#23 irc_disconnect causes segmentation fault

open
nobody
None
5
2014-04-07
2014-04-07
Pietro
No

irc_disconnect causes a segmentation fault when called from inside a callback.
This is probably because irc_process_select_descriptors does not expect a negative value at line 891

if ( FD_ISSET (session->sock, out_set) )

FD_ISSET can expand to an expression that tries to access memory out of bounds if session->sock is negative, the value of session->sock is checked at the beginning of the function but an user-defined callback can cause it to change if irc_disconnect is called.

A quick fix would be to check it again right after the callback has been executed.

if ( session->sock >= 0 && FD_ISSET (session->sock, out_set) )

Discussion

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks