The function will return null and crash. If the first parameter is null and the second parameter is a long string, it is possible to overwrite the EIP and execute arbitrary code without privileges elevation.
Vendor Status: "As far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC. The author of the report indicates that any malicious software on your computer can modify your mIRC settings to cause mIRC to crash. But if you have malicious software on your computer, you've already compromised your security..."
This PoC it's for XP SP2 English
Special thanks to Racy from irc-hispano