A server pushing "echo" without arguments can crash the client.
In such a situation, the code in question receives p[1] == NULL
(which was CLEAR(p)'ed above), hands it strncmp, which then
dereferences the null pointer.
Original report and analysis here:
https://bugs.freebsd.org/bugzilla/show_bug.c
Acked-by: Gert Doering
This is obviously correct, and in hindsight a very obvious bug - we
seemed to have focused too much on the documentation aspect of the
commit introducing the bug, and not enough on the code change...
Your patch has been applied to the master and release/2.5 branch.
commit
On Thu, Jun 3, 2021 at 8:32 AM Matthias Andree wrote:
>
> A server pushing "echo" without arguments can crash the client.
> In such a situation, the code in question receives p[1] == NULL
> (which was CLEAR(p)'ed above), hands it strncmp, which then
> dereferences the null pointer.
>
> Original re
