Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

segfault / null pointer access in config file parser #550

Closed
hannob opened this issue Sep 25, 2016 · 1 comment · Fixed by #551
Closed

segfault / null pointer access in config file parser #550

hannob opened this issue Sep 25, 2016 · 1 comment · Fixed by #551
Milestone
1.0.0

Comments

@hannob
Copy link
Contributor

hannob commented Sep 25, 2016
edited

Attached file will crash irssi's config file parser. Test:

irssi --config=[path_to_file]

It contains just this string:

settings{core(0

This was found with american fuzzy lop. I've zip'ed the file because github doesn't allow attachments with arbitrary file types.

Here's the stack trace from address sanitizer:

==2681==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000503ce9 sp 0x7ffec32d57b0 bp 0x000000000000 T0)
    #0 0x503ce8 in g_istr_hash /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/core/misc.c:480
    #1 0x7fc8e00c8ee2 in g_hash_table_lookup (/usr/lib64/libglib-2.0.so.0+0x38ee2)
    #2 0x51fbce in settings_check_module /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/core/settings.c:520
    #3 0x4f924c in core_init /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/core/core.c:266
    #4 0x419187 in textui_init /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/fe-text/irssi.c:161
    #5 0x419187 in main /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/fe-text/irssi.c:320
    #6 0x7fc8de2e06ff in __libc_start_main (/lib64/libc.so.6+0x206ff)
    #7 0x41a998 in _start (/usr/bin/irssi+0x41a998)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/core/misc.c:480 g_istr_hash
==2681==ABORTING

irssi-configfile-nullptr.zip
@ailin-nemui ailin-nemui mentioned this issue Sep 25, 2016
Merged
@ailin-nemui
Copy link
Contributor

thanks for the report

@ailin-nemui ailin-nemui mentioned this issue Sep 29, 2016
Closed
@ailin-nemui ailin-nemui added this to the 1.0.0 milestone Jun 26, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.0.0
Development

Successfully merging a pull request may close this issue.

nullptr when doing module backward compat on invalid config ailin-nemui/irssi
2 participants
@hannob @ailin-nemui