[hackers] [ii] check input length before reading || Hiltjo Posthuma
commit b25423f765690d34e4b4eb1e90a27f42d8d41035
Author: Hiltjo Posthuma <hiltjo_AT_codemadness.org>
AuthorDate: Mon Jul 23 21:42:59 2018 +0200
Commit: Hiltjo Posthuma <hiltjo_AT_codemadness.org>
CommitDate: Mon Jul 23 21:42:59 2018 +0200
check input length before reading
thanks halbeno and quinq for the patches and feedback.
diff --git a/ii.c b/ii.c
index 53fa986..6c87314 100644
--- a/ii.c
+++ b/ii.c
_AT_@ -460,15 +460,21 @@ proc_channels_input(int ircfd, Channel *c, char *buf)
char *p = NULL;
size_t buflen;
- if (buf[0] != '/' && buf[0] != '\0') {
+ if (buf[0] == '\0')
+ return;
+ if (buf[0] != '/') {
proc_channels_privmsg(ircfd, c, buf);
return;
}
+
msg[0] = '\0';
+ if ((buflen = strlen(buf)) < 2)
+ return;
if (buf[2] == ' ' || buf[2] == '\0') {
- buflen = strlen(buf);
switch (buf[1]) {
case 'j': /* join */
+ if (buflen < 3)
+ return;
if ((p = strchr(&buf[3], ' '))) /* password parameter */
*p = '\0';
if ((buf[3] == '#') || (buf[3] == '&') || (buf[3] == '+') ||
Received on Mon Jul 23 2018 - 21:44:34 CEST
This archive was generated by hypermail 2.3.0
: Mon Jul 23 2018 - 21:48:22 CEST