Fix segmentation fault on IRC server reply

Review Request #1484 — Created May 28, 2022 and submitted

Information

pidgin/pidgin
release-2.x.y

Reviewers

When Pidgin received :nick!user@host JOIN #channel from an IRC
server, it worked fine, but when it received
:nick JOIN #channel, it crashed with a segmentation fault.

Tested with a custom IRC server that only sends the nickname. Also tested on Libera Chat.

Summary ID
Fix segmentation fault on IRC server reply
When Pidgin received ":nick!user@host JOIN #channel" from an IRC server, it worked fine, but when it received ":nick JOIN #channel", it crashed with a segmentation fault.
7341ec362a563762dd25507b21dca3477447d8c8
Description From Last Updated

what happens if the server replies with :nick! JOIN #channel?

grimgrim
grim
  1. 
      
  2. libpurple/protocols/irc/msgs.c (Diff revision 1)
     
     
    Show all issues

    what happens if the server replies with :nick! JOIN #channel?

    1. I just tested this.
      On entry in irc_mask_userhost, mask points to the string "nick!".
      The call to strchr returns a pointer to the string "!", which is stored in sep.
      sep is non-NULL so host will point to an empty string "" (a string that contains only the nul string terminator), which gets passed to g_strdup.
      This is similar to the case when sep is NULL, g_strdup just dups an empty string.
      I made it this way because the result of irc_mask_userhost gets g_free'd later.

    2. Awesome. I assumed it was alright, but since you said you can do custom replies and stuff figured it was worth a test ;)

  3. 
      
grim
  1. Ship It!
  2. Great work! Thanks!!

  3. 
      
grim
Review request changed
Status:
Completed