[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Ayttm-commits] CVS: ayttm/modules/msn2 msn.C,1.13,1.14
|
From: |
Colin Leroy <address@hidden> |
|
Subject: |
[Ayttm-commits] CVS: ayttm/modules/msn2 msn.C,1.13,1.14 |
|
Date: |
Tue, 07 Jan 2003 03:52:57 -0500 |
Update of /cvsroot/ayttm/ayttm/modules/msn2
In directory subversions:/tmp/cvs-serv5813/modules/msn2
Modified Files:
msn.C
Log Message:
prevent buffer overflow
Index: msn.C
===================================================================
RCS file: /cvsroot/ayttm/ayttm/modules/msn2/msn.C,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- msn.C 6 Jan 2003 19:00:53 -0000 1.13
+++ msn.C 7 Jan 2003 08:52:54 -0000 1.14
@@ -1133,6 +1133,12 @@
char dialog_message[1025];
char *uname;
eb_debug(DBG_MOD,"entering authorize_user\n");
+ /* that's not the right fix */
+ if (strlen(friendlyname) > 254 || strlen (username) > 254) {
+ eb_debug(DBG_MOD, "refusing contact %s because its name is too
long\n", username);
+ msn_add_to_list(mainconn, "BL", username);
+ return 0;
+ }
if(!is_waiting_auth(username)) {
eb_debug(DBG_MOD, "** %s (%s) has added you to their list.\n",
friendlyname, username);
sprintf(dialog_message, _("The MSN user %s (%s) would like to add you
to their contact list.\nDo you want to allow them to see when you are
online?"), friendlyname, username);
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Ayttm-commits] CVS: ayttm/modules/msn2 msn.C,1.13,1.14,
Colin Leroy <address@hidden> <=
- Prev by Date:
[Ayttm-commits] CVS: ayttm ChangeLog,1.42,1.43 configure.in,1.42,1.43
- Next by Date:
[Ayttm-commits] CVS: ayttm/modules/msn2 msn.C,1.14,1.15
- Previous by thread:
[Ayttm-commits] CVS: ayttm ChangeLog,1.42,1.43 configure.in,1.42,1.43
- Next by thread:
[Ayttm-commits] CVS: ayttm/modules/msn2 msn.C,1.14,1.15
- Index(es):