diff options
author | Gary Kramlich <grim@reaperworld.com> | 2021-02-07 01:42:09 -0600 |
---|---|---|
committer | Gary Kramlich <grim@reaperworld.com> | 2021-02-07 01:42:09 -0600 |
commit | bb01a2f383df86e9c917f6b755c1369d179ccdef (patch) | |
tree | 7c427fab30ab06365746c37aa1d1daa559ea3881 /libpurple/protocols/zephyr/Zinternal.c | |
parent | b74e34a077b5f15d79ba1f61ca4d353c4f41532d (diff) | |
download | pidgin-bb01a2f383df86e9c917f6b755c1369d179ccdef.tar.gz |
Implement mitigation for GHSL-2021-045
This add a static inline version of `g_memdup2` if the version of glib we're
compiling against doesn't have the function.
GHSL-2021-045 was originally reported to glib at
https://gitlab.gnome.org/GNOME/glib/-/issues/2319.
More information about the entire situation can be found on the gnome
desktop-devel-list at
https://mail.gnome.org/archives/desktop-devel-list/2021-February/msg00000.html
Testing Done:
Compiled and ran unit tests.
Reviewed at https://reviews.imfreedom.org/r/482/
Diffstat (limited to 'libpurple/protocols/zephyr/Zinternal.c')
-rw-r--r-- | libpurple/protocols/zephyr/Zinternal.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/libpurple/protocols/zephyr/Zinternal.c b/libpurple/protocols/zephyr/Zinternal.c index 7e9d73880e..0ddb9c6be5 100644 --- a/libpurple/protocols/zephyr/Zinternal.c +++ b/libpurple/protocols/zephyr/Zinternal.c @@ -10,6 +10,7 @@ */ #include <purple.h> +#include "libpurple/glibcompat.h" #include "internal.h" #ifdef WIN32 @@ -332,7 +333,7 @@ Z_ReadWait(void) * a first fragment, grab the header from it. */ if (part == 0 && qptr->header == NULL) { qptr->header_len = packet_len - notice.z_message_len; - qptr->header = g_memdup(packet, qptr->header_len); + qptr->header = g_memdup2(packet, qptr->header_len); } g_object_unref(from); return Z_AddNoticeToEntry(qptr, ¬ice, part); @@ -364,7 +365,7 @@ Z_ReadWait(void) * ID's will be predictable. */ if (part == 0) { qptr->header_len = packet_len - notice.z_message_len; - qptr->header = g_memdup(packet, qptr->header_len); + qptr->header = g_memdup2(packet, qptr->header_len); } /* If this is not a fragmented notice, then don't bother with a hole @@ -377,7 +378,7 @@ Z_ReadWait(void) if (notice.z_message_len == 0) { qptr->msg = NULL; } else { - qptr->msg = g_memdup(notice.z_message, notice.z_message_len); + qptr->msg = g_memdup2(notice.z_message, notice.z_message_len); } qptr->msg_len = notice.z_message_len; __Q_Size += notice.z_message_len; |