Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#10481 closed defect (fixed)

Segfault on 'contact list send' in sim-im

Reported by: nightwing666 Owned by: MarkDoliner
Milestone: 2.6.3 Component: ICQ
Version: 2.6.2 Keywords:
Cc:

Description

When i send contact-list in the sim-im to contact, which uses pidgin, pigdin crushes.

(gdb) handle SIGPIPE nostop noprint
Signal        Stop	Print	Pass to program	Description
SIGPIPE       No	No	Yes		Broken pipe
(gdb) run
Starting program: /usr/bin/pidgin 
[Thread debugging using libthread_db enabled]
[New Thread 0xb7e04750 (LWP 10976)]
[New Thread 0xb70a5b90 (LWP 10979)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb7e04750 (LWP 10976)]
0x4a54a613 in strlen () from /lib/tls/i686/cmov/libc.so.6
(gdb) bt full
#0  0x4a54a613 in strlen () from /lib/tls/i686/cmov/libc.so.6
No symbol table info available.
#1  0x4a5166d8 in vfprintf () from /lib/tls/i686/cmov/libc.so.6
No symbol table info available.
#2  0x4a5d095a in __vasprintf_chk () from /lib/tls/i686/cmov/libc.so.6
No symbol table info available.
#3  0x452a787f in g_vasprintf () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#4  0x452933b6 in g_strdup_printf () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#5  0xb75de8f3 in ?? () from /usr/lib/purple-2/liboscar.so.0
No symbol table info available.
#6  0xb75bf826 in ?? () from /usr/lib/purple-2/liboscar.so.0
No symbol table info available.
#7  0xb75c0a5a in ?? () from /usr/lib/purple-2/liboscar.so.0
No symbol table info available.
#8  0xb75ca6da in ?? () from /usr/lib/purple-2/liboscar.so.0
No symbol table info available.
#9  0x080af173 in ?? ()
No symbol table info available.
#10 0x452a7cbd in ?? () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#11 0x45270528 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
---Type <return> to continue, or q <return> to quit---
No symbol table info available.
#12 0x45273d83 in ?? () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#13 0x4527425a in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#14 0x456567d9 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#15 0x080c9eb0 in main ()
No symbol table info available.

And sim-im show "Input is not proper UTF-8, indicate encoding !Bytes: 0xDD 0xEA 0xF2 0xE0" after that. Ubuntu 9.04 i386.

Change History (5)

comment:1 Changed 7 years ago by markdoliner@…

  • Resolution set to fixed
  • Status changed from new to closed

(In c8d72361e5c9828c476ac5cb94f17584b1f407f9):
* Plucked 781682333aea0c801d280c3507ee25552a60bfc0 (markdoliner@…): Fix a remote-crash bug in ICQ (and probably AIM). It happens when the SIM IM client tries to send us contacts.

Fixes #10481

* Plucked b988b4d536524e124366b7da01b0e8706ac0a099 (markdoliner@…): Don't call aim_src_clientready() until we have activated our feedbag (and also until after we have our bos rights, but I'm not sure if that matters). This fixes the bug where AIM block lists recently stopped working. I imagine AIM permit lists were also broken, as well as the three ICQ privacy lists.

It's conceivable that this will also fix the bug where your contact list is sometimes empty, but I have no evidence to support that either way.

This change will be in the next release of Pidgin, 2.6.3, which will probably be released within the next week.

Thanks to AOL for telling me what we were doing wrong.

Fixes #10489 Fixes #10499 Fixes #10509 Refs #10411

* Plucked e5cd28dabffaedf15ae16dd9dfb64e2c0fe40e8c (darkrain42@…): printf(\"%s\", NULL) when a cert has no CN. Refs #10519.

This is a temporary change to keep it from crashing while not introducing a string change.

* Plucked a98871332460101c6e9638650081c8badad3066b (darkrain42@…): Print that specific message only when there is a CN; otherwise fall back to the error from invalidity_reason_to_string(). Fixes #10519.

Thanks for pointing this out, QuLogic.

comment:2 Changed 7 years ago by markdoliner@…

  • Milestone set to 2.6.3

(In 781682333aea0c801d280c3507ee25552a60bfc0):
Fix a remote-crash bug in ICQ (and probably AIM). It happens when the SIM IM client tries to send us contacts.

Fixes #10481

comment:3 Changed 7 years ago by MarkDoliner

  • Milestone changed from 2.6.3 to 2.6.4

2.6.3 went out as a 2.6.2 plus a few small patches, so most of these tickets are pushed to 2.6.4

comment:4 Changed 7 years ago by MarkDoliner

  • Milestone changed from 2.6.4 to 2.6.3

comment:5 Changed 7 years ago by MarkDoliner

Hi nightwing666. Thanks for letting us know about this! In the future, if you discover security problems like this where a remote user can cause Pidgin to crash, please notify us privately by following the instructions at http://pidgin.im/security/

Also, if you'd like we can mention you at http://pidgin.im/news/security/?id=41, either by your real name or your nickname. Please let me know in either case.

Thanks!

Note: See TracTickets for help on using tickets.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!