Hi there,
This patch should fix two limit bugs in the current ircu2.10.11.04:
- Users can set mode -l repeatedly when no limit is set
- Users can set huge limits using negative argument (e.g. +l -1 is
translated to +l 4294966296).
Note that as a side effect of fixing the second bug limits >=2^31 cannot
be set any more, although this doesn't seem to be much of a problem given
that ircu is limited to 2^30 clients anyway. To avoid this side effect
requires checking manually that the first char of the unconverted string
isn't '-' instead..
Cheers,
splidge
QuakeNet person
Index: ChangeLog
===================================================================
RCS file: /cvsroot/undernet-ircu/ircu2.10/ChangeLog,v
retrieving revision 1.290.2.126.2.5
diff -u -r1.290.2.126.2.5 ChangeLog
--- ChangeLog 28 Dec 2002 16:31:36 -0000 1.290.2.126.2.5
+++ ChangeLog 29 Dec 2002 16:29:49 -0000
@@ -1,3 +1,8 @@
+2002-12-28 David Mansell <[EMAIL PROTECTED]>
+
+ * ircd/channel.c (mode_parse_limit): don't allow -l when no limit is
+ set, don't allow -l with negative parameter (or unsigned >2^31).
+
2002-12-28 Kevin L Mitchell <[EMAIL PROTECTED]>
* ircd/m_create.c (ms_create): we must pass in a flag, not a
Index: ircd/channel.c
===================================================================
RCS file: /cvsroot/undernet-ircu/ircu2.10/ircd/channel.c,v
retrieving revision 1.73.2.11
diff -u -r1.73.2.11 channel.c
--- ircd/channel.c 15 Dec 2002 01:02:39 -0000 1.73.2.11
+++ ircd/channel.c 29 Dec 2002 16:29:52 -0000
@@ -1940,6 +1940,9 @@
t_limit = strtoul(state->parv[state->args_used++], 0, 10); /* grab arg */
state->parc--;
state->max_args--;
+
+ if ((int)t_limit<0) /* don't permit a negative limit */
+ return;
if (!(state->flags & MODE_PARSE_WIPEOUT) &&
(!t_limit || t_limit == state->chptr->mode.limit))
@@ -1952,6 +1955,10 @@
send_notoper(state);
return;
}
+
+ /* Can't remove a limit that's not there */
+ if (state->dir == MODE_DEL && !state->chptr->mode.limit)
+ return;
if (state->done & DONE_LIMIT) /* allow limit to be set only once */
return;
