From 45dfe2ba3889c5dc23a9bea3214f158cc651a043 Mon Sep 17 00:00:00 2001 From: LemonBoy Date: Thu, 19 Oct 2017 11:17:56 +0200 Subject: [PATCH] Prevent a OOB read when parsing IRCNet ! channels Make sure the string has enough data. Fixes #16 --- src/irc/core/channel-events.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/irc/core/channel-events.c b/src/irc/core/channel-events.c index 6cb9b088..b0bddab2 100644 --- a/src/irc/core/channel-events.c +++ b/src/irc/core/channel-events.c @@ -37,7 +37,7 @@ static void check_join_failure(IRC_SERVER_REC *server, const char *channel) channel++; /* server didn't understand !channels */ chanrec = channel_find(SERVER(server), channel); - if (chanrec == NULL && channel[0] == '!') { + if (chanrec == NULL && channel[0] == '!' && strlen(channel) > 6) { /* it probably replied with the full !channel name, find the channel with the short name.. */ chan2 = g_strdup_printf("!%s", channel+6);