Module: ngircd.git Branch: master Commit: 8700f4d93cb50ebe7639e7a32e93b94c36ed3fae URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=8700f4d93... Author: Alexander Barton <alex@barton.de> Date: Sun Jan 23 18:38:36 2011 +0100 Better check for invalid IRC+ PASS command Don't do a NULL-pointer dereference when a remote server using the IRC+ protocol sends an invalid PASS command without the required <serverversion> parameter ... --- src/ngircd/irc-login.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ngircd/irc-login.c b/src/ngircd/irc-login.c index 73dd8d1..8af4df9 100644 --- a/src/ngircd/irc-login.c +++ b/src/ngircd/irc-login.c @@ -143,8 +143,8 @@ IRC_PASS( CLIENT *Client, REQUEST *Req ) if (type && strcmp(type, PROTOIRCPLUS) == 0) { /* The peer seems to be a server which supports the * IRC+ protocol (see doc/Protocol.txt). */ - serverver = ptr + 1; - flags = strchr(serverver, ':'); + serverver = ptr ? ptr + 1 : "?"; + flags = strchr(ptr ? serverver : impl, ':'); if (flags) { *flags = '\0'; flags++;