July 30, 2001

OpenProjects.net IRC network servers up and down after new launch

Author: JT Smith

- by Tina Gasperson -
On the heels of an announcement about improved service, the OpenProjects.net IRC network is experiencing buffer overflows and subsequent server outages this morning, which have forced the network back onto the old system.Project coders said the new daemon had gone through rigorous testing prior to the early morning July 30 launch, but a small error in the code has knocked the new service down until further notice. The network has been placed back on the original system to restore service to the 1200-plus IRC channels and nearly 4,000 users normally residing on the OpenProjects.net servers.

There's a problem in the code that maintainers originally thought was a buffer overflow, a security vulnerability which happens when "you write a set of values (usually a string of characters) into a fixed length buffer and write at least one value
outside that buffer's boundaries (usually past its end). A buffer overflow can occur when reading input from the user into a buffer, but it can also
occur during other kinds of processing in a program," according to the Secure Programming for Linux and Unix HOWTO, by David A. Wheeler.

However, upon further examination, coders determined that the problem is not security related. "What is happening is that we do a sanity check on the zipped data we receive, and we notice that it's longer than it is supposed to be, which is causing the servers to react violently. It's not exactly a buffer overflow," said one of the coders.

Category:

  • News
Click Here!