software/RELEASES/ircservices/achurch.org/services/lists/ircservices/2003/003931.html

   1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
   2 <HTML>
   3  <HEAD>
   4    <TITLE> [IRCServices] Possible bug
   5    </TITLE>
   6    <LINK REL="Index" HREF="index.html" >
   7    <LINK REL="made" HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Possible%20bug&In-Reply-To=3e3b2887.16724%40mail.achurch.org">
   8    <META NAME="robots" CONTENT="index,nofollow">
   9    <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
  10    <LINK REL="Previous"  HREF="003533.html">
  11    <LINK REL="Next"  HREF="003535.html">
  12  </HEAD>
  13  <BODY BGCOLOR="#ffffff">
  14    <H1>[IRCServices] Possible bug</H1>
  15     <B>Gastaman</B>
  16     <A HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Possible%20bug&In-Reply-To=3e3b2887.16724%40mail.achurch.org"
  17        TITLE="[IRCServices] Possible bug">gastaman at azzurra.org
  18        </A><BR>
  19     <I>Fri Jan 31 18:20:49 PST 2003</I>
  20     <P><UL>
  21         <LI>Previous message: <A HREF="003533.html">[IRCServices] Possible bug
  22 </A></li>
  23         <LI>Next message: <A HREF="003535.html">[IRCServices] Services 5.0.9 released
  24 </A></li>
  25          <LI> <B>Messages sorted by:</B>
  26               <a href="date.html#3931">[ date ]</a>
  27               <a href="thread.html#3931">[ thread ]</a>
  28               <a href="subject.html#3931">[ subject ]</a>
  29               <a href="author.html#3931">[ author ]</a>
  30          </LI>
  31        </UL>
  32     <HR>
  33 <!--beginarticle-->
  34 <PRE>It was 10:25 2003/02/01 +0900 when Andrew Church came up with:
  35 &gt;<i>      I don't see how this could be &quot;exploited&quot; in the
  36 </I>&gt;<i> ordinary sense of the
  37 </I>&gt;<i>word, but it can lead to desynchs.  Thanks for pointing the
  38 </I>&gt;<i>problem out.
  39 </I>
  40 That depends on how paranoic you have
  41 been in your coding... if you forgot to check
  42 for the validity of an arguments processed
  43 by the various functions in messages.c,
  44 maybe among those who are not supposed to
  45 be ever NULL (the parameter for +k for example,
  46 the ircd will never propagate a +k without
  47 a valid key) then it can be exploited to
  48 crash services via normal commands.
  49
  50
  51
  52 </PRE>
  53
  54 <!--endarticle-->
  55     <HR>
  56     <P><UL>
  57         <!--threads-->
  58         <LI>Previous message: <A HREF="003533.html">[IRCServices] Possible bug
  59 </A></li>
  60         <LI>Next message: <A HREF="003535.html">[IRCServices] Services 5.0.9 released
  61 </A></li>
  62          <LI> <B>Messages sorted by:</B>
  63               <a href="date.html#3931">[ date ]</a>
  64               <a href="thread.html#3931">[ thread ]</a>
  65               <a href="subject.html#3931">[ subject ]</a>
  66               <a href="author.html#3931">[ author ]</a>
  67          </LI>
  68        </UL>
  69
  70 </body></html>