Commit Diff
Diff:
efcca62a35000002af541c2c73cc7c42bfd0fb12
69081851aca7191dfa56860ddf02b97aed4b72ba
Commit:
69081851aca7191dfa56860ddf02b97aed4b72ba
Tree:
ffe36d9135b41970a3ac02f9c241afd4736c0b69
Author:
Alexander Barton <alex@barton.de>
Committer:
Alexander Barton <alex@barton.de>
Date:
Tue Jul 31 18:56:13 2007 UTC
Message:
SECURITY: Fixed a severe bug in handling JOIN commands, which could cause the server to crash. Thanks to Sebastian Vesper, .
blob - b1149cea3ca9902f5e25465a2817ae77d2aafc26
blob + 262b906c20613292111004ceb490698092843aac
--- ChangeLog
+++ ChangeLog
@@ -16,9 +16,14 @@ ngIRCd HEAD
- Adjust path names in manual pages according to "./configure" settings.
- Add new server config option to disable automatic connect. (Similar to -p
option to ngircd, but only for the specified server) (Tassilo Schweyer)
- - Don't connect to a server if a connection to another server within the same group
- is in progress.
+ - Don't connect to a server if a connection to another server within the
+ same group is in progress.
+ngIRCd 0.10.3 (2007-08-01)
+
+ - SECURITY: Fixed a severe bug in handling JOIN commands, which could
+ cause the server to crash. Thanks to Sebastian Vesper, <net@veoson.net>.
+
ngIRCd 0.10.2 (2007-06-08)
ngIRCd 0.10.2-pre2 (2007-05-19)
@@ -698,4 +703,4 @@ ngIRCd 0.0.1, 31.12.2001
--
-$Id: ChangeLog,v 1.319 2007/06/28 15:13:38 fw Exp $
+$Id: ChangeLog,v 1.320 2007/07/31 18:56:13 alex Exp $
blob - 7b92c2b009bd165594a3272d60428fcd4dea9af1
blob + 03204d653af7072258b7844c29978f8087b902b6
--- src/ngircd/irc-channel.c
+++ src/ngircd/irc-channel.c
@@ -14,7 +14,7 @@
#include "portab.h"
-static char UNUSED id[] = "$Id: irc-channel.c,v 1.39 2006/12/07 17:57:20 fw Exp $";
+static char UNUSED id[] = "$Id: irc-channel.c,v 1.40 2007/07/31 18:56:14 alex Exp $";
#include "imp.h"
#include <assert.h>
@@ -52,7 +52,9 @@ IRC_JOIN( CLIENT *Client, REQUEST *Req )
assert( Req != NULL );
/* Bad number of arguments? */
- if(( Req->argc > 2 )) return IRC_WriteStrClient( Client, ERR_NEEDMOREPARAMS_MSG, Client_ID( Client ), Req->command );
+ if (Req->argc < 1 || Req->argc > 2)
+ return IRC_WriteStrClient(Client, ERR_NEEDMOREPARAMS_MSG,
+ Client_ID(Client), Req->command);
/* Who is the sender? */
if( Client_Type( Client ) == CLIENT_SERVER ) target = Client_Search( Req->prefix );
IRCNow