View Issue Details

IDProjectCategoryView StatusLast Update
0001892unrealircdpublic2004-06-22 14:32
Reporterpoisoner Assigned Tocodemastr 
PrioritynormalSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
Platformi386OSDebian GNU/Linux (sarge)OS Version2.6.7
Product Version3.2 
Summary0001892: ircd segfaults directly after first connection in Find_ban
DescriptionWith using of ban user, ban version etc. in config file, ircd segaults in function Find_Ban of s_conf.c
Steps To Reproduceuse several ban directives with wildcards. Such as ban nick, ban version, ban realname. Start Server and Connect.
Additional Informationbuild with gcc-3.3.4
bt of gdb 6.1:
#0 0x08072a25 in Find_ban (sptr=0x0, host=0x81a0abc "poisoner", type=5) at s_conf.c:2399
#1 0x0808927c in register_user (cptr=0x81a0a48, sptr=0x81a0a48, nick=0x81a0a71 "poisoner", username=0x81a0b31 "poisoner", umode=0x0, virthost=0x0, ip=0x0) at s_user.c:948
#2 0x0808b9aa in m_user (cptr=0x81a0a48, sptr=0x81a0a48, parc=135924337, parv=0x40) at s_user.c:2036
#3 0x080679ac in parse (cptr=0x81a0a48, buffer=0x81a0b2c "USER", bufend=0x81a0b67 "") at parse.c:440
#4 0x0806684f in dopacket (cptr=0x81a0a48, buffer=0x8121700 "USER poisoner cervisia manacor.ircchat.freenet.de :poisoner\r", length=0) at packet.c:138
#5 0x0806d9eb in read_packet (cptr=0x81a0a48, rfd=0x81a0d40) at s_bsd.c:1476
#6 0x0806e215 in read_message (delay=1, listp=0x8135600) at s_bsd.c:1937
#7 0x08062d10 in main (argc=0, argv=0x0) at ircd.c:1530
TagsNo tags attached.
3rd party modules

Activities

syzop

2004-06-22 09:59

administrator   ~0006754

[register_user]
        if ((bconf = Find_ban(NULL, sptr->info, CONF_BAN_REALNAME)))
[Find_ban]
ConfigItem_ban *Find_ban(aClient *sptr, char *host, short type)
{
    ConfigItem_ban *ban;

    /* Check for an except ONLY if we find a ban, makes it
     * faster since most users will not have a ban so excepts
     * don't need to be searched -- codemastr
     */

    for (ban = conf_ban; ban; ban = (ConfigItem_ban *) ban->next)
        if (ban->flag.type == type)
            if (match_ip(sptr->ip, host, ban->mask, ban->netmask))
            {
                /* Person got a exception */
                if ((type == CONF_BAN_USER || type == CONF_BAN_IP)
                    && Find_except(sptr, host, CONF_EXCEPT_BAN))
                    return NULL;
                return ban;
            }
    return NULL;
}
[and there are more with first-arg-is-NULL:]
# grep Find_ban src/ -r|grep NULL
src/modules/m_chgname.c: if (!IsAnOper(acptr) && Find_ban(NULL, acptr->info, CONF_BAN_REALNAME)) {
src/modules/m_server.c: if ((bconf = Find_ban(NULL, servername, CONF_BAN_SERVER)))
src/modules/m_server.c: if ((bconf = Find_ban(NULL, servername, CONF_BAN_SERVER)))
src/modules/m_setname.c: if (!IsAnOper(sptr) && Find_ban(NULL, sptr->info, CONF_BAN_REALNAME))
src/modules/m_svsnline.c: if (!Find_banEx(NULL, parv[3], CONF_BAN_REALNAME, CONF_BAN_TYPE_AKILL))
src/ircd.c: Find_ban(NULL, cptr->info, CONF_BAN_REALNAME))) {
src/s_user.c: if ((bconf = Find_ban(NULL, sptr->info, CONF_BAN_REALNAME)))
src/webtv.c: if ((ban = Find_ban(NULL, parv[1], CONF_BAN_VERSION)))

Not sure what to do... perhaps change them all...
codemastr? :)

codemastr

2004-06-22 14:32

reporter   ~0006764

Should be fixed in .67

Syzop, the NULL is correct. I just forgot to handle the NULL! CIDR isn't supported for things like realname/version bans, so I don't send sptr. So now, it just calls match() if sptr == NULL.

Issue History

Date Modified Username Field Change
2004-06-22 09:01 poisoner New Issue
2004-06-22 09:59 syzop Note Added: 0006754
2004-06-22 14:32 codemastr Status new => resolved
2004-06-22 14:32 codemastr Resolution open => fixed
2004-06-22 14:32 codemastr Assigned To => codemastr
2004-06-22 14:32 codemastr Note Added: 0006764