Closed Bug 326523 Opened 19 years ago Closed 19 years ago

Reject blatantly invalid CTCP PING responses

Categories

(Other Applications :: ChatZilla, defect)

Product:
Other Applications
Component:
ChatZilla
Type:
defect
Priority:
Not set
Severity:
trivial

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: rdmsoft, Assigned: rdmsoft)

Details

(Whiteboard: [cz-0.9.71][cz-0.9.73])

Attachments

(2 files, 1 obsolete file)

length != 13
2.52 KB, patch
samuel
: review+
Details | Diff | Splinter Review
trim spaces
730 bytes, patch
samuel
: review+
Details | Diff | Splinter Review 
In either a mis-understanding of the spec or an attempt to make itself look better, NoNameScript for mIRC sends back its own timestamp in PING responses instead of the one we sent in the request. As a result of ChatZilla using a different timestamp format, this results in meaningless ping times like "13174 days, 15 hours, 54 minutes, 26.77 seconds".

I'm going to attach a patch that displays an error if the timestamp returned is obviously wrong. Other possible fixes would be lightly encrypting the timestamp to make extra sure it isn't messed with, or only accepting responses if we've sent a ping request with the same timestamp.
Attached patch patch (obsolete) — Splinter Review 

        Attachment #211249 -
        Flags: review?(samuel)

    
    

    
  
Comment on attachment 211249 [details] [diff] [review]
patch

Checking for a length of 10 is too specific.  We need a better check.

        Attachment #211249 -
        Flags: review?(samuel) → review-

    
    

    
  
Length != 13 is surely what we're after?

    
    

    
  

      
      
      
      

        Attached patch
          
          
        length != 13Splinter Review
      

    


  
You're right. It's a long time since/until timestamps are a different length.

        Attachment #211249 -
        Attachment is obsolete: true

        Attachment #211275 -
        Flags: review?(samuel)

    
  

        Attachment #211275 -
        Flags: review?(samuel) → review+

    
    

    
  
Checked in --> FIXED.
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Summary: Reject blatently invalid CTCP PING responses → Reject blatantly invalid CTCP PING responses

    
  
Whiteboard: [cz-0.9.71]

    
    

    
  
Nickserv's ping replies on moznet now show "invalid ping reply" too. I seem to remember that when we discussed this, all it took to fix was an extra stringTrim around the ctcp reply? Reopening to get that bit fixed.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---

    
    

    
  
When I send a ping targetted at a channel with a services bot in it, its response is even more broken ("PING PING 1142784964671 "). Should I make ChatZilla accept that as well?

    
    

    
  

      
      
      
      

        Attached patch
          
          
        trim spacesSplinter Review
      

    


  

        Attachment #216218 -
        Flags: review?(samuel)

    
  

        Attachment #216218 -
        Flags: review?(samuel) → review+

    
    

    
  
Checked in --> FIXED (again).
Status: REOPENED → RESOLVED
Closed: 19 years ago19 years ago
Resolution: --- → FIXED

    
  
Whiteboard: [cz-0.9.71] → [cz-0.9.71][cz-0.9.73]

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: