philippelh/bitchx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update ctcp.c

Browse Source 
Fix CTCP utp core dump issue. Possibly a hacker could craft  a specific message that causes other issues, but it is unlikely.
This commit is contained in:
Colten Edwards
2021-04-25 08:17:55 -06:00
committed by GitHub
parent 6c7e32a97d
commit 50847e8fc0
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
source/ctcp.c
View File

@@ -676,7 +676,11 @@ CTCP_HANDLER(do_utc)
return m_strdup(empty_string); return m_strdup(empty_string);
if (!cmd || !*cmd) if (!cmd || !*cmd)
return m_strdup(empty_string); return m_strdup(empty_string);
if (strlen(cmd) > 60)
{
yell("WARNING ctcp echo request longer than 60 chars. truncating");
cmd[60] = 0;
}
return m_strdup(my_ctime(my_atol(cmd))); return m_strdup(my_ctime(my_atol(cmd)));
} }
@@ -913,7 +917,7 @@ extern char tcl_versionstr[];
} }
if (get_int_var(CLOAK_VAR)) if (get_int_var(CLOAK_VAR))
return NULL; return NULL;
malloc_strcpy(&version_reply, stripansicodes(convert_output_format(fget_string_var(FORMAT_VERSION_FSET), "%s %s %s %s %s", irc_version, internal_version, "*IX", "<EFBFBD>", tcl_versionstr))); malloc_strcpy(&version_reply, stripansicodes(convert_output_format(fget_string_var(FORMAT_VERSION_FSET), "%s %s %s %s %s", irc_version, internal_version, "*IX", "ÿ", tcl_versionstr)));
send_ctcp(CTCP_NOTICE, from, CTCP_VERSION, "%s :%s", version_reply, send_ctcp(CTCP_NOTICE, from, CTCP_VERSION, "%s :%s", version_reply,
#endif #endif
(tmp = get_string_var(CLIENTINFO_VAR)) ? tmp : IRCII_COMMENT); (tmp = get_string_var(CLIENTINFO_VAR)) ? tmp : IRCII_COMMENT);