pegasus/weechat
1
0
Fork 0
mirror of https://github.com/weechat/weechat.git synced 2026-06-25 20:36:38 +02:00
Code Activity

core: fix buffer overflow in function utf8_next_char and return NULL for empty string

Browse Source 
Now the function utf8_next_char with an empty string returns NULL instead of
the next char, which is most of the time after an allocated buffer.

And the function utf8_char_size with an empty string now returns 0 instead of
1.

This indirectly fixes a buffer overflow in function eval_string_range_chars
when the input string is empty (for example when doing `/eval -n ${chars:}`).
This commit is contained in:
Sébastien Helleu
2025-05-10 20:40:09 +02:00
parent 6ecd9e66bf
commit d475c16671
12 changed files with 126 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/plugins/trigger/trigger.c
+2 -2
View File
@@ -700,11 +700,11 @@ trigger_regex_split (const char *str_regex,
/* search the delimiter (which can be more than one char) */
pos = weechat_utf8_next_char (ptr_regex);
while (pos[0] && (weechat_string_charcmp (ptr_regex, pos) == 0))
while (pos && pos[0] && (weechat_string_charcmp (ptr_regex, pos) == 0))
{
pos = weechat_utf8_next_char (pos);
}
if (!pos[0])
if (!pos || !pos[0])
goto format_error;
delimiter = weechat_strndup (ptr_regex, pos - ptr_regex);
if (!delimiter)