Fix segmentation fault on IRC server reply

Review Request #1484 — Created May 28, 2022 and submitted

belgin
pidgin/pidgin
release-2.x.y
PIDGIN-17375
pidgin

When Pidgin received :nick!user@host JOIN #channel from an IRC
server, it worked fine, but when it received
:nick JOIN #channel, it crashed with a segmentation fault.

Tested with a custom IRC server that only sends the nickname. Also tested on Libera Chat.

Summary
Fix segmentation fault on IRC server reply
Description From Last Updated

what happens if the server replies with :nick! JOIN #channel?

grimgrim
grim
  1. 
      
  2. libpurple/protocols/irc/msgs.c (Diff revision 1)
     
     

    what happens if the server replies with :nick! JOIN #channel?

    1. I just tested this.
      On entry in irc_mask_userhost, mask points to the string "nick!".
      The call to strchr returns a pointer to the string "!", which is stored in sep.
      sep is non-NULL so host will point to an empty string "" (a string that contains only the nul string terminator), which gets passed to g_strdup.
      This is similar to the case when sep is NULL, g_strdup just dups an empty string.
      I made it this way because the result of irc_mask_userhost gets g_free'd later.

    2. Awesome. I assumed it was alright, but since you said you can do custom replies and stuff figured it was worth a test ;)

  3. 
      
grim
  1. Ship It!
  2. Great work! Thanks!!

  3. 
      
grim
Review request changed

Status: Closed (submitted)

Loading...