Michael Ortmann

icon location IT consultant, Climate activist and Cypherpunk. Enjoying Zig, C, Assembly language, Python and Java.

Results 231 issues of Michael Ortmann

strcpy-param-overlap in filesys.c

There are some bad `strcpy()`s in filesys.c, that overlap src and dst, which is undefined. Its complex code, so i opened this issue instead of delivering a PR instantly. https://github.com/eggheads/eggdrop/blob/155f7a3c352f80f93db12bd78db7a9960863ae08/src/mod/filesys.mod/filesys.c#L236...

telnet flood protection doesnt cover multiple hosts

dcc.c:detect_telnet_flood() only matches last seen host. A telnet flood from user A is not detected, if in the meantime, user B telnets the bot. In other words, someone with control...

dns.mod doesn't handle prefer-ipv6 change properly

1 comment

``` .set prefer-ipv6 Currently: 0 .tcl dnslookup google.com foo "foo 216.58.207.78 google.com 1" .set prefer-ipv6 1 Ok, set. .tcl dnslookup google.com foo "foo 216.58.207.78 google.com 1" [22:32:37] DNS Resolver: Cache...

(Low Prio) Do not discard const qualifier

Found by: michaelortmann Patch by: michaelortmann Fixes: One-line summary: Do not discard const qualifier Additional description (if needed): Cleanup misc.c:maskaddr(), rfc1459.c and tcl.c:tcl_eggcouplet() Remove the unnecessary string truncation at s[40]...

(WIP) Fix snprintf with overlapping source and dest strings

Found by: Will Buckner and michaelortmann Patch by: michaelortmann Fixes: #1061 One-line summary: Fix snprintf with overlapping source and dest strings Additional description (if needed): This looks like another bug...

snprintf with overlapping source and dest strings

https://github.com/eggheads/eggdrop/blob/6e9aeacf78fe2b869d73e2c07819619415c1cb25/src/mod/server.mod/server.c#L586 snprintf with overlapping source and dest strings is undefined behaviour, dst is `char * restrict`. After inserting debug code i was able to see a real bug here. I...

(WIP) Remove compat snprintf() and vsnprintf() (eggdrop requires posix 2001)

Found by: vanosg Patch by: michaelortmann Fixes: #226 One-line summary: Eggdrop depends on POSIX.1-2001. POSIX.1-2001 defines snprintf() and vsnprintf(). This patch gets rid of src/compat/snprintf*. egg_snprintf() and egg_vsnprintf() are left...

Fix telnet response to control functions

1 comment

eggdrop is distinguishable from normal telnetd, because a normal telnetd will immediately respond to a telnet control function, and eggdrop wont. this is due to eggdrop's sockgets() looks for EOL...

openssl-3.0.0-alpha7 deprecation warnings

PR #1010 fixes deprecations warnings for openssl-3.0.0-alpha6 meanwhile openssl-3.0.0-alpha7 is out and with it come new deprecation warnings (about MD5 functions) we should fix in time: ``` [...] gcc -g...

Remove the limit of 1024 chars for input/output of add_cr() and escape_telnet()

2 comment

Found by: michaelortmann Patch by: michaelortmann Fixes: One-line summary: Remove the limit of 1024 chars for input/output of add_cr() and escape_telnet() Additional description (if needed): Additionally refactor dccutil.c:add_cr() and dcc.c:escape_telnet()...