[irc.git] / software / RELEASES / ircservices / achurch.org / services / lists / ircservices / 2003 / 003931.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
 <HEAD>
   <TITLE> [IRCServices] Possible bug
   </TITLE>
   <LINK REL="Index" HREF="index.html" >
   <LINK REL="made" HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Possible%20bug&In-Reply-To=3e3b2887.16724%40mail.achurch.org">
   <META NAME="robots" CONTENT="index,nofollow">
   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
   <LINK REL="Previous"  HREF="003533.html">
   <LINK REL="Next"  HREF="003535.html">
 </HEAD>
 <BODY BGCOLOR="#ffffff">
   <H1>[IRCServices] Possible bug</H1>
    <B>Gastaman</B> 
    <A HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Possible%20bug&In-Reply-To=3e3b2887.16724%40mail.achurch.org"
       TITLE="[IRCServices] Possible bug">gastaman at azzurra.org
       </A><BR>
    <I>Fri Jan 31 18:20:49 PST 2003</I>
    <P><UL>
        <LI>Previous message: <A HREF="003533.html">[IRCServices] Possible bug
</A></li>
        <LI>Next message: <A HREF="003535.html">[IRCServices] Services 5.0.9 released
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#3931">[ date ]</a>
              <a href="thread.html#3931">[ thread ]</a>
              <a href="subject.html#3931">[ subject ]</a>
              <a href="author.html#3931">[ author ]</a>
         </LI>
       </UL>
    <HR>  
<!--beginarticle-->
<PRE>It was 10:25 2003/02/01 +0900 when Andrew Church came up with:
&gt;<i>      I don't see how this could be &quot;exploited&quot; in the 
</I>&gt;<i> ordinary sense of the
</I>&gt;<i>word, but it can lead to desynchs.  Thanks for pointing the 
</I>&gt;<i>problem out.
</I>
That depends on how paranoic you have
been in your coding... if you forgot to check
for the validity of an arguments processed
by the various functions in messages.c,
maybe among those who are not supposed to
be ever NULL (the parameter for +k for example,
the ircd will never propagate a +k without
a valid key) then it can be exploited to
crash services via normal commands.


</PRE>

<!--endarticle-->
    <HR>
    <P><UL>
        <!--threads-->
	<LI>Previous message: <A HREF="003533.html">[IRCServices] Possible bug
</A></li>
	<LI>Next message: <A HREF="003535.html">[IRCServices] Services 5.0.9 released
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#3931">[ date ]</a>
              <a href="thread.html#3931">[ thread ]</a>
              <a href="subject.html#3931">[ subject ]</a>
              <a href="author.html#3931">[ author ]</a>
         </LI>
       </UL>

</body></html>
Commit	Line	Data
3bd189cb JR	1	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
	2	<HTML>
	3	<HEAD>
	4	<TITLE> [IRCServices] Possible bug
	5	</TITLE>
	6	<LINK REL="Index" HREF="index.html" >
	7	<LINK REL="made" HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Possible%20bug&In-Reply-To=3e3b2887.16724%40mail.achurch.org">
	8	<META NAME="robots" CONTENT="index,nofollow">
	9	<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
	10	<LINK REL="Previous" HREF="003533.html">
	11	<LINK REL="Next" HREF="003535.html">
	12	</HEAD>
	13	<BODY BGCOLOR="#ffffff">
	14	<H1>[IRCServices] Possible bug</H1>
	15	<B>Gastaman</B>
	16	<A HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Possible%20bug&In-Reply-To=3e3b2887.16724%40mail.achurch.org"
	17	TITLE="[IRCServices] Possible bug">gastaman at azzurra.org
	18	</A><BR>
	19	<I>Fri Jan 31 18:20:49 PST 2003</I>
	20	<P><UL>
	21	<LI>Previous message: <A HREF="003533.html">[IRCServices] Possible bug
	22	</A></li>
	23	<LI>Next message: <A HREF="003535.html">[IRCServices] Services 5.0.9 released
	24	</A></li>
	25	<LI> <B>Messages sorted by:</B>
	26	<a href="date.html#3931">[ date ]</a>
	27	<a href="thread.html#3931">[ thread ]</a>
	28	<a href="subject.html#3931">[ subject ]</a>
	29	<a href="author.html#3931">[ author ]</a>
	30	</LI>
	31	</UL>
	32	<HR>
	33	<!--beginarticle-->
	34	<PRE>It was 10:25 2003/02/01 +0900 when Andrew Church came up with:
	35	><i> I don't see how this could be "exploited" in the
	36	</I>><i> ordinary sense of the
	37	</I>><i>word, but it can lead to desynchs. Thanks for pointing the
	38	</I>><i>problem out.
	39	</I>
	40	That depends on how paranoic you have
	41	been in your coding... if you forgot to check
	42	for the validity of an arguments processed
	43	by the various functions in messages.c,
	44	maybe among those who are not supposed to
	45	be ever NULL (the parameter for +k for example,
	46	the ircd will never propagate a +k without
	47	a valid key) then it can be exploited to
	48	crash services via normal commands.
	49
	50
	51
	52	</PRE>
	53
	54	<!--endarticle-->
	55	<HR>
	56	<P><UL>
	57	<!--threads-->
	58	<LI>Previous message: <A HREF="003533.html">[IRCServices] Possible bug
	59	</A></li>
	60	<LI>Next message: <A HREF="003535.html">[IRCServices] Services 5.0.9 released
	61	</A></li>
	62	<LI> <B>Messages sorted by:</B>
	63	<a href="date.html#3931">[ date ]</a>
	64	<a href="thread.html#3931">[ thread ]</a>
65	<a href="subject.html#3931">[ subject ]</a>
66	<a href="author.html#3931">[ author ]</a>
67	</LI>
68	</UL>
69
70	</body></html>