Skip to content

Critical: user_exists() NULL Pointer Crash #1

Open
Open
Critical: user_exists() NULL Pointer Crash#1
Labels
bugSomething isn't workingcriticalCritical priority issues requiring immediate attentionmodernizationIssues related to C code modernizationsecuritySecurity vulnerabilities and fixes
@smooge

Description

@smooge
smooge
opened on Sep 19, 2025

Priority: CRITICAL
File: Src/checkX.c
Function: user_exists()
Discovered: During unit testing in test_checkx_isolated.c

Description: Function crashes with segmentation fault when passed a NULL pointer argument.

Reproduction Steps:

  1. Call user_exists(NULL)
  2. Program crashes with segmentation fault
  3. Expected: Should return 0 (FALSE) safely

Impact: Any code that passes unvalidated input to user_exists() will crash the program. This is a security and stability issue.

Proposed Fix: Add NULL pointer check at function start:

int user_exists(char *who) {
    if (who == NULL) {
        return 0;  /* FALSE - NULL user does not exist */
    }
    /* ... existing logic ... */
}

Original Bug ID: BUG-001

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingcriticalCritical priority issues requiring immediate attentionmodernizationIssues related to C code modernizationsecuritySecurity vulnerabilities and fixes

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions