Fix for CVE-2010-3711. Properly validate the return value from
authorDaniel Atallah <daniel.atallah@gmail.com>
Sun, 17 Oct 2010 03:55:04 +0000 (03:55 +0000)
committerJohn Bailey <rekkanoryo@rekkanoryo.org>
Sun, 17 Oct 2010 03:55:04 +0000 (03:55 +0000)
commit279cee8bd87484609bc791a5ad18fa7548a8f94a
tree90e1bc6bbb4ee1e72064ae6a6eb3ac01f925e21c
parent02c059c9f201a59d26ec41ce30ba4316aa77890a
Fix for CVE-2010-3711.  Properly validate the return value from
purple_base64_decode() (the CVE issue) and purple_base16_decode() (just a bug).
Coincidentally, this should also fix #12614.
libpurple/ntlm.c
libpurple/plugins/perl/common/Util.xs
libpurple/protocols/jabber/auth_digest_md5.c
libpurple/protocols/msn/slp.c
libpurple/protocols/myspace/message.c
libpurple/protocols/oscar/clientlogin.c
libpurple/protocols/qq/im.c
libpurple/protocols/yahoo/libymsg.c