Fix a crash bug with auth modules

If a module like imapauth needs some time to process a login, it's possible that
the client already disconnected by the time the lookup finished. This would then
cause a stale pointer in CAuthBase to be dereferenced.

Fix this remotely exploitable crash bug by adding a new function
CAuthBase::Invalidate(). After this was called, the CAuthBase instance doesn't
do anything at all anymore, especially not dereferencing the (possibly stale)
m_pSock pointer.

This also makes sure that one can only call AcceptLogin() or RefuseLogin() once.

Thanks to Sm0ke0ut for providing backtraces and reporting this bug.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1669 726aef4b-f618-498e-8847-2d620e286838

modules/webadmin.cpp

@@ -25,7 +25,7 @@ public:
 
 	virtual ~CWebAdminAuth() {}
 
-	void SetWebAdminSock(CWebAdminSock* pWebAdminSock) { m_pWebAdminSock = pWebAdminSock; }
+	void Invalidate() { m_pWebAdminSock = NULL; CAuthBase::Invalidate(); }
 	void AcceptedLogin(CUser& User);
 	void RefusedLogin(const CString& sReason);
 private:
@@ -359,7 +359,7 @@ CWebAdminSock::CWebAdminSock(CWebAdminMod* pModule, const CString& sHostname, un
 CWebAdminSock::~CWebAdminSock() {
 	if (!m_spAuth.IsNull()) {
 		CWebAdminAuth* pAuth = (CWebAdminAuth*) &(*m_spAuth);
-		pAuth->SetWebAdminSock(NULL);
+		pAuth->Invalidate();
 	}
 }