Date: Tue, 13 Jul 1999 20:49:02 -0500
From: Kevin Day <[email protected]>
To: [email protected]Subject: ircd exploit in ircu based code
Most irc networks using ircu based servers have a bug that can cause users
to segfault the server.
In m_join, the code doesn't check to see if get_channel returned failure (by
returning NULL).
While the line numbers will probably be off, this patch will work in most
ircu based servers.
--- ircd/channel.c Tue Jul 13 19:58:46 1999
+++ ircd/channel.c Tue Jul 13 20:05:31 1999
@@ -2004,6 +2004,12 @@
chptr = get_channel (sptr, name, !CREATE); /* need the TS -Kev */
+ if (!chptr) {
+ sendto_one (sptr, err_str (ERR_NOSUCHCHANNEL),
+ me.name, parv[0], name);
+ return(0);
+ }
+
sendto_serv_butone (cptr, ":%s MODE %s +%s%s %lu", me.name, name,
sendmode ? "o " : "", sendmode ? parv[0] : "",
chptr->creationtime); /* send the MODE to the
Kevin Day
DragonData
ToastyMan on irc.dragondata.com (on NewNet)
