View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006339 | unreal | ircd | public | 2023-09-10 00:52 | 2023-09-10 09:41 |
| Reporter | PeGaSuS | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | new | Resolution | open | ||
| Platform | Linux | OS | Ubuntu | OS Version | 22.04 |
| Product Version | 6.1.1.1 | ||||
| Summary | 0006339: UnrealIRCd doesn't do any sanity checks on extbans | ||||
| Description | Apparently UnrealIRC doesn't do any kind of sanity checks on extbans. The `~flood` extban should be only available as +e, but while setting it as: /mode #channel +b ~flood:~account:test throws a "Ban type ~flood only works with exceptions (+e) and not with bans or invex (+b/+I)" setting it as: /mode #channel +b ~account:~flood:test it sets the extban without checking order and/or if a extban can be used with some other one. | ||||
| Tags | No tags attached. | ||||
| 3rd party modules | |||||
|
|
I didn't test other extbans combos but it probably has the same issue |
|
|
Yeah, I understand what you mean, though obviously ~account:~flood:test makes no sense, so I don't think it is that much of an issue, or at least not to humans. When you have ~account:, the stuff after that is the account name, so "~flood:test" is the account name here. Now perhaps ~ is a forbidden character in an account name, i have no idea, maybe not, so perhaps we could forbid a ~ at the start there to avoid confusion. I actually don't know the rules for account names. If we make a mistake there then you create account names that cannot be exempted/banned. I did something similar with ~realname back in the early days (~r back then): there the first character can't be ~, it auto replaces it with a ? (question mark). So ~realname:~xyz* becomes ~realname:?xyz*. Since it usually isn't that much of a problem, a situation that is rather rare and avoids some confusion, like you mentioned. But, on the other hand, there are legit ~ cases, for example for ~channel you can give a symbol like ~channel:@#hasopshere but also ~channel:~#hasownerhere... so there is the ~ again. I suppose due to the # there won't be much confusion, but just to illustrate that a ~ is not guaranteed to be forbidden as a first character. The only other selectors that could have a ~ directly after would be operclass and security-group but that sounds rather rare (actually i think security group has to be a-zA-Z0-9_-). |
