# HG changeset patch
# User Mark Doliner <markdoliner@pidgin.im>
# Date 1307434439 0
# Node ID 2b305d5e6d5e780b51cbe72a0cc49842ea1ec327
# Parent  8bce7b3c5fbe9cba7effeb971746f9d4b04ce6e0
Fix a potential null pointer dereference in the MSN protocol, discovered
by Marius Wachtler and reported to security@pidgin.im on March 22nd.

This one is kinda rare, and requires someone to perform a man-in-the-middle
attack in order to cause the crash.  So we're not going to go through the
CVE process for it (at least... probably not).

diff -r 8bce7b3c5fbe -r 2b305d5e6d5e libpurple/protocols/msn/httpconn.c
--- a/libpurple/protocols/msn/httpconn.c	Tue Jun 07 07:42:56 2011 +0000
+++ b/libpurple/protocols/msn/httpconn.c	Tue Jun 07 08:13:59 2011 +0000
@@ -217,7 +217,7 @@
 
 		g_free(tmp);
 
-		t = strchr(full_session_id, '.');
+		t = full_session_id ? strchr(full_session_id, '.') : NULL;
 		if (t != NULL)
 			session_id = g_strndup(full_session_id, t - full_session_id);
 		else {