src/syncterm/webget.c - Historico da BBS TELESC.NET.BR

BBS:      TELESC.NET.BR
Assunto:  src/syncterm/webget.c
De:       Deuc¨
Data:     Sun, 15 Mar 2026 01:06:05 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/df19ebe9b1d7f15845d53525
Modified Files:
	src/syncterm/webget.c
Log Message:
Fix use-after-free and NULL deref in webget.c

destroy_webget_req() had a copy-paste bug: after freeing req->msg and
req->state, the code set req->uri = NULL both times instead of NULLing
the correct fields.  This left req->msg and req->state as dangling
pointers after free.

Also add a missing NULL check on strdup() in parse_uri().  If it fails,
the next line passes NULL to strchr(), which crashes.  The mutex is held
at this point, so the error path uses set_msg_locked() and unlocks
before jumping to error_return.

Co-Authored-By: Claude Opus 4.6 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]