Opened 11 years ago

Closed 11 years ago

Last modified 11 years ago

#5219 closed defect

oscar_normalize crashes when normalize string

Reported by: emilal Owned by: lschiere
Milestone: Component: unclassified
Version: 2.4.0 Keywords: Oscar crashes
Cc:

Description

Oscar oscar_normalize crashes when using null string:

#0  0x004f6de0 in strcpy () from /lib/tls/libc.so.6
No symbol table info available.
#1  0x0074e030 in oscar_normalize (account=0x877bcd0, str=0x877b37c "dar�apia@hotmail") at oscar.c:6644
        buf = "dar�apia@hotmail\000m\000\000l.com", '\0' <repeats 2021 times>
        tmp1 = 0x87de5d8 "dar�apia@hotmail"
        tmp2 = 0x0
        i = 17
        j = 17
        __PRETTY_FUNCTION__ = "oscar_normalize"
#2  0x006c4b6d in purple_normalize (account=0x877bcd0, str=0x877b37c "dar�apia@hotmail") at util.c:3037
        prpl_info = (PurplePluginProtocolInfo *) 0x7b0540
        prpl = (PurplePlugin *) 0x8753bf0
        ret = 0x0
        buf = '\0' <repeats 2047 times>
#3  0x0066aa8d in purple_accounts_find (name=0x877b37c "dar�apia@hotmail", protocol_id=0x87de5c4 "prpl-msn") at account.c:2603
        account = (PurpleAccount *) 0x877bcd0
        l = (GList *) 0x877c140
        who = 0x87de5d8 "dar�apia@hotmail"
        __PRETTY_FUNCTION__ = "purple_accounts_find"

Change History (7)

comment:1 Changed 11 years ago by datallah

  • pending changed from 0 to 1

The problem is that a non-utf8 string is being passed to g_utf8_normalize(), so it returns NULL. It shouldn't ever happen that a non-utf8 string would get that far - is this with pidgin or another libpurple client? Where does that string come from? What does the rest of the backtrace look like?

comment:2 Changed 11 years ago by emilal

  • pending changed from 1 to 0

Try to put inside the name (Oscar) some special character - for example euro sign - and wou will be able to reproduce the crash. This string is comming from mobile emulator.

comment:3 Changed 11 years ago by datallah

  • pending changed from 0 to 1

Right... i can see *why* it is happening, what isn't clear is how that character is getting there. If it is coming from the server somehow or from the UI, it should be UTF-8 by the time it gets to the validate function.

The bug is elsewhere, which is why I'm asking about the origin of the string.

comment:4 Changed 11 years ago by trac-robot

  • pending changed from 1 to 0
  • Status changed from new to closed

This ticket was closed automatically by the system. It was previously set to a Pending status and hasn't been updated within 14 days.

comment:5 Changed 11 years ago by emilal

Still crushes in 2.4.3:

#1 0x00864f02 in oscar_normalize (account=0x98f22a0, str=0xb40a66c "abcdi") at oscar.c:6636

buf = "abcdi\00013\0004\000e\000\000m\000mail.com\000ail.e15a4f39\000d", '\0' <repeats 2007 times> tmp1 = 0xb0d6230 "abcdi" tmp2 = 0x0 i = 6 j = 6 PRETTY_FUNCTION = "oscar_normalize"

#2 0x007d7a21 in purple_normalize (account=0x98f22a0, str=0xb40a66c "abcdi") at util.c:3037

prpl_info = (PurplePluginProtocolInfo? *) 0x8c6b60 prpl = (PurplePlugin? *) 0x98c7c68 ret = 0x0 buf = "524936786\0004\000\000@…\000m\000m\000E15A4F39\000D", '\0' <repeats 2007 times>

#3 0x0077d860 in purple_accounts_find (name=0xb40a66c "abcdi", protocol_id=0xb866cc4 "prpl-qq") at account.c:2642

account = (PurpleAccount? *) 0x98f22a0 l = (GList *) 0x9906360 who = 0xb309fe8 "" PRETTY_FUNCTION = "purple_accounts_find"

comment:6 Changed 11 years ago by emilal

Please replace with following code to dissable non UTF NULL string:

oscar_normalize(const PurpleAccount? *account, const char *str) {

static char buf[BUF_LEN]; char *tmp1, *tmp2; int i, j;

g_return_val_if_fail(str != NULL, NULL);

/* copy str to buf and skip all blanks */ for (i=0, j=0; str[j] && i < BUF_LEN - 1; i++, j++) {

while (str[j] == ' ')

j++;

buf[i] = str[j];

} buf[i] = '\0';

tmp1 = g_utf8_strdown(buf, -1); tmp2 = g_utf8_normalize(tmp1, -1, G_NORMALIZE_DEFAULT); strcpy(buf, tmp2 != NULL:tmp2, tmp1); g_free(tmp2); g_free(tmp1);

return buf;

}

comment:7 Changed 11 years ago by emilal

Sorry, sintax error, that is the proper line to replace:

strcpy(buf, tmp2 != NULL ? tmp2 : tmp1);

Note: See TracTickets for help on using tickets.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!