"MODE #CHANNEL +b !" can crash the ircd ...

Besides the fact I could not reproduce this on several ngircd installations - I'm not very happy to see something that could be some kind of exploit code published without a prior warning. This is not responsible disclosure. If it would work, it would allow evildoers to shut down any public accessible ngircd running. Christoph

Alexander Barton

11:31 p.m.

Am 02.01.2012 um 23:03 schrieb Christoph Biedl:

...

Cahata wrote...

"MODE #CHANNEL +b !" can crash the ircd ...

I can reproduce it, but only with current GIT master branch. Most probably the affected code has been committed after ngIRCd release 18, so it is code that has never been released. I’ll investigate further and keep you informed. Regards Alex

Alexander Barton

3 Jan 3 Jan

12:19 a.m.

Am 02.01.2012 um 23:31 schrieb Alexander Barton:

...

Am 02.01.2012 um 23:03 schrieb Christoph Biedl:

Cahata wrote...

"MODE #CHANNEL +b !" can crash the ircd ...

Commit ID 15fec92 introduced the bug (2011-12-25 „Update list item, if it already exists“), commit ID abfc5c6 fixes it (2012-01-02 „lists: don't crash if reason ptr is NULL“). Thanks to me for creating the bug, Cahata for reporting and Florian for fixing :-) And to make it really clear: The buggy code has been never released, so no „official“ ngIRCd release is affected. Regards Alex

Florian Westphal

12:10 a.m.

Cahata <cahata(a)gmail.com> wrote:

...

"MODE #CHANNEL +b !" can crash the ircd ...

Indeed, thanks for reporting this. Its fixed now. This bug was introduced a couple of days ago; released ngircd versions are not affected.

4056

days inactive

4056

days old

ngircd@lists.barton.de

Manage subscription

4 comments

4 participants

tags (0)

participants (4)

Alexander Barton
Cahata
Christoph Biedl
Florian Westphal