View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006339 | unreal | ircd | public | 2023-09-10 00:52 | 2023-11-29 19:34 |
| Reporter | PeGaSuS | Assigned To | syzop | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | no change required | ||
| Platform | Linux | OS | Ubuntu | OS Version | 22.04 |
| Product Version | 6.1.1.1 | ||||
| Summary | 0006339: UnrealIRCd doesn't do any sanity checks on extbans | ||||
| Description | Apparently UnrealIRC doesn't do any kind of sanity checks on extbans. The `~flood` extban should be only available as +e, but while setting it as: /mode #channel +b ~flood:~account:test throws a "Ban type ~flood only works with exceptions (+e) and not with bans or invex (+b/+I)" setting it as: /mode #channel +b ~account:~flood:test it sets the extban without checking order and/or if a extban can be used with some other one. | ||||
| Tags | No tags attached. | ||||
| 3rd party modules | |||||
|
|
I didn't test other extbans combos but it probably has the same issue |
|
|
Yeah, I understand what you mean, though obviously ~account:~flood:test makes no sense, so I don't think it is that much of an issue, or at least not to humans. When you have ~account:, the stuff after that is the account name, so "~flood:test" is the account name here. Now perhaps ~ is a forbidden character in an account name, i have no idea, maybe not, so perhaps we could forbid a ~ at the start there to avoid confusion. I actually don't know the rules for account names. If we make a mistake there then you create account names that cannot be exempted/banned. I did something similar with ~realname back in the early days (~r back then): there the first character can't be ~, it auto replaces it with a ? (question mark). So ~realname:~xyz* becomes ~realname:?xyz*. Since it usually isn't that much of a problem, a situation that is rather rare and avoids some confusion, like you mentioned. But, on the other hand, there are legit ~ cases, for example for ~channel you can give a symbol like ~channel:@#hasopshere but also ~channel:~#hasownerhere... so there is the ~ again. I suppose due to the # there won't be much confusion, but just to illustrate that a ~ is not guaranteed to be forbidden as a first character. The only other selectors that could have a ~ directly after would be operclass and security-group but that sounds rather rare (actually i think security group has to be a-zA-Z0-9_-). |
|
|
I think it is acceptable not to do this particular check. Also title is a bit misleading since it is only 1 particular check that is missing out of X others that are actually done ;) |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2023-09-10 00:52 | PeGaSuS | New Issue | |
| 2023-09-10 01:15 | PeGaSuS | Note Added: 0023033 | |
| 2023-09-10 09:39 | syzop | Note Added: 0023034 | |
| 2023-09-10 09:40 | syzop | Note Edited: 0023034 | |
| 2023-09-10 09:41 | syzop | Note Edited: 0023034 | |
| 2023-11-29 19:34 | syzop | Assigned To | => syzop |
| 2023-11-29 19:34 | syzop | Status | new => closed |
| 2023-11-29 19:34 | syzop | Resolution | open => no change required |
| 2023-11-29 19:34 | syzop | Note Added: 0023114 |
