Jabber Developer a75a06b4a2 Fix(ai): protect AI session state from concurrent access races
cmd_ai_switch() and cmd_ai_clear() mutated session fields (provider_name,
provider, model, api_key, history) on the main thread without coordination,
while _ai_request_thread() read the same fields concurrently in the worker
thread. This caused use-after-free when:

- g_free(session->model) was called between worker's read and g_strdup()
- ai_provider_unref(session->provider) freed the provider struct while
  worker accessed session->provider->api_url
- ai_session_clear_history() freed the history list while worker walked it

Fix:
1. Add pthread_mutex_t lock to AISession struct to protect all session
   fields from concurrent access.

2. Introduce ai_session_switch() public API that atomically switches
   provider, model, and API key under the session lock. This encapsulates
   all session mutations within ai_client.c so cmd_funcs.c never touches
   session fields directly.

3. Have _ai_request_thread() snapshot all session state under the session
   lock before making requests, using local copies for the duration of
   the curl request.

4. Add ai_provider_ref()/ai_provider_unref() around _ai_generic_request_thread()
   to prevent provider UAF during model-fetch requests.

5. Protect ai_session_add_message(), ai_session_clear_history(), and
   ai_session_set_model() with the session lock.

No pthread.h needed in cmd_funcs.c — all locking is encapsulated within
ai_client.c via the public API. No deadlock risk from nested locks.

Files changed:
- src/ai/ai_client.h: Add lock field, ai_session_switch() declaration
- src/ai/ai_client.c: Mutex init/destroy, session mutation protection,
  worker thread snapshot, provider ref management
- src/command/cmd_funcs.c: Use ai_session_switch() API, remove pthread.h
2026-05-11 23:42:24 +00:00
2021-12-24 13:49:07 +01:00
2026-03-04 23:04:51 +03:00
2016-03-09 12:55:57 +01:00
2025-03-11 12:15:09 +01:00
2022-02-01 15:01:28 +01:00
2025-01-28 16:43:13 +01:00
2021-08-26 00:30:55 +00:00
2026-02-18 17:39:25 +01:00
2019-04-24 01:08:38 +02:00
2026-05-06 13:57:13 +00:00
2025-04-10 07:23:35 +02:00
2025-09-01 16:57:10 +02:00
2025-06-20 18:20:47 +00:00
2020-05-21 09:16:18 +02:00

CProof

Build Status

CProof is a console based XMPP chat client based on Profanity.

alt tag

See the Quick Start Guide for information on installing and using CProof.

Project

CProof enables you to communicate with privacy, freedom and comfort. Our open-source chat application delivers secure, end-to-end encrypted messaging (OTR, PGP, OMEMO, OX) built on the trusted XMPP protocol. With a decentralized design, you can connect directly or even host your own server, keeping your data in your hands. Whether you're chatting with friends or collaborating securely, CProof makes private communication simple, reliable, and truly yours.

Installation

Check our installation guide for detailed instructions.

How to contribute

See our Helping Out page for a concise summary of ways to help us.

Review the Contributing Guide and Code Overview pages for advanced technical details.

Getting help

Prior to asking questions, check our User Guide, then check out the FAQ.

If you are still having a problem then search the issue tracker.

As a last resort, feel free to write us on support@jabber.tech or create a new issue depending on what your problem is.

Website

Feel free to visit our website: jabber.space.

You may also check the repository if you like, available on git.jabber.space/devs/profanity.

Plugins

Plugins repository: https://git.jabber.space/devs/cproof-plugins

Description
Mirror of the CProof repository. Used for backward compatibility. Please use https://git.jabber.space/devs/cproof for Issues, Pull Requests and any other interactions.
Readme 38 MiB
Languages
C 95.2%
Python 1.7%
Makefile 0.9%
M4 0.8%
Shell 0.7%
Other 0.6%