Opened 5 years ago

Closed 4 years ago

#15053 closed patch (fixed)

Fix a double-free in Yahoo profile/picture code

Reported by: mihais Owned by: sulabh.dev
Milestone: 2.10.7 Component: Yahoo!/Yahoo! JAPAN
Version: 2.10.3 Keywords: crash yahoo proxy update profile picture
Cc:

Description (last modified by QuLogic)

Re-fix a double-free in the Yahoo profile/picture code.

User data passed to purple_util_fetch_url/purple_util_fetch_url_request is already freed by the yahoo_got_info/yahoo_fetch_picture_cb callbacks on the error paths. This happens since purple_util_fetch_url_error calls were introduced to purple_util_fetch_url_request by revisions:

86dac605 by 'markdoliner' 03/17/2009
a1ad9ab6 by 'markdoliner' 12/06/2008

History of this issue:

  1. Try to fix the same double-free I'm fixing now with a patch

from downstream Debian:
Revision: viewmtn:7a490c356e10f7fff3432f875897aa0ca0ad1ff0
Date: 05/22/2008 09:01:58 PM

  1. It seems that the previous patch introduced 2 memory leaks, which

are fixed with:
Revision: viewmtn:7a36a9ecbcc902ee89656d5267e613aa1dc0b889
Date: 06/09/2008 12:54:56 AM
and
Revision: viewmtn:c7c882ce933f14ae4b89d4c9782a84accaec53b5
Date: 07/19/2008 12:10:23 AM

  1. Modification in libpurple/util.c reintroduced the double-free:

Revision: viewmtn:a1ad9ab6671970d851852ea29ac86fbd0b43a2f2
Date: 12/06/2008 03:08:20 AM
and
Revision: viewmtn:86dac605e7e7ef1ac36e03862a15ef24ef31d9dc
Date: 03/17/2009 12:56:57 AM

Attachments (1)

ym-double-free.patch (1.4 KB) - added by mihais 5 years ago.

Download all attachments as: .zip

Change History (4)

Changed 5 years ago by mihais

comment:1 Changed 5 years ago by Robby

  • Milestone set to Patches Needing Review

comment:2 Changed 4 years ago by QuLogic

  • Description modified (diff)

comment:3 Changed 4 years ago by Mihai Serban <mihai.serban@…>

  • Milestone changed from Patches Needing Review to 2.10.7
  • Resolution set to fixed
  • Status changed from new to closed

(In [dbf343cd9e05]):
Fix a double-free in Yahoo profile/picture code.

Fixes #15053.

Committer: Elliott Sales de Andrade <qulogic@…>

Note: See TracTickets for help on using tickets.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!