From f8cd8469ad07db26be5e9c5fb7a71ee75da15700 Mon Sep 17 00:00:00 2001
From: William Rehwinkel <william@williamrehwinkel.net>
Date: Sun, 25 Dec 2022 16:53:17 -0500
Subject: [PATCH] Eph. memory catches invalid target (hi.s. delete)

If hist == nil and mysql database Delete msgid function returns
ErrDBIsNil, we know that the target does not match any channel or user.
Return invalid target error to operator (see #2020)
---
 irc/errors.go        |  1 +
 irc/mysql/history.go |  3 ++-
 irc/server.go        | 10 ++++++++++
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/irc/errors.go b/irc/errors.go
index 34f7fcdb..1f0d09f2 100644
--- a/irc/errors.go
+++ b/irc/errors.go
@@ -54,6 +54,7 @@ var (
 	errConfusableIdentifier           = errors.New("This identifier is confusable with one already in use")
 	errInsufficientPrivs              = errors.New("Insufficient privileges")
 	errInvalidUsername                = errors.New("Invalid username")
+	errInvalidTarget                  = errors.New("Invalid target")
 	errFeatureDisabled                = errors.New(`That feature is disabled`)
 	errBanned                         = errors.New("IP or nickmask banned")
 	errInvalidParams                  = utils.ErrInvalidParams
diff --git a/irc/mysql/history.go b/irc/mysql/history.go
index 4cb985f4..025bce64 100644
--- a/irc/mysql/history.go
+++ b/irc/mysql/history.go
@@ -24,6 +24,7 @@ import (
 
 var (
 	ErrDisallowed = errors.New("disallowed")
+	ErrDBIsNil    = errors.New("db == nil")
 )
 
 const (
@@ -726,7 +727,7 @@ func (mysql *MySQL) AddDirectMessage(sender, senderAccount, recipient, recipient
 // note that accountName is the unfolded name
 func (mysql *MySQL) DeleteMsgid(msgid, accountName string) (err error) {
 	if mysql.db == nil {
-		return nil
+		return ErrDBIsNil
 	}
 
 	ctx, cancel := context.WithTimeout(context.Background(), mysql.getTimeout())
diff --git a/irc/server.go b/irc/server.go
index 1a7e1abd..0a4b1380 100644
--- a/irc/server.go
+++ b/irc/server.go
@@ -6,6 +6,7 @@
 package irc
 
 import (
+	"errors"
 	"fmt"
 	"net"
 	"net/http"
@@ -1074,6 +1075,15 @@ func (server *Server) DeleteMessage(target, msgid, accountName string) (err erro
 
 	if hist == nil {
 		err = server.historyDB.DeleteMsgid(msgid, accountName)
+		if err != nil && errors.Is(err, mysql.ErrDBIsNil) {
+			/*
+				hist == nil, and db == nil. We know that the
+				target was not either a current channel or
+				client, and persistent storage is not used.
+				So this is an invalid target. (see #2020)
+			*/
+			return errInvalidTarget
+		}
 	} else {
 		count := hist.Delete(func(item *history.Item) bool {
 			return item.Message.Msgid == msgid && (accountName == "*" || item.AccountName == accountName)