jabber: Don't pass a readonly empty string to imcb_chat_topic()

Fixes crashes when a topic is unset and strip_html is set to always. Turns out that the strip_html() function does a strcpy at the end which may write a single null byte over the null byte of the empty string, and if it's not in writable memory, that blows up. Thanks to iamthemcmaster / mcm for pointing this out
author: dequis <dx@dxzone.com.ar> 2016-10-12 05:07:25 -0300
committer: dequis <dx@dxzone.com.ar> 2016-10-12 05:12:41 -0300
commit: 9698fc0a190f958fa28a8e54b2bfd6ccfdb2aa18 (patch)
tree: 56f3f0df7178fe786122a1d121fcd376a7c296d7
parent: 01d56c0c47f4d4642be4224b43c403918f3d4372 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/protocols/jabber/conference.c b/protocols/jabber/conference.c
index 3a6cff7c..593e4233 100644
--- a/protocols/jabber/conference.c
+++ b/protocols/jabber/conference.c
@@ -465,7 +465,8 @@ void jabber_chat_pkt_message(struct im_connection *ic, struct jabber_buddy *bud,
 	}
 
 	if (subject && chat) {
-		char *subject_text = subject->text_len > 0 ? subject->text : "";
+		char empty[1] = "";
+		char *subject_text = subject->text_len > 0 ? subject->text : empty;
 		if (g_strcmp0(chat->topic, subject_text) != 0) {
 			bare_jid = (bud) ? jabber_get_bare_jid(bud->ext_jid) : NULL;
 			imcb_chat_topic(chat, bare_jid, subject_text,
author	dequis <dx@dxzone.com.ar>	2016-10-12 05:07:25 -0300
committer	dequis <dx@dxzone.com.ar>	2016-10-12 05:12:41 -0300
commit	9698fc0a190f958fa28a8e54b2bfd6ccfdb2aa18 (patch)
tree	56f3f0df7178fe786122a1d121fcd376a7c296d7
parent	01d56c0c47f4d4642be4224b43c403918f3d4372 (diff)