From 6f1635ae4e83e0f0eb676e127f0370e141c9caa0 Mon Sep 17 00:00:00 2001
From: Trygve Aaberge <trygveaa@gmail.com>
Date: Sun, 23 Oct 2022 14:01:41 +0200
Subject: [PATCH] core: Prevent use of uninitialized memory when setting
 invalid color

If a color option value is null and is tried being set to an invalid
color, the value was set to uninitialized memory which can lead to a
segfault.

Can be reproduced with this script:
https://gist.github.com/trygveaa/6ddb3a52f525a7fd8e0908bafa83e07c

The option doesn't have to be set from a script, it also happens with
the /set command.
---
 src/core/wee-config-file.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/core/wee-config-file.c b/src/core/wee-config-file.c
index 297c20b6b..cb7e74721 100644
--- a/src/core/wee-config-file.c
+++ b/src/core/wee-config-file.c
@@ -1480,6 +1480,14 @@ config_file_option_set (struct t_config_option *option, const char *value,
                         else
                             rc = WEECHAT_CONFIG_OPTION_SET_OK_SAME_VALUE;
                     }
+                    else
+                    {
+                        if (old_value_was_null)
+                        {
+                            free (option->value);
+                            option->value = NULL;
+                        }
+                    }
                 }
                 break;
             case CONFIG_NUM_OPTION_TYPES: