Mercurial > pidgin3 / changeset

changeset

Merged in discord-ssl-crash (pull request #679) release-2.x.y

Thu, 09 Apr 2020 07:39:55 +0000

author
Gary Kramlich <grim@reaperworld.com>
date
Thu, 09 Apr 2020 07:39:55 +0000
branch
release-2.x.y
changeset 40323
0988a438ed3e
parent 40321
f7a993ac9c2a (current diff)
parent 40322
3e026e7db681 (diff)
child 40325
e55a9d94f514

Merged in discord-ssl-crash (pull request #679)

Make ssl_nss_read robust against bogus connection, like ssl_nss_write is

Approved-by: Gary Kramlich
Approved-by: Eion Robb

--- a/libpurple/plugins/ssl/ssl-gnutls.c	Thu Apr 09 02:38:32 2020 -0500
+++ b/libpurple/plugins/ssl/ssl-gnutls.c	Thu Apr 09 07:39:55 2020 +0000
@@ -451,9 +451,10 @@
 ssl_gnutls_read(PurpleSslConnection *gsc, void *data, size_t len)
 {
 	PurpleSslGnutlsData *gnutls_data = PURPLE_SSL_GNUTLS_DATA(gsc);
-	ssize_t s;
+	ssize_t s = 0;
 
-	s = gnutls_record_recv(gnutls_data->session, data, len);
+	if(gnutls_data)
+		s = gnutls_record_recv(gnutls_data->session, data, len);
 
 	if(s == GNUTLS_E_AGAIN || s == GNUTLS_E_INTERRUPTED) {
 		s = -1;
--- a/libpurple/plugins/ssl/ssl-nss.c	Thu Apr 09 02:38:32 2020 -0500
+++ b/libpurple/plugins/ssl/ssl-nss.c	Thu Apr 09 07:39:55 2020 +0000
@@ -529,6 +529,9 @@
 	PRInt32 ret;
 	PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc);
 
+	if (!nss_data)
+		return 0;
+
 	ret = PR_Read(nss_data->in, data, len);
 
 	if (ret == -1)

Mercurial Repository: pidgin3

mercurial