Bugzilla – Attachment 22899 Details for
Bug 59194
VUL-0: CVE-2004-2589: new gaim issues
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
IDP Log In
|
Forgot Password
[patch]
patch for 0.59 (8.1)
44194-0.59.diff (text/plain), 1.66 KB, created by
Ludwig Nussel
on 2004-08-25 19:46:18 UTC
(
hide
)
Description:
patch for 0.59 (8.1)
Filename:
MIME Type:
Creator:
Ludwig Nussel
Created:
2004-08-25 19:46:18 UTC
Size:
1.66 KB
patch
obsolete
>Index: gaim-0.59/src/protocols/zephyr/ZInit.c >=================================================================== >--- gaim-0.59.orig/src/protocols/zephyr/ZInit.c >+++ gaim-0.59/src/protocols/zephyr/ZInit.c >@@ -32,7 +32,7 @@ Code_t ZInitialize() > { > struct servent *hmserv; > struct hostent *hostent; >- char addr[4], hostname[MAXHOSTNAMELEN]; >+ char addr[4], hostname[MAXHOSTNAMELEN+1]; > struct in_addr servaddr; > struct sockaddr_in sin; > int s, sinsize = sizeof(sin); >@@ -134,6 +134,7 @@ Code_t ZInitialize() > * is a pretty broken thing to do, and unfortunately what we > * always do on server machines.) */ > if (gethostname(hostname, sizeof(hostname)) == 0) { >+ hostname[sizeof(hostname)-1] = '\0'; > hostent = gethostbyname(hostname); > if (hostent && hostent->h_addrtype == AF_INET) > memcpy(&__My_addr, hostent->h_addr, sizeof(__My_addr)); >Index: gaim-0.59/src/protocols/msn/msn.c >=================================================================== >--- gaim-0.59.orig/src/protocols/msn/msn.c >+++ gaim-0.59/src/protocols/msn/msn.c >@@ -181,7 +181,7 @@ static char *url_decode(const char *msg) > int i, j = 0; > > bzero(buf, sizeof(buf)); >- for (i = 0; i < strlen(msg); i++) { >+ for (i = 0; i < strlen(msg) && j < sizeof(buf)-2; i++) { > char hex[3]; > if (msg[i] != '%') { > buf[j++] = msg[i]; >@@ -205,9 +205,12 @@ static char *url_encode(const char *msg) > > bzero(buf, sizeof(buf)); > for (i = 0; i < strlen(msg); i++) { >- if (isalnum(msg[i])) >+ if (isalnum(msg[i])) { >+ if(j+1 >= sizeof(buf)-1) break; > buf[j++] = msg[i]; >+ } > else { >+ if(j+3 >= sizeof(buf)-1) break; > sprintf(buf + j, "%%%02x", (unsigned char)msg[i]); > j += 3; > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=22899">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 59194
:
22895
|
22896
| 22899 |
22900
|
22902
|
22904