|Summary||Remote crash in IRC protocol plugin|
|Discovered By||Djego Ibanez, Lead QA at Gamistry|
|Fixed In Release||2.10.0|
Certain characters in the nicknames of IRC users can trigger a null pointer dereference in the IRC protocol plugin’s handling of responses to WHO requests. This can cause a crash on some operating systems. Clients based on libpurple 2.8.0 through 2.9.0 are affected.
Change libpurple to validate the data it receives from the server before attempting to use it.