View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005910 | unreal | ircd | public | 2021-06-10 02:55 | 2023-03-22 10:51 |
| Reporter | ji | Assigned To | syzop | ||
| Priority | low | Severity | trivial | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Platform | Linux | OS | Ubuntu | OS Version | 20.04 LTS |
| Product Version | 5.0.9 | ||||
| Fixed in Version | 6.0.7 | ||||
| Summary | 0005910: IRCd returning invalid host error then setting invalid oper-block vhost | ||||
| Description | So far only tested on two different PissNet servers linked together. When using color codes within in the oper-block vhost directive the IRCd will return *** /SetHost Error: A hostname may only contain a-z, A-Z, 0-9, '-' & '.' when using /oper. The IRCd then sets the supposedly invalid vhost anyways. I would either expect no error and the host to be set, or the error to show up and no host to be set. | ||||
| Steps To Reproduce | Make an oper block for yourself on a freshly compiled UnrealIRCD including a vhost with color codes within that oper block, then /oper which will show the error. You can /whois yourself to verify wether the vhost is set or not. | ||||
| Tags | No tags attached. | ||||
| 3rd party modules | |||||
|
|
Thanks for the report, indeed this should not be permitted. There are probably a bit more around of these, but they should be fixed too. I may wait do it post-release though as it is indeed (as you already noted) a low priority item. |
|
|
Thanks, fixed now so it is rejected both on the server with the oper { } block and on the remote side (latter was already the case) https://github.com/unrealircd/unrealircd/commit/e83c610b39f6f18cc61c356993b53b05ebfb4158 commit e83c610b39f6f18cc61c356993b53b05ebfb4158 (HEAD -> unreal60_dev, origin/unreal60_dev, origin/HEAD) Author: Bram Matthys <[email protected]> Date: Wed Mar 22 10:24:41 2023 +0100 Add valid_vhost() and validate oper::vhost too just like vhost::vhost. Actually make them both use this same function, even thought he original vhost::vhost check was a bit more informational. This also checks the vhost in other paths that lead to oper vhost setting. Reported by ji in https://bugs.unrealircd.org/view.php?id=5910 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2021-06-10 02:55 | ji | New Issue | |
| 2021-06-14 07:26 | syzop | Assigned To | => syzop |
| 2021-06-14 07:26 | syzop | Status | new => acknowledged |
| 2021-06-14 07:26 | syzop | Note Added: 0022001 | |
| 2023-03-22 10:51 | syzop | Status | acknowledged => resolved |
| 2023-03-22 10:51 | syzop | Resolution | open => fixed |
| 2023-03-22 10:51 | syzop | Fixed in Version | => 6.0.7 |
| 2023-03-22 10:51 | syzop | Note Added: 0022806 |
