# HG changeset patch
# User Ka-Hing Cheung <khc@hxbc.us>
# Date 1241291553 0
# Node ID a6724cd174f1c8a42fec7b62d945815c4b09517a
# Parent  19d27ee1c72a5fdf2f2057e3f6e9205c702b3b52
Fixes a buffer overflow in the ZDI-08-054 report

diff -r 19d27ee1c72a -r a6724cd174f1 libpurple/protocols/msn/slplink.c
--- a/libpurple/protocols/msn/slplink.c	Sat May 02 18:19:55 2009 +0000
+++ b/libpurple/protocols/msn/slplink.c	Sat May 02 19:12:33 2009 +0000
@@ -493,7 +493,7 @@
 {
 	MsnSlpMessage *slpmsg;
 	const char *data;
-	gsize offset;
+	guint64 offset;
 	gsize len;
 
 #ifdef MSN_DEBUG_SLP
@@ -565,6 +565,7 @@
 			if (slpmsg->buffer == NULL)
 			{
 				purple_debug_error("msn", "Failed to allocate buffer for slpmsg\n");
+				msn_slpmsg_destroy(slpmsg);
 				return;
 			}
 		}