On Sun, 20 May 2007 21:22:44 +0200 Adeodato Simó <[EMAIL PROTECTED]> wrote:
> severity 425300 normal > thanks > > * Jindrich Makovicka [Sun, 20 May 2007 21:09:04 +0200]: > > > Amuleweb does not check if a requested image actually exists. This > > means requests like http://localhost:4711/xyzzy.png (but only if the > > user is logged in) crash the webserver due to a NULL pointer > > dereference. > > Okay, but I'm adjusting the severity of this bug, given that (a) user > must be logged in, and (b) a wrong URL must be provided by hand, which > makes it not happen in the common case. > > > Fix attached. > > Does this fix come from upstream? No, it's been hand crufted right here, but I didn't check their upstream or bug trackers if it is already fixed or not. Regards, -- Jindrich Makovicka
