[IRCServices] Possible bug

Gastaman gastaman at azzurra.org
Fri Jan 31 18:20:49 PST 2003


It was 10:25 2003/02/01 +0900 when Andrew Church came up with:
>      I don't see how this could be "exploited" in the 
> ordinary sense of the
>word, but it can lead to desynchs.  Thanks for pointing the 
>problem out.

That depends on how paranoic you have
been in your coding... if you forgot to check
for the validity of an arguments processed
by the various functions in messages.c,
maybe among those who are not supposed to
be ever NULL (the parameter for +k for example,
the ircd will never propagate a +k without
a valid key) then it can be exploited to
crash services via normal commands.