Closed xdp0 closed 7 years ago
I believe we should replace libtidy with something.
Psi+ plugin does not work at all with OTR from Pidgin.
No, it works. Right now I am using it, it shows me that conversation is encrypted and verified. Maybe in fact it does not work on the wire, I do not know.
Bug is really annoying and it is critical vulnerability I think. It can also crash even without OTR. That's why I want to ask: is there a temporary workaround for it? Maybe I need to disable some option in my Psi+, maybe my companion has to disable something in his Pidgin? It is REALLY annoying to get crashes and to restart client & conversations.
Try to disable this option: http://pix.academ.info/img/2016/11/01/0ad99eb5e5f1c58e7ae4e8945ba49975.png
Already disabled. Maybe disable something in Pidgin too?
Do you use http upload plugin? Problem may be related with recent changes in processing of chat messages. But I haven't looked at code yet.
No, I do not use it.
Just tried OTR between pidgin and psi+ on Gentoo Linux and it works good regardless of formatting of messages
Psi+ version is the same? Try it on Windows (I am using Windows 10). Try to copy & paste something in Pidgin chat window.
So we need
OS Windows 8.1, Psi+ v0.16.568.607-webkit (31-10-2016) (OTR 1.0.2) with Pidgin 2.11.0 (libpurple 2.11.0) (OTR 4.0.2) works perfectly
OS Windows 10 x64, Psi+ v0.16.563.582-webkit (22-08-2016) (OTR 1.0.2) with Pidgin 2.11.0 (libpurple 2.11.0) (OTR 4.0.2) on Windows 7 x64 crashes. To get it crashed, just start private conversation and copy something (for example, hyperlink) in the Pidgin chat window and send. Crash context (CPU, registers and stack): http://take.ms/T2NHE Call stack (I know it's not OK because StackWalk64 does not work OK): http://take.ms/OQEUs
Still unreproducible? Maybe some more info? Caught that with Gajim with OTR too.
Yes, really it crashes when psi+ received multi-line message (win32)
Fixed
Hello. To reproduce that bug you must follow next steps:
Psi+ version: v0.16.563.582-webkit (22-08-2016)