1
0
mirror of https://github.com/profanity-im/profanity.git synced 2024-09-29 19:56:07 -04:00
profanity/src
Jan Hacker e87eb4c40e "/bookmark add foo" crash - fix
A user providing an invalid JID when creating a new bookmark (like 'foo')
would reproducibly crash/segfault profanity, as it insists on checking
string length behind the @ of the JID. However, it could be NULL
if the user accidentally omitted it.
The patch avoids the crash by NULL-checking and prevents
getting there in the first place by checking the argument to "add".
Backtrace of unpatched profanity with above command:

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000000
0x00007fff85699732 in strlen ()
(gdb) bt
 #0  0x00007fff85699732 in strlen ()
 #1  0x00000001000965d2 in xmpp_strdup ()
 #2  0x0000000100095d6d in xmpp_stanza_set_attribute ()
 #3  0x0000000100011c5c in _send_bookmarks ()
 #4  0x00000001000115a8 in _bookmark_add ()
 #5  0x000000010003320d in cmd_bookmark ()
 #6  0x000000010002a0f2 in cmd_execute ()
 #7  0x0000000100003a1d in process_input ()
 #8  0x00000001000037c7 in prof_run ()
 #9  0x0000000100045032 in main ()
(gdb)
2014-08-17 22:22:12 +02:00
..
command "/bookmark add foo" crash - fix 2014-08-17 22:22:12 +02:00
config Enable splash logo by default 2014-08-09 19:00:59 +01:00
otr Spelling errors fixed and hyphenation used as minus sign fixed 2014-08-11 18:54:20 +02:00
tools Finished chat room nick autocomplete 2014-07-15 21:30:23 +01:00
ui Escape open bracket at start of OSX notification messages 2014-08-04 22:01:03 +01:00
xmpp "/bookmark add foo" crash - fix 2014-08-17 22:22:12 +02:00
chat_session.c Fixed cppcheck warnings 2014-04-26 00:36:36 +01:00
chat_session.h Fixed cppcheck warnings 2014-04-26 00:36:36 +01:00
common.c Renamed generate_unique_id -> create_unique_id 2014-06-15 21:49:34 +01:00
common.h Renamed generate_unique_id -> create_unique_id 2014-06-15 21:49:34 +01:00
contact.c Use g_list_free() when finding resource availability 2014-06-24 23:08:35 +01:00
contact.h Updated copyright 2014-03-09 01:18:19 +00:00
jid.c Fixed cppcheck warnings 2014-04-26 00:36:36 +01:00
jid.h Fixed cppcheck warnings 2014-04-26 00:36:36 +01:00
log.c Fixed memleak in chat log history 2014-06-27 00:38:53 +01:00
log.h Fixed memleak in chat log history 2014-06-27 00:38:53 +01:00
main.c Fix notification support check for cygwin 2014-08-10 01:20:42 +01:00
muc.c Added ": " after nick autocomplete when start of message 2014-07-15 23:52:08 +01:00
muc.h Save chat room message prefix for autocomplete 2014-07-15 22:46:29 +01:00
profanity.c Spelling errors fixed and hyphenation used as minus sign fixed 2014-08-11 18:54:20 +02:00
profanity.h Updated copyright 2014-03-09 01:18:19 +00:00
resource.c Updated copyright 2014-03-09 01:18:19 +00:00
resource.h Updated copyright 2014-03-09 01:18:19 +00:00
roster_list.c Added quote param to autocomplete_complete 2014-07-09 20:23:47 +01:00
roster_list.h Updated copyright 2014-03-09 01:18:19 +00:00
server_events.c Added deallocation function for string prefs, added otr policy enum 2014-06-18 00:32:36 +01:00
server_events.h Chat room windows now created only after successful join 2014-04-21 00:37:04 +01:00