commit b3d4cf9081fc32df969760b5b58a21954a27d073
from: Sebastian Köhler <sebkoehler@whoami.org.uk>
via: Alexander Barton <alex@barton.de>
date: Fri Feb 15 10:56:24 2013 UTC

KICK: Fix denial of service bug

Test if the user that it is to be kicked is on the channel before user
channel modes are tested. Otherwise assert( cl2chan != NULL ); in
line 742 would fail and stop the service.
(cherry picked from commit 0e63fb3fa7ac4ca048e8c2b648d2be3fd0572311)

commit - 1265eb15b8b3eae1a25906daaa4e38de3feb3f16
commit + b3d4cf9081fc32df969760b5b58a21954a27d073
blob - 00aafe05a170102a3e22053af73861b50b14e112
blob + b7c35709d3bbdb84122c002cf4e30218c5f5c4d4
--- src/ngircd/channel.c
+++ src/ngircd/channel.c
@@ -324,6 +324,13 @@ Channel_Kick(CLIENT *Peer, CLIENT *Target, CLIENT *Ori
 					    Client_ID(Origin), Name);
 			return;
 		}
+	}
+
+	/* Check that the client to be kicked is on the specified channel */
+	if (!Channel_IsMemberOf(chan, Target)) {
+		IRC_WriteStrClient(Origin, ERR_USERNOTINCHANNEL_MSG,
+				   Client_ID(Origin), Client_ID(Target), Name );
+		return;
 	}
 
 	if(Client_Type(Peer) == CLIENT_USER) {
@@ -382,13 +389,6 @@ Channel_Kick(CLIENT *Peer, CLIENT *Target, CLIENT *Ori
 		}
 	}
 
-	/* Check that the client to be kicked is on the specified channel */
-	if (!Channel_IsMemberOf(chan, Target)) {
-		IRC_WriteStrClient(Origin, ERR_USERNOTINCHANNEL_MSG,
-				   Client_ID(Origin), Client_ID(Target), Name );
-		return;
-	}
-
 	/* Kick Client from channel */
 	Remove_Client( REMOVE_KICK, chan, Target, Origin, Reason, true);
 } /* Channel_Kick */