changeset
[gaim-migrate @ 8604]
Sat, 27 Dec 2003 00:31:43 +0000
- author
- Christian Hammond <chipx86@chipx86.com>
- date
- Sat, 27 Dec 2003 00:31:43 +0000
- changeset 7933
- a59beea5a510
- parent 7932
- c31311834fc2
- child 7934
- 651bf920e54c
[gaim-migrate @ 8604]
Although it's not supposed to be possible, someone had a crash from a
truncated MSNObject string. This adds some extra safe-guards in parsing.
| src/protocols/msn/msnobject.c | file | annotate | diff | comparison | revisions |
--- a/src/protocols/msn/msnobject.c Fri Dec 26 21:16:50 2003 +0000 +++ b/src/protocols/msn/msnobject.c Sat Dec 27 00:31:43 2003 +0000 @@ -26,7 +26,8 @@ { \ tag += strlen(id "=\""); \ c = strchr(tag, '"'); \ - obj->field = g_strndup(tag, c - tag); \ + if (c != NULL) \ + obj->field = g_strndup(tag, c - tag); \ } #define GET_INT_TAG(field, id) \ @@ -35,8 +36,11 @@ char buf[16]; \ tag += strlen(id "=\""); \ c = strchr(tag, '"'); \ - strncpy(buf, tag, c - tag); \ - obj->field = atoi(buf); \ + if (c != NULL) \ + { \ + strncpy(buf, tag, c - tag); \ + obj->field = atoi(buf); \ + } \ } MsnObject *
