mirror of
https://github.com/osmarks/ngircd.git
synced 2025-01-23 05:46:51 +00:00
Better validate MODE +k & +l parameters and return errors
Implement new numeric ERR_INVALIDMODEPARAM_MSG(696) and: - Reject channel keys with spaces and return ERR_INVALIDMODEPARAM_MSG; This was possible until now and resulted in garbled IRC commands later. - Reject empty channel keys and return ERR_INVALIDMODEPARAM_MSG; This was possible until now and resulted in garbled IRC commands later. - Return ERR_INVALIDMODEPARAM_MSG when user limit is out of bounds; This was silently ignored until now. Closes #290. Thanks Val Lorentz for reporting it!
This commit is contained in:
parent
3c9c54989e
commit
8e9c789ae1
@ -620,6 +620,18 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel)
|
|||||||
Client_ID(Origin), Req->command);
|
Client_ID(Origin), Req->command);
|
||||||
goto chan_exit;
|
goto chan_exit;
|
||||||
}
|
}
|
||||||
|
if (!Req->argv[arg_arg][0] || strchr(Req->argv[arg_arg], ' ')) {
|
||||||
|
if (is_machine)
|
||||||
|
Log(LOG_ERR,
|
||||||
|
"Got invalid key on MODE +k for \"%s\" from \"%s\"! Ignored.",
|
||||||
|
Channel_Name(Channel), Client_ID(Origin));
|
||||||
|
else
|
||||||
|
connected = IRC_WriteErrClient(Origin,
|
||||||
|
ERR_INVALIDMODEPARAM_MSG,
|
||||||
|
Client_ID(Origin),
|
||||||
|
Channel_Name(Channel), 'k');
|
||||||
|
goto chan_exit;
|
||||||
|
}
|
||||||
if (is_oper || is_machine || is_owner ||
|
if (is_oper || is_machine || is_owner ||
|
||||||
is_admin || is_op || is_halfop) {
|
is_admin || is_op || is_halfop) {
|
||||||
Channel_ModeDel(Channel, 'k');
|
Channel_ModeDel(Channel, 'k');
|
||||||
@ -660,15 +672,25 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel)
|
|||||||
Client_ID(Origin), Req->command);
|
Client_ID(Origin), Req->command);
|
||||||
goto chan_exit;
|
goto chan_exit;
|
||||||
}
|
}
|
||||||
|
l = atol(Req->argv[arg_arg]);
|
||||||
|
if (l <= 0 || l >= 0xFFFF) {
|
||||||
|
if (is_machine)
|
||||||
|
Log(LOG_ERR,
|
||||||
|
"Got MODE +l with invalid limit for \"%s\" from \"%s\"! Ignored.",
|
||||||
|
Channel_Name(Channel), Client_ID(Origin));
|
||||||
|
else
|
||||||
|
connected = IRC_WriteErrClient(Origin,
|
||||||
|
ERR_INVALIDMODEPARAM_MSG,
|
||||||
|
Client_ID(Origin),
|
||||||
|
Channel_Name(Channel), 'l');
|
||||||
|
goto chan_exit;
|
||||||
|
}
|
||||||
if (is_oper || is_machine || is_owner ||
|
if (is_oper || is_machine || is_owner ||
|
||||||
is_admin || is_op || is_halfop) {
|
is_admin || is_op || is_halfop) {
|
||||||
l = atol(Req->argv[arg_arg]);
|
Channel_ModeDel(Channel, 'l');
|
||||||
if (l > 0 && l < 0xFFFF) {
|
Channel_SetMaxUsers(Channel, l);
|
||||||
Channel_ModeDel(Channel, 'l');
|
snprintf(argadd, sizeof(argadd), "%ld", l);
|
||||||
Channel_SetMaxUsers(Channel, l);
|
x[0] = *mode_ptr;
|
||||||
snprintf(argadd, sizeof(argadd), "%ld", l);
|
|
||||||
x[0] = *mode_ptr;
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
connected = IRC_WriteErrClient(Origin,
|
connected = IRC_WriteErrClient(Origin,
|
||||||
ERR_CHANOPRIVSNEEDED_MSG,
|
ERR_CHANOPRIVSNEEDED_MSG,
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* ngIRCd -- The Next Generation IRC Daemon
|
* ngIRCd -- The Next Generation IRC Daemon
|
||||||
* Copyright (c)2001-2020 Alexander Barton (alex@barton.de) and Contributors.
|
* Copyright (c)2001-2023 Alexander Barton (alex@barton.de) and Contributors.
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License as published by
|
* it under the terms of the GNU General Public License as published by
|
||||||
@ -162,6 +162,8 @@
|
|||||||
#define ERR_USERNOTONSERV_MSG "504 %s %s :User is not on this server"
|
#define ERR_USERNOTONSERV_MSG "504 %s %s :User is not on this server"
|
||||||
#define ERR_NOINVITE_MSG "518 %s :Cannot invite to %s (+V)"
|
#define ERR_NOINVITE_MSG "518 %s :Cannot invite to %s (+V)"
|
||||||
|
|
||||||
|
#define ERR_INVALIDMODEPARAM_MSG "696 %s %s %c * :Invalid mode parameter"
|
||||||
|
|
||||||
#ifdef ZLIB
|
#ifdef ZLIB
|
||||||
# define RPL_STATSLINKINFOZIP_MSG "211 %s %s %d %ld %ld/%ld %ld %ld/%ld :%ld"
|
# define RPL_STATSLINKINFOZIP_MSG "211 %s %s %d %ld %ld/%ld %ld %ld/%ld :%ld"
|
||||||
#endif
|
#endif
|
||||||
|
Loading…
Reference in New Issue
Block a user