README.MTN@cb3f1a4239c7
README.MTN
Tue, 10 Aug 2010 17:53:07 +0000
- author
- Mark Doliner <markdoliner@pidgin.im>
- date
- Tue, 10 Aug 2010 17:53:07 +0000
- branch
- soc.2010.icq-tlc
- changeset 30681
- cb3f1a4239c7
- parent 23325
- a374a26fe217
- permissions
- -rw-r--r--
*** Plucked rev a8b26bdf35f2685c221a62e65eeb041aa1f41143 (markdoliner@pidgin.im):
Fix a crash bug in oscar related to trying to allocate too much memory.
This was reported to our security mailing list by Jan Kaluza The Great.
I honestly couldn't figure out how to repro this crash, so I've been
considering it as not a remote-crash security problem, so I chose to
skip the CVE process for this.
*** Plucked rev f812c8c4d3e9195374d37965e1bcf0c4c173097d (markdoliner@pidgin.im):
Make these unsigned, in case someone figures out how to actually send
one of these and somehow manages to use a negative number. Pointed out
by Yuriy M. Kaminskiy. Thanks, Yuriy!
If you plan to use Pidgin, Finch and libpurple from our Monotone repository, PLEASE read this message in its entirety! Pidgin, Finch, and libpurple are a fast-moving project with a somewhat regular release schedule. Due to the rate of development, the code in our Monotone repository undergoes frequent bursts of massive changes, often leaving behind brokenness and partial functionality while the responsible developers rewrite some portion of code or seek to add new features. What this all boils down to is that the code in our Monotone repository _WILL_ sometimes be broken. Because of this, we ask that users who are not interested in personally tracking down bugs and fixing them (without a lot of assistance from the developers!) use only released versions. Since releases will be made often, this should not prevent anyone from using the newest, shiniest features -- but it will prevent users from having to deal with ugly development bugs that we already know about but haven't gotten around to fixing. If you are interested in hacking on Pidgin, Finch, and/or libpurple, please check out the information available at: http://developer.pidgin.im By far the best documentation, however, is the documented code. If you have doxygen, you can run "make docs" in the toplevel directory to generate pretty documentation. Otherwise (or even if you do!), the header files for each subsystem contain documentation for the functions they contain. For instance, conversation.h contains documentation for the entire purple_conversation_* API, and account.h contains documentation for the purple_account_* API. If you have questions, please feel free to contact the Pidgin, Finch, and libpurple developers by email at devel@pidgin.im or on IRC at irc.freenode.net in #pidgin. Please do as much homework as you can before contacting us; the more you know about your question, the faster and more effectively we can help! Patches should be posted as Trac tickets at: http://developer.pidgin.im
