On Fri, Feb 15, 2002 at 08:32:30PM +0100, Martin Schulze <[EMAIL PROTECTED]> wrote:
> Hi!
> 
> Sorry for stepping in so late.
> 
> Jon Keating wrote:
>> This crash occurred when a static buffer of 1024 bytes overflowed.  This is 
>> fixed in the latest version of licq in the CVS and should be in the next CVS 
>> daily snapshot.  The CVS copy of licq uses the new v8 protocol (otherwise 
>> known as OSCAR) while the latest release does not.  If for some reason you do 
>> not want to use the CVS copy, use the attached patch, and when prompted for 
>> file to patch enter the full path to icqd-chat.cpp (i.e. 
>> /home/user/licq/src/icqd-chat.cpp)
>> 
> 
> I thought that I was blind, but reformatting and diff seems to reveal
> that I'm not.  Are you sure this patch is actually useful?  All that
> it changes is convert spaces to tab characters, indent one line and
> add a trailing space after a bracket.
> 
> I doubt this is able to fix a buffer overflow.
> 
> 1247a1248,1253
>>           if (strlen(u->linebuf) > 1000) // stop a little early
>>           {
>>              u->linebuf[1000] = '\0';
>>              PushChatEvent(new CChatEvent(CHAT_NEWLINE, u, u->linebuf));
>>              u->linebuf[0] = '\0';
>>           }
> 1547a1548,1553
>>          if (strlen(u->linebuf) > 1000) // stop a little early
>>          {
>>              u->linebuf[1000] = '\0';
>>                 PushChatEvent(new CChatEvent(CHAT_NEWLINE, u, u->linebuf));
>>              u->linebuf[0] = '\0';
>>          } 
> 
> Would you mind providing the real patch?

This is the real patch: it adds the same code in two different places.

-- 
        Tim van Erven <[EMAIL PROTECTED]>

_______________________________________________
Licq-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/licq-devel

Reply via email to