changeset
Merged TALOS-CAN-0142
Sun, 12 Jun 2016 22:22:06 -0500
- author
- Gary Kramlich <grim@reaperworld.com>
- date
- Sun, 12 Jun 2016 22:22:06 -0500
- branch
- release-2.x.y
- changeset 37847
- 048d46315e91
- parent 37846
- 5ae57760ca10 (current diff)
- parent 37815
- 0ee892d194e3 (diff)
- child 37848
- 34d56e0586c4
Merged TALOS-CAN-0142
| ChangeLog | file | annotate | diff | comparison | revisions |
--- a/ChangeLog Sun Jun 12 22:17:08 2016 -0500 +++ b/ChangeLog Sun Jun 12 22:22:06 2016 -0500 @@ -37,6 +37,8 @@ Cisco Talos. (TALOS-CAN-0136) * Fixed a remote NULL pointer dereference. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0137) + * Fixed a remote code execution issue discovered by Yves Younan of Cisco + Talos. (TALOS-CAN-0142) version 2.10.12 (12/31/15): General:
--- a/libpurple/protocols/mxit/multimx.c Sun Jun 12 22:17:08 2016 -0500 +++ b/libpurple/protocols/mxit/multimx.c Sun Jun 12 22:22:06 2016 -0500 @@ -360,7 +360,7 @@ unsigned int i; for (i = 1; i < strlen(msg); i++) { /* search for end of nickname */ - if (msg[i] == '>') { + if ((msg[i] == '>') && (msg[i+1] == '\n')) { msg[i] = '\0'; g_free(mx->from); mx->from = g_strdup(&msg[1]);
