '\0';
 
 	/* build the custom AES encryption key */
-	strcpy( key, INITIAL_KEY );
+	g_strlcpy( key, INITIAL_KEY, sizeof( key ) );
 	memcpy( key, session->clientkey, strlen( session->clientkey ) );
 	ExpandKey( (unsigned char*) key, (unsigned char*) exkey );
 
 	/* build the custom data to be encrypted */
-	strcpy( pass, SECRET_HEADER );
+	g_strlcpy( pass, SECRET_HEADER, sizeof( pass ) );
 	strcat( pass, session->acc->password );
 
 	/* pad the secret data */