segfault / null pointer access in config file parser #550

hannob opened this Issue Sep 25, 2016 · 1 comment


None yet
2 participants

hannob commented Sep 25, 2016

Attached file will crash irssi's config file parser. Test:

irssi --config=[path_to_file]

It contains just this string:


This was found with american fuzzy lop. I've zip'ed the file because github doesn't allow attachments with arbitrary file types.

Here's the stack trace from address sanitizer:

==2681==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000503ce9 sp 0x7ffec32d57b0 bp 0x000000000000 T0)
    #0 0x503ce8 in g_istr_hash /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/core/misc.c:480
    #1 0x7fc8e00c8ee2 in g_hash_table_lookup (/usr/lib64/
    #2 0x51fbce in settings_check_module /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/core/settings.c:520
    #3 0x4f924c in core_init /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/core/core.c:266
    #4 0x419187 in textui_init /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/fe-text/irssi.c:161
    #5 0x419187 in main /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/fe-text/irssi.c:320
    #6 0x7fc8de2e06ff in __libc_start_main (/lib64/
    #7 0x41a998 in _start (/usr/bin/irssi+0x41a998)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /var/tmp/portage/net-irc/irssi-0.8.20/work/irssi-0.8.20/src/core/misc.c:480 g_istr_hash


This comment has been minimized.

Show comment
Hide comment

ailin-nemui Sep 25, 2016


thanks for the report


ailin-nemui commented Sep 25, 2016

thanks for the report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment