« Return to Thread: [patch] libpurple/protocols/oscar: OOM and die on misparsed ICQWebMessage as ICQSMS

Re: [patch] libpurple/protocols/oscar: OOM and die on misparsed ICQWebMessage as ICQSMS

by Yuriy Kaminskiy :: Rate this Message:

Reply (Restricted by the Administrator) | Reply to Author | View in Thread

Yuriy Kaminskiy wrote:
> I've got number of OOM/abort, and found that when pidgin receive
> chan4/0x1a/ICQWebMessage, it misparses that as ICQSMS, and dies on
> out-of-memory.
> 01) fixes in byte_stream_getstr: early check len for validity (this will
> cause error later anyway), and only then allocate memory.
> 02) fixes in incomingim_chan4/case 0x1a: better checks for expected
> format and errors (and not choke on some unknown gibberish).
Ping. If no-one noticed, this is security problem (just DoS, not remote
access, but nonetheless). At least some equivalent of patches 1 and 2
MUST be applied.

_______________________________________________
Devel mailing list
Devel@...
http://pidgin.im/cgi-bin/mailman/listinfo/devel

« Return to Thread: [patch] libpurple/protocols/oscar: OOM and die on misparsed ICQWebMessage as ICQSMS