diff options
| author | Florian Westphal <fw@strlen.de> | 2009-05-04 23:51:24 +0200 |
|---|---|---|
| committer | Alexander Barton <alex@barton.de> | 2009-05-05 10:21:20 +0200 |
| commit | 627b0b713c52406e50c84bb9459e7794262920a2 (patch) | |
| tree | 9e81bc9c8fe284ec19dbfad85822f7eac8a7d568 | |
| parent | 95428a72ffb5214826b61d5e77f860e7ef6a6c9e (diff) | |
| download | ngircd-627b0b713c52406e50c84bb9459e7794262920a2.tar.gz ngircd-627b0b713c52406e50c84bb9459e7794262920a2.zip | |
security: fix remotely triggerable crash in SSL/TLS code
When a server is running with SSL/TLS support compiled in, it is trivial to crash the server by sending an MOTD request via another server in the network. - ONLY servers without ssl/tls support compiled in are not affected. Disabling SSL in the configuration (no ssl listening ports, etc) does NOT help. - servers that are running standalone (i.e., not connected to any other servers) are not affected, either. This affects all ngircd releases since ngircd 13 (earlier versions have no SSL/TLS support).
| -rw-r--r-- | src/ngircd/conn.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/ngircd/conn.c b/src/ngircd/conn.c index 9752a619..c6095a31 100644 --- a/src/ngircd/conn.c +++ b/src/ngircd/conn.c @@ -1951,6 +1951,9 @@ Conn_GetClient( CONN_ID Idx ) GLOBAL bool Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len) { + if (Idx < 0) + return false; + assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION))); return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len); } @@ -1958,6 +1961,9 @@ Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len) GLOBAL bool Conn_UsesSSL(CONN_ID Idx) { + if (Idx < 0) + return false; + assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION))); return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL); } #endif |