Anope IRC Services

Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: [1]   Go Down

Author Topic: small bug  (Read 4377 times)

0 Members and 1 Guest are viewing this topic.

4144

  • Guest
small bug
« on: December 06, 2006, 09:25:35 PM »

Hello.
I find potential bug in file channels.c
This code:
Code: [Select]

            while (csmodes[(int) *s] != 0)
                *end2++ = csmodes[(int) *s++];
            *end2 = 0;

Size of csmodes is 128 bytes, but in some situations variable 's' is user nick. if user use localized nicks, char at *s location may have code more then 128, then csmodes[*s] reads memory outside the csmodes array.

Maybe need change to this:
Code: [Select]

            while (((unsigned int) *s < 128) && (csmodes[(int) *s] != 0))
                *end2++ = csmodes[(int) *s++];
            *end2 = 0;


This code exists in Anope 1.6.4 and in Anope 1.7.17, other versions not tested.
Logged

heinz

  • Guest
(No subject)
« Reply #1 on: December 06, 2006, 11:00:28 PM »

Bugs reports should be posted at http://bugs.anope.org so they are recorded and dealt with appropriately. Thanks.
Logged
Pages: [1]   Go Up