FYI: 7e159eaa14b0041fcc3ee5783cd1e4f2d039a1a1 (included in pidgin-2.7.2) is unneeded cruft
yumkam at mail.ru
Tue Aug 3 23:21:09 EDT 2010
Paul Aurich wrote:
> On 2010-08-03 17:35, Yuriy Kaminskiy wrote:
>> This patch had sense only before pidgin-2.5.8 (seems someone was even more slow
>> with pushing patches upstream than me :-)).
>> My patch (included in 2.5.8) fixed this problem in more generic way - now it is
>> impossible to allocate those "big amount of memory", as *before* allocation
>> byte_stream_getstr would check for available buffer size (which was already read
>> from network and allocated [more than once; pidgin is far from being zero-copy
>> design], and so cannot be "large").
>> So no wonder you could not reproduce this issue (it *was* very real [with
>> security implications] issue before, but already fixed [in different way] long
>> time ago).
> Sadly, this is incorrect. There were at least two people who reported
> intermittent (unreproducible-ish) crashes in this area in post-2.5.8
> code (I'm uncertain on versions, but I know at least one of those MUST
> have been using 2.6.0+).
Then this problem is NOT with length (or at least, not in way this patch could
solve), and this patch hided real issue at best, and very likely did nothing at
all [more discussion moved elsewhere].
More information about the Devel