purple_parse_oncoming() passes NULL pointer to printf()

[clh]

In libpurple/protocols/oscar/oscar.c there are two places where a NULL pointer can be passed to purple_debug_info() and ultimately a printf variant:

  1456          message = (info->status && info->status_len > 0)
  1457                          ? oscar_encoding_to_utf8(info->status_encoding, info->status, info->status_len)
  1458                          : NULL;

  1464                          itmsurl = (info->itmsurl_len > 0) ? oscar_encoding_to_utf8(info->itmsurl_encoding, info->itmsurl, info->itmsurl_len) : NULL;

Both itmsurl and message are passed as character pointers to purple_debug_info() and ultimately to a printf variant:

  1468                  purple_debug_info("oscar", "Activating status '%s' for buddy %s, message = '%s', itmsurl = '%s'\n", status_id, info->bn, message, itmsurl);

  1471                  purple_debug_info("oscar", "Activating status '%s' for buddy %s, message = '%s'\n", status_id, info->bn, message);

This diff fixes these places:

--- libpurple/protocols/oscar/oscar.c.old       Tue Jun  7 10:44:41 2011
+++ libpurple/protocols/oscar/oscar.c   Wed Jun 15 16:30:19 2011
@@ -1465,10 +1465,10 @@
                } else if (previous_status != NULL && purple_status_is_available(previous_status)) {
                        itmsurl = g_strdup(purple_status_get_attr_string(previous_status, "itmsurl"));
                }
-               purple_debug_info("oscar", "Activating status '%s' for buddy %s, message = '%s', itmsurl = '%s'\n", status_id, info->bn, message, itmsurl);
+               purple_debug_info("oscar", "Activating status '%s' for buddy %s, message = '%s', itmsurl = '%s'\n", status_id, info->bn, message ? message : "", itmsurl ? itmsurl : "");
                purple_prpl_got_user_status(account, info->bn, status_id, "message", message, "itmsurl", itmsurl, NULL);
        } else {
-               purple_debug_info("oscar", "Activating status '%s' for buddy %s, message = '%s'\n", status_id, info->bn, message);
+               purple_debug_info("oscar", "Activating status '%s' for buddy %s, message = '%s'\n", status_id, info->bn, message ? message : "");
                purple_prpl_got_user_status(account, info->bn, status_id, "message", message, NULL);
        }

[clh]

Hmm, hold that one, the patch seems to break pidgin.

[clh]

Fixed patch, original version was very broken.

[darkrain42]

It really needs to be "(null)", but otherwise is fine.

[darkrain42@…]

(In [d4ad4dcf4f618793c9201ace11269bac63645d69]):
oscar: Avoid a few printf("%s", NULL)s

Thanks to clh and dustin. Fixes #14295, #14297.

[darkrain42@…]

(In [1e3728083b5ef50e0df8972a39da09a1ddea8417]):
oscar: ...fix the *right* line this time.

Refs #14297

[markdoliner@…]

(In [7b9efa594d3a94f77d00a96bbeda2a71a48e8616]):
applied changes from 00c6d11a264a02d1aaa23feb52eab5ca46e655c8

through d4ad4dcf4f618793c9201ace11269bac63645d69

Original commit message: oscar: Avoid a few printf("%s", NULL)s

Thanks to clh and dustin. Fixes #14295, #14297.

[markdoliner@…]

(In [33261adfe3a390ba3d8545224305846861682c7c]):
applied changes from d4ad4dcf4f618793c9201ace11269bac63645d69

through 1e3728083b5ef50e0df8972a39da09a1ddea8417

Original commit message: oscar: ...fix the *right* line this time.

Refs #14297