Branch: refs/heads/master Home: https://github.com/ngircd/ngircd Commit: 6a622c0084ec69563609804520e2753501254503 https://github.com/ngircd/ngircd/commit/6a622c0084ec69563609804520e275350125... Author: Alexander Barton <alex@barton.de> Date: 2018-03-11 (Sun, 11 Mar 2018) Changed paths: M contrib/MacOSX/ngIRCd.xcodeproj/project.pbxproj Log Message: ----------- Update Xcode project for latest Xcode version (9.2) This includes adding missing and deleting obsolete file references. Commit: ac341176da5bbe99a9b07353f6e9790575ce1493 https://github.com/ngircd/ngircd/commit/ac341176da5bbe99a9b07353f6e9790575ce... Author: Alexander Barton <alex@barton.de> Date: 2018-03-11 (Sun, 11 Mar 2018) Changed paths: M src/ngircd/irc-channel.c Log Message: ----------- Only send TOPIC updates to a channel when the topic actually changed This prevents the channel from becoming flooded by unecessary TOPIC update messages, that can happen when IRC services try to enforce a certain topic but which is already set (at least on the local server), for example. Therefore still forward it to all servers, but don't inform local clients (still update setter and timestamp information, though!) Commit: 798de94d6556bdf2c6019f368ad7441fe6e2d1be https://github.com/ngircd/ngircd/commit/798de94d6556bdf2c6019f368ad7441fe6e2... Author: Alexander Barton <alex@barton.de> Date: 2018-03-11 (Sun, 11 Mar 2018) Changed paths: M src/ngircd/irc.c Log Message: ----------- Fix use-after-free while handling ERROR during client login This patch fixes a "use after free" bug which is hit while processing ERROR commands while a new client is logging into the server, which leads to only the CLIENT structure becoming freed, but not the CONNECTION structure, too. And this leads to the daemon accessing the already freed CLIENT structure later on ... So now IRC_ERROR() uses the correct function Conn_Close() to correctly free both structures. The CONNECTION structure is cleaned up later on, and the freed CLIENT structure can't be overwritten during normal operations, therefore this bug normally can't crash (DoS) the service -- but you can easily hit it when using the GCC option "-fsanitize=address", or run ngIRCd with Valgrind. Thanks a lot to Joseph Bisch <joseph.bisch@gmail.com> for discovering and reporting this issue! Compare: https://github.com/ngircd/ngircd/compare/91ef17aba2b0...798de94d6556