View Issue Details

IDProjectCategoryView StatusLast Update
0001846unrealircdpublic2004-05-31 14:16
ReporterTroco Assigned Tocodemastr 
PrioritynormalSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
Platformwin32OSXP ProfessionalOS Version5.1 - 2600
Summary0001846: Crash bugwhen I link (this time with services)
DescriptionException:
    Access Violation
-----------------
Backup Buffer:
    & NickServ 1 1085963530 colossus Servicios.Colossus Servicios.Colossus 0 +owhraAOkNCqBvd Servicios.Colossus :Servicio de gestión de nicks
-----------------
Registers:
    EAX=0x00003a3a EBX=0x3a3a3a3a ECX=0x00000000
    EDX=0x00000000 ESI=0x0096f080 EDI=0x77d13c1f
    EIP=0x10220ed6 EBP=0x0140f980 ESP=0x0140f950
-----------------
Stack Trace:
    Module: MSVCRTD
        #0 (null):0: strchr
    Module: WIRCD
        #1 src/send.c:1912: sendto_serv_butone_nickcmd
        #2 src/s_user.c:1103: register_user
        #3 src/s_user.c:2038: m_user
        #4 src/s_user.c:1810: m_nick
        #5 src/parse.c:441: parse
        #6 src/packet.c:139: dopacket
        #7 src/s_bsd.c:1406: read_packet
        0000008 src/s_bsd.c:1940: read_message
        #9 src/ircd.c:1534: SocketLoop
    Module: MSVCRTD
        #10 src/ircd.c:1534: beginthread
    Module: kernel32
        #11 src/ircd.c:1534: RegisterWaitForInputIdle
TagsNo tags attached.
3rd party modules

Activities

syzop

2004-05-30 21:02

administrator   ~0006470

I'm able to reprodeuce this on *NIX (w/no 3rd party modules).
Seems related to NICKIP.
(gdb) bt
#0 0x003166b3 in strchr () from /lib/libc.so.6
#1 0xbffff640 in ?? ()
#2 0x080a048c in sendto_serv_butone_nickcmd (one=0x818bed0, sptr=0x81dcb30, nick=0x81dcb59 "OperServ", hopcount=2, lastnick=1085965145,
    username=0x81dcc00 "services", realhost=0x81dcc0b "test.net", server=0x818c270 "services.test.net", servicestamp=0,
    info=0x81dcba4 "Operator Server", umodes=0x813ece0 "+ioSqd", virthost=0x0) at send.c:1900
#3 0x0809849c in register_user (cptr=0x818bed0, sptr=0x81dcb30, nick=0x81dcb59 "OperServ", username=0x818bfcf "services",
    umode=0x818bff5 "+oiSqd", virthost=0x818bffc "test.net", ip=0x0) at s_user.c:1099
#4 0x0809af92 in m_user (cptr=0x818bed0, sptr=0x81dcb30, parc=8, parv=0x813552c) at s_user.c:2036
#5 0x0809a47d in m_nick (cptr=0x818bed0, sptr=0x81dcb30, parc=11, parv=0x8135520) at s_user.c:1810
#6 0x0806dc0a in parse (cptr=0x818bed0, buffer=0x818bfb4 "NICK", bufend=0x818c015 "") at parse.c:450
#7 0x0806c217 in dopacket (cptr=0x818bed0,
    buffer=0x8135ee0 "NICK OperServ 1 1085965145 services test.net services.test.net 0 +oiSqd test.net :Operator Server\r\n
[..]
(gdb) frame 2
#2 0x080a048c in sendto_serv_butone_nickcmd (one=0x818bed0, sptr=0x81dcb30, nick=0x81dcb59 "OperServ", hopcount=2, lastnick=1085965145,
    username=0x81dcc00 "services", realhost=0x81dcc0b "test.net", server=0x818c270 "services.test.net", servicestamp=0,
    info=0x81dcba4 "Operator Server", umodes=0x813ece0 "+ioSqd", virthost=0x0) at send.c:1900
1900 sendto_one(cptr,
(gdb) list
1895 }
1896
1897 if (SupportNICKv2(cptr))
1898 {
1899 if (sptr->srvptr->serv->numeric && SupportNS(cptr))
1900 sendto_one(cptr,
1901 (cptr->proto & PROTO_SJB64) ?
1902 /* Ugly double %s to prevent excessive spaces */
1903 "%s %s %d %B %s %s %b %lu %s %s %s%s:%s"
1904 :
(gdb)
1905 "%s %s %d %d %s %s %b %lu %s %s %s%s:%s"
1906 ,
1907 (IsToken(cptr) ? TOK_NICK : MSG_NICK), nick,
1908 hopcount, lastnick, username, realhost,
1909 (long)(sptr->srvptr->serv->numeric),
1910 servicestamp, umodes, vhost,
1911 SupportNICKIP(cptr) ? encode_ip(sptr->user->ip_str) : "",
1912 SupportNICKIP(cptr) ? " " : "", info);
1913 else
1914 sendto_one(cptr,
(gdb) p sptr->user
$1 = (anUser *) 0x81dcbe8
(gdb) p sptr->user->ip_str
$2 = 0x0

