Anope Bug Tracker - Anope Stable (2.0.x series)
View Issue Details
0001687Anope Stable (2.0.x series)[All Projects] Generalpublic2016-08-17 04:252016-09-03 16:40
astrutt 
Adam 
immediatecrashalways
closedunable to reproduce 
3.13.0-24-genericUbuntu Linux14.04.5 LTS
0001687: CRASH w/ GPF or SEGFAULT w/ channel #/dev/null forbid or drop

Anope 2.0.3 crashes when trying to manipulate a channel called #/dev/null

Also channel mode locks don't take effect, on join channel mode says + and nothing more.

Thru operserv forbid, drop causes immediate crash of services. On immediate restart/recovery malicious users who own the channel can create a DoS situation.
/j #/dev/null
register channel w/ chanserv
as channel founder, drop channel.

Crash.

Thru operserv, using forbid add chan +0 #/dev/null

Crash.
 -ChanServ(services@services.XXXXXXXX.net)- Information for channel #/dev/null

kernel: [19244515.364579] services[6044] segfault at 7f62134d78b8 ip 00007f62134d78b8 sp 00007fffaeb97c58 error 15 in libc-2.19.so (deleted)[7f62134d7000+2000]

[Aug 17 03:24:40 2016] ADMIN: used FORBID to add
 a forbid on #/dev/null of type chan
[Aug 17 03:24:40 2016] CHANNEL: botserv!bot@irc.net leave #/dev/null
[Aug 17 03:24:40 2016] CHANNEL: destroy #/dev/null

Crash.

Aug 17 03:24:40 xxxxxxxxxxx kernel: [19246454.820054] traps: services[28062] general protection ip:457ccf sp:7ffff915b520 error:0 in services[400000+144000]

Linux xxxxxxxxx 3.13.0-24-generic 0000047-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

Ubuntu 14.04.5 LTS



No tags attached.
Issue History
2016-08-17 04:25astruttNew Issue
2016-08-17 05:10astruttNote Added: 0006808
2016-09-03 16:40AdamNote Added: 0006809
2016-09-03 16:40AdamStatusnew => closed
2016-09-03 16:40AdamAssigned To => Adam
2016-09-03 16:40AdamResolutionopen => unable to reproduce

Notes
(0006809)
Adam   
2016-09-03 16:40   
Nothing like this was fixed in 2.0.4, I can not reproduce this bug on 2.0.4 or 2.0.3.
(0006808)
astrutt   
2016-08-17 05:10   
Updated to 2.0.4 issue is now non-reproducible.

I really wish your release notes would've said something about this for 2.0.4 as I would've updated sooner.