From: Christian H. <ch...@us...> - 2002-11-23 18:50:50
|
Update of /cvsroot/gaim/gaim/src/protocols/yahoo In directory sc8-pr-cvs1:/tmp/cvs-serv2780 Modified Files: Tag: gtk1-stable yahoo.c Log Message: - Fixed a segfault that occurred when a key/value pair had no value (i.e., in the mail notification packets that the Yahoo server is sending out). - Skip over a garbage character in mail notification packets that's causing the sender name key/value pair to be ignored. - Some code cleanups, which should optimize it (though not noticeably so) and make it easier to read. Thanks go to ZuperDee for this. Index: yahoo.c =================================================================== RCS file: /cvsroot/gaim/gaim/src/protocols/yahoo/yahoo.c,v retrieving revision 1.43.2.7 retrieving revision 1.43.2.8 diff -u -d -r1.43.2.7 -r1.43.2.8 --- yahoo.c 12 Nov 2002 00:50:21 -0000 1.43.2.7 +++ yahoo.c 23 Nov 2002 18:50:47 -0000 1.43.2.8 @@ -259,19 +259,20 @@ pair->key = strtol(key, NULL, 10); accept = x; /* if x is 0 there was no key, so don't accept it */ - if (accept) + if (len - pos + 1 <= 0) { + /* Truncated. Garbage or something. */ + accept = 0; + } + + if (accept) { value = g_malloc(len - pos + 1); - x = 0; - while (pos + 1 < len) { - if (data[pos] == 0xc0 && data[pos + 1] == 0x80) - break; - if (accept) + x = 0; + while (pos + 1 < len) { + if (data[pos] == 0xc0 && data[pos + 1] == 0x80) + break; value[x++] = data[pos++]; - } - if (accept) + } value[x] = 0; - pos += 2; - if (accept) { pair->value = g_strdup(value); g_free(value); pkt->hash = g_slist_append(pkt->hash, pair); @@ -279,6 +280,11 @@ } else { g_free(pair); } + pos += 2; + + /* Skip over garbage we've noticed in the mail notifications */ + if (data[0] == '9' && data[pos] == 0x01) + pos++; } } |