syzop

2004-05-30 21:07

administrator   ~0006471

So.. Because services don't use NICKIP it doesn't receive an IP for the user.. fine... But then it tries to forward the NICK message to all other servers which do support NICKIP and it tries to send the IP too... ouch.

codemastr: How to deal with that? Could 1) skip sending of the whole IP but that makes things even more complex/uglier than they are.. plus it's "unexpected" because you suddenly get stuff in different format than you requested. So what about 2) Just sending '-' or something for no ip? (so simply returning '-' from encode_ip() if called with a NULL pointer, and of course deal with it on receive).

aquanight

2004-05-30 22:51

reporter   ~0006474

How about using the IP of the services server? Since, techinically, that is were services psuedo-clients are "connecting from"... it kinda makes sense (and if it doesn't (or isn't possible), I didn't write this post ;) ).

codemastr

2004-05-31 01:23

reporter   ~0006475

Well, I was talking with Andy Church earlier, and he said, he intends to send 0.0.0.0 as the IP. So maybe that's the best way to say "no ip"? If not, yeah changing encode_ip to if (!ip_str) return "*"; (I like * better than - since we already use * for vhost). And decode_ip to if (is(*)) return NULL should not be hard to do. At least, that's all it sounds like I need to do...

Troco

2004-05-31 05:02

reporter   ~0006478

In addition, I'm using PROTOCTL NICKv2 VHP VL TOKEN UMODE2 (maybe can help you).

syzop

2004-05-31 10:29

administrator   ~0006481

Yeah I think I would prefer the '*' thingy.

codemastr

2004-05-31 14:16

reporter   ~0006486

Should be fixed in .40

Issue History

Date Modified Username Field Change
2004-05-30 20:39 Troco New Issue
2004-05-30 21:02 syzop Note Added: 0006470
2004-05-30 21:07 syzop Note Added: 0006471
2004-05-30 21:15 syzop Assigned To => codemastr
2004-05-30 21:15 syzop Severity feature => crash
2004-05-30 21:15 syzop Status new => assigned
2004-05-30 21:15 syzop Category documentation => ircd
2004-05-30 21:15 syzop Build => CVS - .39
2004-05-30 22:51 aquanight Note Added: 0006474
2004-05-31 01:23 codemastr Note Added: 0006475
2004-05-31 05:02 Troco Note Added: 0006478
2004-05-31 10:29 syzop Note Added: 0006481
2004-05-31 14:16 codemastr Status assigned => resolved
2004-05-31 14:16 codemastr Resolution open => fixed
2004-05-31 14:16 codemastr Note Added: 0006486