Hi ! I am the upstream and sponsored Debian maintainer of Bip.
A user of bip reported a bug which can be used to do a remote DOS of bip. Bug is present in bip/0.8.2-1squeeze2. debdiff (bip/0.8.2-1squeeze2 and bip/0.8.2-1squeeze3 source packages) containing the fix is attached. Regards, Pierre-Louis
Format: 1.0 Source: bip Binary: bip Architecture: any Version: 0.8.2-1squeeze3 Maintainer: Pierre-Louis Bonicoli <[email protected]> Uploaders: Arnaud Cornet <[email protected]> Homepage: http://bip.t1r.net Standards-Version: 3.8.3 Build-Depends: debhelper (>= 7.0.50~), bison, flex, libssl-dev, quilt Checksums-Sha1: a75da8be7f9984e02b61916e6a7d658bb1da1375 208502 bip_0.8.2.orig.tar.gz 6c5594ec04bd82d9196f42b3b1d267cf0a190b20 8468 bip_0.8.2-1squeeze3.diff.gz Checksums-Sha256: 3367f4e6a3a352fd756db478d4a92378e370318a4c961ae03b0a1b40f46a1cfd 208502 bip_0.8.2.orig.tar.gz a6411d6ff2a99df185bafcae8dcf09d2e1a9f8dfb5c409793f8092d47b7224eb 8468 bip_0.8.2-1squeeze3.diff.gz Files: 3f3a66f6179456ba7efb1970a89f46dd 208502 bip_0.8.2.orig.tar.gz 30e7bbed2fc5f1f43ebb5045abda56c6 8468 bip_0.8.2-1squeeze3.diff.gz
diff -u bip-0.8.2/debian/changelog bip-0.8.2/debian/changelog --- bip-0.8.2/debian/changelog +++ bip-0.8.2/debian/changelog @@ -1,3 +1,9 @@ +bip (0.8.2-1squeeze3) testing-proposed-updates; urgency=low + + * add fix_DOS.patch, backported from 0.8.7. + + -- Pierre-Louis Bonicoli <[email protected]> Sat, 15 Jan 2011 19:12:33 +0100 + bip (0.8.2-1squeeze2) testing-proposed-updates; urgency=low * New maintainer (with Nohar's blessing). diff -u bip-0.8.2/debian/patches/series bip-0.8.2/debian/patches/series --- bip-0.8.2/debian/patches/series +++ bip-0.8.2/debian/patches/series @@ -1,0 +2 @@ +fix_DOS.patch only in patch2: unchanged: --- bip-0.8.2.orig/debian/patches/fix_DOS.patch +++ bip-0.8.2/debian/patches/fix_DOS.patch @@ -0,0 +1,20 @@ +Fix DOS. Backported From 0.8.7. +--- a/src/log.c ++++ b/src/log.c +@@ -472,10 +472,14 @@ + const char *newnick) + { + char *oldnick = nick_from_ircmask(ircmask); ++ logstore_t* oldstore; ++ logstore_t* newstore; + +- if (hash_includes(&logdata->logfgs, oldnick)) { +- if (hash_includes(&logdata->logfgs, newnick)) ++ if ((oldstore = hash_get(&logdata->logfgs, oldnick))) { ++ if ((newstore = hash_get(&logdata->logfgs, newnick)) ++ && oldstore != newstore) { + log_drop(logdata, newnick); ++ } + hash_rename_key(&logdata->logfgs, oldnick, newnick); + } + free(oldnick);
