Opened 4 weeks ago

Last modified 4 weeks ago

#17375 new defect

"Segmentation Fault" on IRC server reply

Reported by: villain Owned by: elb
Milestone: Component: IRC
Version: 2.12.0 Keywords:
Cc:

Description

version: Pidgin 2.12.0 (libpurple 2.12.0)

OS: Ubuntu 18.04

The problem:

Pidgin works correctly if server sends ":nick!user@host JOIN #channel", but it crashes with "Segmentation Fault" if server sends ":nick JOIN #channel".

Other IRC clients (hexchat, weechat) handle this message correctly and don't crash.

Core was generated by `pidgin -d'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:62
62      ../sysdeps/x86_64/multiarch/strlen-avx2.S: No such file or directory.
[Current thread is 1 (Thread 0x7fc7f66f4f00 (LWP 14865))]
(gdb) bt full
#0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:62
No locals.
#1  0x00007fc7f3c7c3a3 in g_strdup () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#2  0x00007fc7e22b3f8b in irc_mask_userhost (mask=0x555e6f38a8f0 "crash") at ././libpurple/protocols/irc/msgs.c:74
No locals.
#3  irc_msg_join (irc=0x555e6ff9f5d0, name=<optimized out>, from=0x555e6f38a8f0 "crash", args=0x555e7010c5b0) at ././libpurple/protocols/irc/msgs.c:993
        gc = <optimized out>
        convo = 0x555e6f775b90
        chat = <optimized out>
        cb = <optimized out>
        nick = 0x555e700a9450 "crash"
        userhost = <optimized out>
        buf = <optimized out>
        ib = <optimized out>
        id = 3
        __func__ = "irc_msg_join"
#4  0x00007fc7e22b6cfb in irc_parse_msg (irc=irc@entry=0x555e6ff9f5d0, input=<optimized out>, input@entry=0x555e6ff744e0 ":crash JOIN #contacts") at ././libpurple/protocols/irc/parse.c:778
        msgent = 0x7fc7e24bdf60 <_irc_msgs+1856>
        cur = <optimized out>
        end = <optimized out>
        tmp = 0x555e6f38a8f0 "crash"
        from = 0x555e6f68de00 "crash"
        msgname = <optimized out>
        fmt = 0x7fc7e22b8479 ":"
        args = 0x555e7010c5b0
        msg = <optimized out>
        i = <optimized out>
        gc = <optimized out>
        fmt_valid = <optimized out>
        args_cnt = <optimized out>
#5  0x00007fc7e22afd42 in read_input (irc=0x555e6ff9f5d0, len=<optimized out>) at ././libpurple/protocols/irc/irc.c:660
        step = <optimized out>
        cur = 0x555e6ff744e0 ":crash JOIN #contacts"
        end = 0x555e6ff744f5 ""
#6  0x0000555e6e1f755e in pidgin_io_invoke (source=<optimized out>, condition=<optimized out>, data=0x555e6ffa17b0) at ././pidgin/gtkeventloop.c:73
        closure = 0x555e6ffa17b0
        purple_cond = PURPLE_INPUT_READ
#7  0x00007fc7f3c5d1f5 in g_main_context_dispatch () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#8  0x00007fc7f3c5d5c0 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#9  0x00007fc7f3c5d8d2 in g_main_loop_run () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#10 0x00007fc7f4f13a37 in gtk_main () from /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
No symbol table info available.
#11 0x0000555e6e1bd8a3 in main (argc=<optimized out>, argv=<optimized out>) at ././pidgin/gtkmain.c:938
        opt_force_online = 0
        opt_help = <optimized out>
        opt_login = 0
        opt_nologin = 0
        opt_version = <optimized out>
        opt_si = <optimized out>
        opt_config_dir_arg = <optimized out>
        opt_login_arg = <optimized out>
        opt_session_arg = <optimized out>
        search_path = <optimized out>
        accounts = <optimized out>
        sig_indx = 1
        sigset = {__val = {90118, 0 <repeats 15 times>}}
        errmsg = '\000' <repeats 601 times>...
        signal_channel = <optimized out>
        signal_status = <optimized out>
        signal_channel_watcher = 1
        segfault_message_tmp = <optimized out>
        error = 0x0
        opt = <optimized out>
        gui_check = <optimized out>
        debug_enabled = <optimized out>
        migration_failed = 0
        active_accounts = <optimized out>
        long_options = {{name = 0x555e6e25a851 "config", has_arg = 1, flag = 0x0, val = 99}, {name = 0x555e6e248b79 "debug", has_arg = 0, flag = 0x0, val = 100}, {name = 0x555e6e2567e2 "force-online", has_arg = 0, flag = 0x0, val = 102}, {name = 0x555e6e24a69b "help", 
            has_arg = 0, flag = 0x0, val = 104}, {name = 0x555e6e25668e "login", has_arg = 2, flag = 0x0, val = 108}, {name = 0x555e6e2567ef "multiple", has_arg = 0, flag = 0x0, val = 109}, {name = 0x555e6e2567f8 "nologin", has_arg = 0, flag = 0x0, val = 110}, {
            name = 0x555e6e25a847 "session", has_arg = 1, flag = 0x0, val = 115}, {name = 0x555e6e24cebd "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x555e6e25a85a "display", has_arg = 1, flag = 0x0, val = 68}, {name = 0x555e6e25731a "sync", has_arg = 0, 
            flag = 0x0, val = 83}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}}

Change History (2)

comment:1 Changed 4 weeks ago by elb

Can you test this patch?

diff -r 0489ab8d3802 libpurple/protocols/irc/msgs.c
--- a/libpurple/protocols/irc/msgs.c	Tue Nov 20 23:45:25 2018 -0600
+++ b/libpurple/protocols/irc/msgs.c	Wed Jan 16 08:57:54 2019 -0500
@@ -71,7 +71,13 @@
 
 static char *irc_mask_userhost(const char *mask)
 {
-	return g_strdup(strchr(mask, '!') + 1);
+	char *bang = strchr(mask, '!');
+
+	if (!bang) {
+		return NULL;
+	} else {
+		return g_strdup(bang + 1);
+	}
 }
 
 static void irc_chat_remove_buddy(PurpleConversation *convo, char *data[2])

comment:2 Changed 4 weeks ago by villain

I use pidgin from Ubuntu repositories, not built from source.

Note: See TracTickets for help on using tickets.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!