[Pidgin] #14518: Segfault with misplaced 366 ("End of /NAMES list") message
Pidgin
trac at pidgin.im
Tue Aug 16 10:47:13 EDT 2011
#14518: Segfault with misplaced 366 ("End of /NAMES list") message
--------------------+-------------------------------------------------------
Reporter: udp | Owner: elb
Type: defect | Status: new
Component: IRC | Version: 2.9.0
Keywords: |
--------------------+-------------------------------------------------------
If a misbehaving IRC server sends 366 ("End of /NAMES list") without
sending any names and when Pidgin isn't expecting it (ie. IRC_NAMES_FLAG
isn't set), a NULL irc->names will be dereferenced anyway, causing a
segmentation fault :-
Program received signal SIGSEGV, Segmentation fault.
0x00007fffe9721d2a in irc_msg_names (irc=0xdcc9b0, name=0x7fffe972726d
"366", from=0xec58f0 "Bridge",
args=0xebd2b0) at msgs.c:594
594 while (*cur) {
#0 0x00007fffe9721d2a in irc_msg_names (irc=0xdcc9b0, name=0x7fffe972726d
"366", from=0xec58f0 "Bridge",
args=0xebd2b0) at msgs.c:594
#1 0x00007fffe9726068 in irc_parse_msg (irc=0xdcc9b0,
input=0xe640d0 ":Bridge 366 Jamie #EDS_Lounge :End of /NAMES list") at
parse.c:737
#2 0x00007fffe971eab5 in read_input (irc=0xdcc9b0, len=51) at irc.c:655
#3 0x00007fffe971ee7f in irc_input_cb (data=0xdcc8e0, source=12,
cond=PURPLE_INPUT_READ) at irc.c:734
#4 0x000000000047b9e2 in pidgin_io_invoke (source=0xdcc7e0,
condition=G_IO_IN, data=0xdcef80)
at gtkeventloop.c:73
#5 0x00007ffff35ac29d in g_main_context_dispatch () from
/usr/lib/libglib-2.0.so.0
#6 0x00007ffff35aca78 in ?? () from /usr/lib/libglib-2.0.so.0
#7 0x00007ffff35ad0ba in g_main_loop_run () from
/usr/lib/libglib-2.0.so.0
#8 0x00007ffff5eaa1a7 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#9 0x000000000049c76c in main (argc=1, argv=0x7fffffffe868) at
gtkmain.c:934
--
Ticket URL: <http://developer.pidgin.im/ticket/14518>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list