# HG changeset patch
# User Richard Laager <rlaager@wiktel.com>
# Date 1214469769 0
# Node ID d04d24b1db9b56559106e5e8165c468f9061f7c9
# Parent  d74ff4f23171794deb8787ddc35b453b3022a7b1
MSN SLP fix

diff -r d74ff4f23171 -r d04d24b1db9b libpurple/protocols/msn/slplink.c
--- a/libpurple/protocols/msn/slplink.c	Thu Jun 26 01:18:05 2008 +0000
+++ b/libpurple/protocols/msn/slplink.c	Thu Jun 26 08:42:49 2008 +0000
@@ -593,7 +593,7 @@
 	}
 	else if (slpmsg->size)
 	{
-		if ((offset + len) > slpmsg->size)
+		if (offset < 0 || (offset + len) > slpmsg->size)
 		{
 			purple_debug_error("msn",
 				"Oversized slpmsg - msgsize=%lld offset=%" G_GSIZE_FORMAT " len=%" G_GSIZE_FORMAT "\n",
diff -r d74ff4f23171 -r d04d24b1db9b libpurple/protocols/msnp9/slplink.c
--- a/libpurple/protocols/msnp9/slplink.c	Thu Jun 26 01:18:05 2008 +0000
+++ b/libpurple/protocols/msnp9/slplink.c	Thu Jun 26 08:42:49 2008 +0000
@@ -597,7 +597,7 @@
 	}
 	else if (slpmsg->size)
 	{
-		if ((offset + len) > slpmsg->size)
+		if (offset < 0 || (offset + len) > slpmsg->size)
 		{
 			purple_debug_error("msn", "Oversized slpmsg\n");
 			g_return_if_reached();