pkg/59991: pkg_add: null pointer deref in pkg_add -m parsing

["campbell+netbsd%mumble.net@localhost via gnats" <gnats-admin%NetBSD.org@localhost>]

>Number:         59991
>Category:       pkg
>Synopsis:       pkg_add: null pointer deref in pkg_add -m parsing
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Feb 10 04:25:00 +0000 2026
>Originator:     Taylor R Campbell
>Release:        current, 11
>Organization:
The NetBSD/arch Version Foundacrash, Inc.
>Environment:
>Description:
The pkg_add -m option crashes on null pointer dereference if the input has a slash but then no space.

This is because I accidentally mixed the strchr and strchrnul idioms, and only fixed it in one case, not the other:
        /*
         * If there's no /, treat it as a single MACHINE_ARCH.
         */
        if ((q = strchr(p, '/')) == NULL) {
                *machine_arch = copy;
                *opsys = NULL;
                *os_version = NULL;
        } else {
...
                /*
                 * If there's no SPC, fail.
                 */
                if (*(r = strchr(q, ' ')) == '\0') {
                        goto fail;
                }
>How-To-Repeat:
pkg_add -m 'foo/bar'
>Fix:
The first strchr is good; the second should be

                if ((r = strchr(q, ' ')) == NULL) {
                        goto fail;
                }

(Or, the second should be strchrnul to make the test work, but let's just use strchr for consistency.)