changeset
Fix CVE-2010-0420, a possible remote crash when handling chat room
Tue, 16 Feb 2010 08:58:45 +0000
- author
- Mark Doliner <markdoliner@pidgin.im>
- date
- Tue, 16 Feb 2010 08:58:45 +0000
- changeset 29377
- 6c8add94b5a4
- parent 29376
- 9a3f73531905
- child 29378
- a783b23a05da
Fix CVE-2010-0420, a possible remote crash when handling chat room
buddy names.
| ChangeLog | file | annotate | diff | comparison | revisions | |
| finch/libgnt/gnttree.c | file | annotate | diff | comparison | revisions |
--- a/ChangeLog Tue Feb 16 08:54:07 2010 +0000 +++ b/ChangeLog Tue Feb 16 08:58:45 2010 +0000 @@ -102,6 +102,8 @@ descriptions not to be displayed in the theme selector. Finch: + * Fix CVE-2010-0420, a possible remote crash when handling chat room + buddy names. * Rebindable 'move-first' and 'move-last' actions for tree widgets. So it is possible to jump to the first or last entry in the buddy list (and other such lists) by pressing home or end key (defaults)
--- a/finch/libgnt/gnttree.c Tue Feb 16 08:54:07 2010 +0000 +++ b/finch/libgnt/gnttree.c Tue Feb 16 08:58:45 2010 +0000 @@ -1346,6 +1346,10 @@ { GntTreeRow *pr = NULL; + if (g_hash_table_lookup(tree->hash, key)) { + gnt_tree_remove(tree, key); + } + row->tree = tree; row->key = key; row->data = NULL;
