diff -r 02bd634e0591 -r 391b14824468 pidgin/gtkimhtml.c
--- a/pidgin/gtkimhtml.c	Sat Apr 17 21:16:19 2010 +0000
+++ b/pidgin/gtkimhtml.c	Sat Apr 17 21:35:26 2010 +0000
@@ -1185,8 +1185,14 @@
 		printf("\n");
 		}
 #endif
-		text = g_malloc(selection_data->length);
+
+		text = g_malloc(selection_data->length + 1);
 		memcpy(text, selection_data->data, selection_data->length);
+		/* Make sure the paste data is null-terminated.  Given that
+		 * we're passed length (but assume later that it is), this
+		 * seems sensible to me.
+		 */
+		text[selection_data->length] = '\0';
 	}
 
 #ifdef _WIN32