Skip to content
Permalink
Browse files Browse the repository at this point in the history
purple: Fix crash on ft requests from unknown contacts
Followup to 701ab81 (included in 3.5) which was a partial fix which only
improved things for non-libpurple file transfers (that is, just jabber)
  • Loading branch information
dequis committed Jan 29, 2017
1 parent 53cb4ae commit 30d598c
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions protocols/purple/ft.c
Expand Up @@ -145,6 +145,10 @@ static gboolean prplcb_xfer_new_send_cb(gpointer data, gint fd, b_input_conditio
/* TODO(wilmer): After spreading some more const goodness in BitlBee,
remove the evil cast below. */
px->ft = imcb_file_send_start(ic, (char *) who, xfer->filename, xfer->size);

if (!px->ft) {
return FALSE;
}
px->ft->data = px;

px->ft->accept = prpl_xfer_accept;
Expand Down

2 comments on commit 30d598c

@carnil
Copy link

@carnil carnil commented on 30d598c Jan 31, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dequis
Copy link
Member Author

@dequis dequis commented on 30d598c Jan 31, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CVE-2017-5668 has been assigned for this

Please sign in to comment.