Affected Version: - Versions through commit in the master branch Platform: - Ubuntu 20.04 Description: - Null pointer dereference in function in in through commit (newer commit after version 28.2) allows remote attackers to cause a Denial of Service via sending a DAAP request to the server. Analysis: - When parsing a DAAP request (pattern: ) with an empty parameter, function calls at and is assigned an empty string. Function calls at and is also an empty string. Therefore, becomes NULL at line 639, and the call to at line 646 causes a NULL pointer dereference. Reproduction method: - Provided in .