...
 
Commits (1)
  • Rob Swindell's avatar
    Fix null pointer deref (crash) in new_user() when "client" object is invalid · b11d34b0
    Rob Swindell authored
    When system.new_user() was called but the current "client" object is uninitialized (e.g. has NULL protocol, host or IP address fields because there is no active client, e.g. because is was called from a timed event with active user online) - this code would dereference a NULL pointer and crash the b0rad. Reported by Mortifis.
    b11d34b0
......@@ -1701,9 +1701,12 @@ js_new_user(JSContext *cx, uintN argc, jsval *arglist)
}
}
if(client!=NULL) {
SAFECOPY(user.modem,client->protocol);
SAFECOPY(user.comp,client->host);
SAFECOPY(user.ipaddr,client->addr);
if(client->protocol != NULL)
SAFECOPY(user.modem,client->protocol);
if(client->host != NULL)
SAFECOPY(user.comp,client->host);
if(client->addr != NULL)
SAFECOPY(user.ipaddr,client->addr);
}
user.sex=' ';
......