pegasus/weechat
1
0
Fork 0
mirror of https://github.com/weechat/weechat.git synced 2026-06-27 21:36:37 +02:00
Code Activity

core: fix buffer overflow in function utf8_next_char and return NULL for empty string

Browse Source 
Now the function utf8_next_char with an empty string returns NULL instead of
the next char, which is most of the time after an allocated buffer.

And the function utf8_char_size with an empty string now returns 0 instead of
1.

This indirectly fixes a buffer overflow in function eval_string_range_chars
when the input string is empty (for example when doing `/eval -n ${chars:}`).
This commit is contained in:
Sébastien Helleu
2025-05-10 20:40:09 +02:00
parent 6ecd9e66bf
commit d475c16671
12 changed files with 126 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/plugins/irc/irc-message.c
+2 -2
View File
@@ -1079,12 +1079,12 @@ irc_message_split_string (struct t_irc_message_split_context *context,
pos = arguments;
pos_max = pos + max_length;
pos_last_delim = NULL;
while (pos[0])
while (pos && pos[0])
{
if (pos[0] == delimiter)
pos_last_delim = pos;
pos_next = weechat_utf8_next_char (pos);
if (pos_next > pos_max)
if (!pos_next || (pos_next > pos_max))
break;
pos = pos_next;
}