]>
Commit | Line | Data |
---|---|---|
3bd189cb JR |
1 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> |
2 | <HTML> | |
3 | <HEAD> | |
4 | <TITLE> [IRCServices] Possible bug | |
5 | </TITLE> | |
6 | <LINK REL="Index" HREF="index.html" > | |
7 | <LINK REL="made" HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Possible%20bug&In-Reply-To=3e3b2887.16724%40mail.achurch.org"> | |
8 | <META NAME="robots" CONTENT="index,nofollow"> | |
9 | <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> | |
10 | <LINK REL="Previous" HREF="003533.html"> | |
11 | <LINK REL="Next" HREF="003535.html"> | |
12 | </HEAD> | |
13 | <BODY BGCOLOR="#ffffff"> | |
14 | <H1>[IRCServices] Possible bug</H1> | |
15 | <B>Gastaman</B> | |
16 | <A HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Possible%20bug&In-Reply-To=3e3b2887.16724%40mail.achurch.org" | |
17 | TITLE="[IRCServices] Possible bug">gastaman at azzurra.org | |
18 | </A><BR> | |
19 | <I>Fri Jan 31 18:20:49 PST 2003</I> | |
20 | <P><UL> | |
21 | <LI>Previous message: <A HREF="003533.html">[IRCServices] Possible bug | |
22 | </A></li> | |
23 | <LI>Next message: <A HREF="003535.html">[IRCServices] Services 5.0.9 released | |
24 | </A></li> | |
25 | <LI> <B>Messages sorted by:</B> | |
26 | <a href="date.html#3931">[ date ]</a> | |
27 | <a href="thread.html#3931">[ thread ]</a> | |
28 | <a href="subject.html#3931">[ subject ]</a> | |
29 | <a href="author.html#3931">[ author ]</a> | |
30 | </LI> | |
31 | </UL> | |
32 | <HR> | |
33 | <!--beginarticle--> | |
34 | <PRE>It was 10:25 2003/02/01 +0900 when Andrew Church came up with: | |
35 | ><i> I don't see how this could be "exploited" in the | |
36 | </I>><i> ordinary sense of the | |
37 | </I>><i>word, but it can lead to desynchs. Thanks for pointing the | |
38 | </I>><i>problem out. | |
39 | </I> | |
40 | That depends on how paranoic you have | |
41 | been in your coding... if you forgot to check | |
42 | for the validity of an arguments processed | |
43 | by the various functions in messages.c, | |
44 | maybe among those who are not supposed to | |
45 | be ever NULL (the parameter for +k for example, | |
46 | the ircd will never propagate a +k without | |
47 | a valid key) then it can be exploited to | |
48 | crash services via normal commands. | |
49 | ||
50 | ||
51 | ||
52 | </PRE> | |
53 | ||
54 | <!--endarticle--> | |
55 | <HR> | |
56 | <P><UL> | |
57 | <!--threads--> | |
58 | <LI>Previous message: <A HREF="003533.html">[IRCServices] Possible bug | |
59 | </A></li> | |
60 | <LI>Next message: <A HREF="003535.html">[IRCServices] Services 5.0.9 released | |
61 | </A></li> | |
62 | <LI> <B>Messages sorted by:</B> | |
63 | <a href="date.html#3931">[ date ]</a> | |
64 | <a href="thread.html#3931">[ thread ]</a> | |
65 | <a href="subject.html#3931">[ subject ]</a> | |
66 | <a href="author.html#3931">[ author ]</a> | |
67 | </LI> | |
68 | </UL> | |
69 | ||
70 | </body></html> |