View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0003896unrealircdpublic2010-03-26 19:512010-06-20 00:05
Reporterargvx Assigned Toohnobinki  
PrioritynormalSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
Fixed in Version3.2.9-RC1 
Summary0003896: any unknown options in ssl::options make ircd to crash
Descriptionexample:
set {
    ssl {
       options {
       certificate "server.cert.pem";
       key "server.key.pem";
       test;
       };
    };
};

where 'test;' is for crash test =)
TagsNo tags attached.
3rd party modules

Relationships

child of 0003776 resolvedsyzop Unreal3.2.9 TODO 

Activities

argvx

2010-03-26 20:45

developer   ~0016047

fixed it,

replace:

else if (!strcmp(cepp->ce_varname, "options"))
{
        CheckDuplicate(cep, ssl_options, "ssl::options");
        for (ceppp = cepp->ce_entries; ceppp; ceppp = ceppp->ce_next)
        {
                for (ofl = _SSLFlags; ofl->name; ofl++)
                {
                        if (!strcmp(ceppp->ce_varname, ofl->name))
                        {
                                break;
                        }
                }
        }
        if (ofl && !ofl->name)
        {
                config_error("%s:%i: unknown SSL flag '%s'",
                        ceppp->ce_fileptr->cf_filename,
                        ceppp->ce_varlinenum, ceppp->ce_varname);
        }
}

with:

else if (!strcmp(cepp->ce_varname, "options"))
{
        CheckDuplicate(cep, ssl_options, "ssl::options");
        for (ceppp = cepp->ce_entries; ceppp; ceppp = ceppp->ce_next)
        {
                for (ofl = _SSLFlags; ofl->name; ofl++)
                {
                        if (!strcmp(ceppp->ce_varname, ofl->name))
                        {
                                break;
                        }
                }

                if (ofl && !ofl->name)
                {
                        config_error("%s:%i: unknown SSL flag '%s'",
                              ceppp->ce_fileptr->cf_filename,
                              ceppp->ce_varlinenum, ceppp->ce_varname);
                }
        }
}

after seeing this, the one question, what smoking one who wrote this code?!

ohnobinki

2010-06-20 00:04

reporter   ~0016119

BTW, in your example of a bad config file, unrealircd should crash on ``certificate'' because ``certificate'' is not a valid SSL flag. I took the liberty to fix the bug in a different way than you pasted so that it would match the other, non-bugged options {}.

Thanks for reporting!

- Handle bad flags in set::ssl::options better (0003896).

Issue History

Date Modified Username Field Change
2010-03-26 19:51 argvx New Issue
2010-03-26 20:45 argvx Note Added: 0016047
2010-03-28 20:45 syzop Status new => acknowledged
2010-03-28 20:45 syzop Relationship added child of 0003776
2010-06-20 00:04 ohnobinki QA => Not touched yet by developer
2010-06-20 00:04 ohnobinki U4: Need for upstream patch => No need for upstream InspIRCd patch
2010-06-20 00:04 ohnobinki Note Added: 0016119
2010-06-20 00:04 ohnobinki Status acknowledged => resolved
2010-06-20 00:04 ohnobinki Fixed in Version => 3.2.9-RC1
2010-06-20 00:04 ohnobinki Resolution open => fixed
2010-06-20 00:04 ohnobinki Assigned To => ohnobinki