1
0
mirror of https://github.com/profanity-im/profanity.git synced 2024-12-04 14:46:46 -05:00
Go to file
Jan Hacker e87eb4c40e "/bookmark add foo" crash - fix
A user providing an invalid JID when creating a new bookmark (like 'foo')
would reproducibly crash/segfault profanity, as it insists on checking
string length behind the @ of the JID. However, it could be NULL
if the user accidentally omitted it.
The patch avoids the crash by NULL-checking and prevents
getting there in the first place by checking the argument to "add".
Backtrace of unpatched profanity with above command:

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000000
0x00007fff85699732 in strlen ()
(gdb) bt
 #0  0x00007fff85699732 in strlen ()
 #1  0x00000001000965d2 in xmpp_strdup ()
 #2  0x0000000100095d6d in xmpp_stanza_set_attribute ()
 #3  0x0000000100011c5c in _send_bookmarks ()
 #4  0x00000001000115a8 in _bookmark_add ()
 #5  0x000000010003320d in cmd_bookmark ()
 #6  0x000000010002a0f2 in cmd_execute ()
 #7  0x0000000100003a1d in process_input ()
 #8  0x00000001000037c7 in prof_run ()
 #9  0x0000000100045032 in main ()
(gdb)
2014-08-17 22:22:12 +02:00
docs Spelling errors fixed and hyphenation used as minus sign fixed 2014-08-11 18:54:20 +02:00
src "/bookmark add foo" crash - fix 2014-08-17 22:22:12 +02:00
tests Added quote param to autocomplete_complete 2014-07-09 20:23:47 +01:00
themes Updated themes with roommention setting 2014-07-17 00:28:39 +01:00
.gitignore Added push all script to .gitignore 2014-05-12 23:33:14 +01:00
.travis.yml Use public domain SHA1 code, remove libgcrypt dependency 2014-06-01 22:42:10 +01:00
bootstrap.sh Moved config.h to source folder 2012-07-01 14:52:45 +01:00
configure-debug Added message stanza error tests 2014-01-28 23:56:45 +00:00
configure.ac Set to 0.4.4 development 2014-08-09 23:47:23 +01:00
COPYING Added GPL 2012-02-20 20:07:38 +00:00
install-all.sh Added call to ldconfig for opensuse install 2014-08-09 23:06:19 +01:00
Makefile.am Added scripts and profrc.example to dist target 2014-08-04 21:08:56 +01:00
prof.supp Added valgrind suppressions 2014-06-17 22:01:01 +01:00
profanity.spec Set version to 0.5.0 development 2014-05-18 16:29:58 +01:00
profrc.example Added example profrc config 2014-06-29 22:58:33 +01:00
README.md Update README.md 2014-02-23 04:27:14 +00:00
upgrade.sh Removed sudo from cygwin upgrade script 2012-09-09 22:55:28 +01:00

Profanity Build Status

Profanity is a console based XMPP client inspired by Irssi,

alt tag

See the User Guide for information on installing, upgrading and using Profanity.

Homepage: http://www.profanity.im

Mailing List: https://groups.google.com/forum/#!forum/profanitydev