mirrors/ngircd
1
0
Fork 0
mirror of https://github.com/osmarks/ngircd.git synced 2025-01-31 17:49:11 +00:00
Code Issues Releases Wiki Activity

KICK: Fix denial of service bug

Browse Source 
Test if the user that it is to be kicked is on the channel before user
channel modes are tested. Otherwise assert( cl2chan != NULL ); in
line 742 would fail and stop the service.
(cherry picked from commit 0e63fb3fa7)
This commit is contained in:
Sebastian Köhler 2013-02-14 19:21:01 +01:00 committed by Alexander Barton
parent 1265eb15b8
commit b3d4cf9081
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/ngircd/channel.c
View File

@ -326,6 +326,13 @@ Channel_Kick(CLIENT *Peer, CLIENT *Target, CLIENT *Origin, const char *Name,
}
}
/* Check that the client to be kicked is on the specified channel */
if (!Channel_IsMemberOf(chan, Target)) {
IRC_WriteStrClient(Origin, ERR_USERNOTINCHANNEL_MSG,
Client_ID(Origin), Client_ID(Target), Name );
return;
}
if(Client_Type(Peer) == CLIENT_USER) {
/* Channel mode 'Q' and user mode 'q' on target: nobody but
* IRC Operators and servers can kick the target user */
@ -382,13 +389,6 @@ Channel_Kick(CLIENT *Peer, CLIENT *Target, CLIENT *Origin, const char *Name,
}
}
/* Check that the client to be kicked is on the specified channel */
if (!Channel_IsMemberOf(chan, Target)) {
IRC_WriteStrClient(Origin, ERR_USERNOTINCHANNEL_MSG,
Client_ID(Origin), Client_ID(Target), Name );
return;
}
/* Kick Client from channel */
Remove_Client( REMOVE_KICK, chan, Target, Origin, Reason, true);
} /* Channel_Kick */