philippelh/bitchx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add sanity checking of incoming nicknames.

Browse Source 
Check that at least the first character of an incoming nickname is valid (we
actually go a bit beyond the RFC by also allowing any char with bit 8 set - at
least Russian servers use nicknames like this).


git-svn-id: svn://svn.code.sf.net/p/bitchx/code/trunk@501 13b04d17-f746-0410-82c6-800466cd88b0
This commit is contained in:
Kevin Easton
2014-09-24 06:54:00 +00:00
parent 6dc2335df9
commit b99118c030
2 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Changelog
View File

@@ -1,5 +1,7 @@
[Changes 1.2c01] [Changes 1.2c01]
* Add sanity checking of incoming nicknames. (caf)
* /MV (massvoice) shouldn't send +v for already-voiced users. (caf) * /MV (massvoice) shouldn't send +v for already-voiced users. (caf)
* Fix lag check on recent 32 bit OpenBSD / NetBSD (reported by DJ). (caf) * Fix lag check on recent 32 bit OpenBSD / NetBSD (reported by DJ). (caf)

11
source/parse.c
View File

@@ -1950,6 +1950,17 @@ void parse_server(char *orig_line)
/* XXXX - i dont think 'from' can be null here. */ /* XXXX - i dont think 'from' can be null here. */
if (!(comm = (*ArgList++)) || !from || !*ArgList) if (!(comm = (*ArgList++)) || !from || !*ArgList)
return; /* Serious protocol violation -- ByeBye */ return; /* Serious protocol violation -- ByeBye */
/* Check for egregiously bad nicknames */
#define islegal(c) (((c) >= 'A' && (c) <= '}') || \
((c) >= '0' && (c) <= '9') || (c) == '-' || (c & 0x80))
if (*from && !strchr(from, '.') && !islegal(*from))
{
rfc1459_odd(from, comm, ArgList);
return;
}
#ifdef WANT_TCL #ifdef WANT_TCL
if (check_tcl_raw(copy, comm)) if (check_tcl_raw(copy, comm))
return; return;