|Summary||Remote denial of service from corrupt buddy icons|
|Discovered By||Mark Doliner|
|Fixed In Release||2.9.0|
It was found that the gdk-pixbuf GIF image loader routine
gdk_pixbuf__gif_image_load() did not properly handle certain return values
from its subroutines. A remote attacker could provide a specially-crafted GIF
image, which, once opened in Pidgin, would lead gdk-pixbuf to return a partially
initialized pixbuf structure. Using this structure, possibly containing a huge
width and height, could lead to the application being terminated due to
excessive memory use.
Change Pidgin to look at the GError parameter in addition to the return value when calling certain gdk-pixbuf functions.