pegasus/weechat
1
0
Fork 0
mirror of https://github.com/weechat/weechat.git synced 2026-06-12 14:14:48 +02:00
Code Activity

api: fix infinite loop in function string_replace when the search string is empty

Browse Source
This commit is contained in:
Sébastien Helleu
2026-06-03 21:15:16 +02:00
parent 398cfc473a
commit 03a6d9306a
3 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+1
View File
@@ -8,6 +8,7 @@
### Fixed
- api: fix infinite loop in function string_replace when the search string is empty
- irc: limit size of data received from the server to prevent memory exhaustion
- relay: limit size of received websocket frame and HTTP body to prevent memory exhaustion
- relay: fix timing attack on password authentication ([GHSA-vhv8-g2r9-cwcc](https://github.com/weechat/weechat/security/advisories/GHSA-vhv8-g2r9-cwcc))
src/core/core-string.c
+3
View File
@@ -1959,6 +1959,9 @@ string_replace (const char *string, const char *search, const char *replace)
if (!string || !search || !replace)
return NULL;
if (!search[0])
return strdup (string);
length1 = strlen (search);
length2 = strlen (replace);
tests/unit/core/test-core-string.cpp
+2
View File
@@ -1452,6 +1452,8 @@ TEST(CoreString, Replace)
WEE_TEST_STR(NULL, string_replace ("string", NULL, "replace"));
WEE_TEST_STR(NULL, string_replace (NULL, "search", "replace"));
WEE_TEST_STR("test abc def", string_replace("test abc def", "", "xxx"));
WEE_TEST_STR("test abc def", string_replace("test abc def", "xyz", "xxx"));
WEE_TEST_STR("test xxx def", string_replace("test abc def", "abc", "xxx"));
WEE_TEST_STR("xxx test xxx def xxx",