rpms/gaim/FC-6 gaim-2.0.0beta5-cyrus-sasl-crash.patch, NONE, 1.1 gaim.spec, 1.149, 1.150 gaim-2.0.0beta5-cyrus-md5-crash.patch, 1.1, NONE

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Tue Dec 5 19:59:25 UTC 2006 

Author: wtogami

Update of /cvs/dist/rpms/gaim/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv5764

Modified Files:
	gaim.spec 
Added Files:
	gaim-2.0.0beta5-cyrus-sasl-crash.patch 
Removed Files:
	gaim-2.0.0beta5-cyrus-md5-crash.patch 
Log Message:
Jabber SASL Authentication Crash (#217335)


gaim-2.0.0beta5-cyrus-sasl-crash.patch:
 auth.c |   22 +++++++++++++++++-----
 1 files changed, 17 insertions(+), 5 deletions(-)

--- NEW FILE gaim-2.0.0beta5-cyrus-sasl-crash.patch ---
http://svn.sourceforge.net/viewvc/gaim/trunk/libgaim/protocols/jabber/auth.c?r1=17894&r2=17834&view=patch
Revision 17894
Modified Mon Dec 4 12:52:18 2006 UTC (30 hours, 47 minutes ago) by faceprint
File length: 22396 byte(s)
Diff to previous 17867

hopefully fix the jabber crash people are seeing, and plug a small memory leak

Revision 17867
Modified Fri Dec 1 09:47:20 2006 UTC (4 days, 9 hours ago) by thekingant
File length: 22159 byte(s)
Diff to previous 17834 , to selected 17894

Get rid of some silly casting

Revision 17834
Modified Tue Nov 28 06:59:48 2006 UTC (7 days, 12 hours ago) by thekingant
File length: 22181 byte(s)
Diff to previous 17325 , to selected 17894

I don't think these parameters are allowed to be null... it looks like it
can cause crashes.  See Red Hat bug #217335.  Thanks to Nalin Dahyabhai for
pin pointing the cause of the crash.

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=217335

--- trunk/libgaim/protocols/jabber/auth.c	2006/11/28 06:59:48	17834
+++ trunk/libgaim/protocols/jabber/auth.c	2006/12/04 12:52:18	17894
@@ -716,6 +716,7 @@
 
 		js->sasl_state = sasl_client_step(js->sasl, (char*)dec_in, declen,
 						  NULL, &c_out, &clen);
+		g_free(enc_in);
 		g_free(dec_in);
 		if (js->sasl_state != SASL_CONTINUE && js->sasl_state != SASL_OK) {
 			gaim_debug_error("jabber", "Error is %d : %s\n",js->sasl_state,sasl_errdetail(js->sasl));
@@ -740,7 +741,7 @@
 {
 	const char *ns = xmlnode_get_namespace(packet);
 #ifdef HAVE_CYRUS_SASL
-	int *x;
+	const int *x;
 #endif
 
 	if(!ns || strcmp(ns, "urn:ietf:params:xml:ns:xmpp-sasl")) {
@@ -753,18 +754,29 @@
 	 * should try one more round against it
 	 */
 	if (js->sasl_state != SASL_OK) {
+		char *enc_in = xmlnode_get_data(packet);
+		unsigned char *dec_in = NULL;
 		const char *c_out;
 		unsigned int clen;
-		js->sasl_state = sasl_client_step(js->sasl, NULL, 0, NULL, &c_out, &clen);
+		gsize declen = 0;
+
+		if(enc_in != NULL)
+			dec_in = gaim_base64_decode(enc_in, &declen);
+
+		js->sasl_state = sasl_client_step(js->sasl, (char*)dec_in, declen, NULL, &c_out, &clen);
+
+		g_free(enc_in);
+		g_free(dec_in);
+
 		if (js->sasl_state != SASL_OK) {
 			/* This should never happen! */
 			gaim_connection_error(js->gc, _("Invalid response from server."));
 		}
 	}
 	/* If we've negotiated a security layer, we need to enable it */
-	sasl_getprop(js->sasl, SASL_SSF, (const void **)&x);
-	if (*x>0) {
-		sasl_getprop(js->sasl, SASL_MAXOUTBUF, (const void **)&x);
+	sasl_getprop(js->sasl, SASL_SSF, &x);
+	if (*x > 0) {
+		sasl_getprop(js->sasl, SASL_MAXOUTBUF, &x);
 		js->sasl_maxbuf = *x;
 	}
 #endif


Index: gaim.spec
===================================================================
RCS file: /cvs/dist/rpms/gaim/FC-6/gaim.spec,v
retrieving revision 1.149
retrieving revision 1.150
diff -u -r1.149 -r1.150
--- gaim.spec	30 Nov 2006 03:24:34 -0000	1.149
+++ gaim.spec	5 Dec 2006 19:59:23 -0000	1.150
@@ -31,7 +31,7 @@
 
 Name:		gaim
 Version:	2.0.0
-Release:	0.25.%{betaver}%{?dist}
+Release:	0.26.%{betaver}%{?dist}
 License:	GPL
 Group:		Applications/Internet
 URL:		http://gaim.sourceforge.net/
@@ -68,8 +68,8 @@
 Patch111: gaim-2.0.0beta5-debian-11_reread-resolvconf.patch
 
 Patch150: gaim-2.0.0beta5-silc-edit-account-crash.patch
-Patch151: gaim-2.0.0beta5-cyrus-md5-crash.patch
 Patch152: gaim-2.0.0beta5-gtk-filename-blanked.patch
+Patch153: gaim-2.0.0beta5-cyrus-sasl-crash.patch
 
 BuildRoot:	%{_tmppath}/%{name}-%{version}-root
 Summary:	A Gtk+ based multiprotocol instant messaging client
@@ -199,8 +199,8 @@
 %patch111 -p1
 
 %patch150 -p1
-#%patch151 -p1  BROKEN... see Bug #217335
 %patch152 -p1
+%patch153 -p1
 
 # Relabel internal version for support purposes
 sed -i "s/%{version}%{betaver}/%{version}-%{release}/g" configure
@@ -347,14 +347,15 @@
 %{_libdir}/pkgconfig/gnt.pc
 
 %changelog
+* Tue Dec 05 2006 Warren Togami <wtogami at redhat.com> - 2:2.0.0-0.26.beta6
+- Jabber SASL Authentication Crash (#217335)
+
 * Wed Nov 29 2006 Warren Togami <wtogami at redhat.com> - 2:2.0.0-0.25.beta5
 - GTK File dialog blanked fix (#217768)
-- Disable cyrus-sasl-md5 patch, it needs more work
 
 * Tue Nov 28 2006 Warren Togami <wtogami at redhat.com> - 2:2.0.0-0.24.beta5
 - Debian patch 10_text-arrow-keys
 - Debian patch 11_reread-resolvconf
-- Jabber cyrus-sasl-md5 plugin crash (#217335 ari, kingant)
 
 * Sun Nov 26 2006 Warren Togami <wtogami at redhat.com> - 2:2.0.0-0.23.beta5
 - Debian patch 08_jabber-info-crash


--- gaim-2.0.0beta5-cyrus-md5-crash.patch DELETED ---

More information about the fedora-cvs-commits mailing list