SECURITY: Fixed a message handling bug which could crash the daemon.

[ngircd-alex.git] / src / ngircd / parse.c

diff --git a/src/ngircd/parse.c b/src/ngircd/parse.c
index 00ae3cd7e93d5f415a596d3d4c6b50ffb27c7817..493fbdc0d500336714393ea4917002c6ff5fec43 100644 (file)
--- a/src/ngircd/parse.c
+++ b/src/ngircd/parse.c
@@ -338,14 +338,27 @@ Validate_Command( UNUSED CONN_ID Idx, UNUSED REQUEST *Req, bool *Closed )
 
 
 static bool
+#ifdef STRICT_RFC
 Validate_Args(CONN_ID Idx, REQUEST *Req, bool *Closed)
+#else
+Validate_Args(UNUSED CONN_ID Idx, UNUSED REQUEST *Req, bool *Closed)
+#endif
 {
+#ifdef STRICT_RFC
        int i;
+#endif
+
+       *Closed = false;
 
+#ifdef STRICT_RFC
        assert( Idx >= 0 );
        assert( Req != NULL );
-       *Closed = false;
 
+       /* CR and LF are never allowed in command parameters.
+        * But since we do accept lines terminated only with CR or LF in
+        * "non-RFC-compliant mode" (besides the correct CR+LF combination),
+        * this check can only trigger in "strict RFC" mode; therefore we
+        * optimize it away otherwise ... */
        for (i = 0; i < Req->argc; i++) {
                if (strchr(Req->argv[i], '\r') || strchr(Req->argv[i], '\n')) {
                        Log(LOG_ERR,
@@ -357,6 +370,8 @@ Validate_Args(CONN_ID Idx, REQUEST *Req, bool *Closed)
                        return false;
                }
        }
+#endif
+
        return true;
 } /* Validate_Args */