# arch-tag: automatic-ChangeLog--srvx@srvx.net--2005-srvx/srvx--devo--1.3
#
+2005-01-24 17:12:38 GMT Michael Poole <mdpoole@troilus.org> patch-8
+
+ Summary:
+ typo fix in alloc-srvx.c; avoid dereferencing free()'d bans
+ Revision:
+ srvx--devo--1.3--patch-8
+
+ src/alloc-srvx.c (srvx_realloc): Fix argument list to srvx_free().
+
+ src/chanserv.c (find_matching_bans): Make temporary copies of bans to
+ be removed. Double-check remove count at end of loop.
+ (unban_user, cmd_open): Free the string copies.
+ (cmd_unbanall): Make temporary copies of removed bans and free them.
+ (handle_mode): Likewise.
+
+ src/opserv.c (cmd_clearbans): Likewise.
+
+ modified files:
+ ChangeLog src/alloc-srvx.c src/chanserv.c src/opserv.c
+
+
2005-01-24 16:45:44 GMT Michael Poole <mdpoole@troilus.org> patch-7
Summary:
if(!match[ii])
continue;
change->args[count].mode = MODE_REMOVE | MODE_BAN;
- change->args[count++].u.hostmask = bans->list[ii]->ban;
+ change->args[count++].u.hostmask = strdup(bans->list[ii]->ban);
}
+ assert(count == change->argc);
return change;
}
change = find_matching_bans(&channel->banlist, actee, mask);
if(change)
{
+ unsigned int ii;
+
modcmd_chanmode_announce(change);
+ for(ii = 0; ii < change->argc; ++ii)
+ free((char*)change->args[ii].u.hostmask);
mod_chanmode_free(change);
acted = 1;
}
for(ii=0; ii<channel->banlist.used; ii++)
{
change->args[ii].mode = MODE_REMOVE | MODE_BAN;
- change->args[ii].u.hostmask = channel->banlist.list[ii]->ban;
+ change->args[ii].u.hostmask = strdup(channel->banlist.list[ii]->ban);
}
modcmd_chanmode_announce(change);
+ for(ii = 0; ii < change->argc; ++ii)
+ free((char*)change->args[ii].u.hostmask);
mod_chanmode_free(change);
reply("CSMSG_BANS_REMOVED", channel->name);
return 1;
static CHANSERV_FUNC(cmd_open)
{
struct mod_chanmode *change;
+ unsigned int ii;
change = find_matching_bans(&channel->banlist, user, NULL);
if(!change)
change->modes_clear &= ~channel->channel_info->modes.modes_set;
modcmd_chanmode_announce(change);
reply("CSMSG_CHANNEL_OPENED", channel->name);
+ for(ii = 0; ii < change->argc; ++ii)
+ free((char*)change->args[ii].u.hostmask);
mod_chanmode_free(change);
return 1;
}
if(!bounce)
bounce = mod_chanmode_alloc(change->argc + 1 - ii);
bounce->args[bnc].mode = MODE_REMOVE | MODE_BAN;
- bounce->args[bnc].u.hostmask = ban;
+ bounce->args[bnc].u.hostmask = strdup(ban);
bnc++;
send_message(user, chanserv, "CSMSG_MASK_PROTECTED", ban);
}
{
if((bounce->argc = bnc) || bounce->modes_set || bounce->modes_clear)
mod_chanmode_announce(chanserv, channel, bounce);
+ for(ii = 0; ii < change->argc; ++ii)
+ if(bounce->args[ii].mode == (MODE_REMOVE | MODE_BAN))
+ free((char*)bounce->args[ii].u.hostmask);
mod_chanmode_free(bounce);
}
}
change = mod_chanmode_alloc(channel->banlist.used);
for (ii=0; ii<channel->banlist.used; ii++) {
change->args[ii].mode = MODE_REMOVE | MODE_BAN;
- change->args[ii].u.hostmask = channel->banlist.list[ii]->ban;
+ change->args[ii].u.hostmask = strdup(channel->banlist.list[ii]->ban);
}
modcmd_chanmode_announce(change);
+ for (ii=0; ii<change->argc; ++ii)
+ free((char*)change->args[ii].u.hostmask);
mod_chanmode_free(change);
reply("OSMSG_CLEARBANS_DONE", channel->name);
return 1;