From 69081851aca7191dfa56860ddf02b97aed4b72ba Mon Sep 17 00:00:00 2001 From: Alexander Barton Date: Tue, 31 Jul 2007 18:56:13 +0000 Subject: [PATCH] SECURITY: Fixed a severe bug in handling JOIN commands, which could cause the server to crash. Thanks to Sebastian Vesper, . --- ChangeLog | 11 ++++++++--- src/ngircd/irc-channel.c | 6 ++++-- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index b1149cea..262b906c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -16,8 +16,13 @@ ngIRCd HEAD - Adjust path names in manual pages according to "./configure" settings. - Add new server config option to disable automatic connect. (Similar to -p option to ngircd, but only for the specified server) (Tassilo Schweyer) - - Don't connect to a server if a connection to another server within the same group - is in progress. + - Don't connect to a server if a connection to another server within the + same group is in progress. + +ngIRCd 0.10.3 (2007-08-01) + + - SECURITY: Fixed a severe bug in handling JOIN commands, which could + cause the server to crash. Thanks to Sebastian Vesper, . ngIRCd 0.10.2 (2007-06-08) @@ -698,4 +703,4 @@ ngIRCd 0.0.1, 31.12.2001 -- -$Id: ChangeLog,v 1.319 2007/06/28 15:13:38 fw Exp $ +$Id: ChangeLog,v 1.320 2007/07/31 18:56:13 alex Exp $ diff --git a/src/ngircd/irc-channel.c b/src/ngircd/irc-channel.c index 7b92c2b0..03204d65 100644 --- a/src/ngircd/irc-channel.c +++ b/src/ngircd/irc-channel.c @@ -14,7 +14,7 @@ #include "portab.h" -static char UNUSED id[] = "$Id: irc-channel.c,v 1.39 2006/12/07 17:57:20 fw Exp $"; +static char UNUSED id[] = "$Id: irc-channel.c,v 1.40 2007/07/31 18:56:14 alex Exp $"; #include "imp.h" #include @@ -52,7 +52,9 @@ IRC_JOIN( CLIENT *Client, REQUEST *Req ) assert( Req != NULL ); /* Bad number of arguments? */ - if(( Req->argc > 2 )) return IRC_WriteStrClient( Client, ERR_NEEDMOREPARAMS_MSG, Client_ID( Client ), Req->command ); + if (Req->argc < 1 || Req->argc > 2) + return IRC_WriteStrClient(Client, ERR_NEEDMOREPARAMS_MSG, + Client_ID(Client), Req->command); /* Who is the sender? */ if( Client_Type( Client ) == CLIENT_SERVER ) target = Client_Search( Req->prefix );