Mercurial > pidgin

changeset 25559:5e6999b6b5e4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Prevent a NUL ptr deref caused by a malformed session_id. This came out of the veracode analysis.
author Daniel Atallah <daniel.atallah@gmail.com>
date Sat, 02 May 2009 19:39:45 +0000
parents d8ce4de7137f
children 151004519917
files libpurple/protocols/msn/httpconn.c
diffstat 1 files changed, 7 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/protocols/msn/httpconn.c	Sat May 02 19:33:22 2009 +0000
+++ b/libpurple/protocols/msn/httpconn.c	Sat May 02 19:39:45 2009 +0000
@@ -219,7 +219,13 @@
 		g_free(tmp);
 
 		t = strchr(full_session_id, '.');
-		session_id = g_strndup(full_session_id, t - full_session_id);
+		if (t != NULL)
+			session_id = g_strndup(full_session_id, t - full_session_id);
+		else {
+			purple_debug_error("msn", "Malformed full_session_id[%s]\n",
+					   full_session_id ? full_session_id : NULL);
+			session_id = g_strdup(full_session_id);
+		}
 
 		if (session_action == NULL || strcmp(session_action, "close") != 0)
 		{