X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=src%2Fngircd%2Fparse.c;h=ec856a0c28fc05ff33b5d1930c79ee4bdb3f75b1;hp=ef2dbbba0bc6d874f886e6a311bef9a233887d6d;hb=0e4e22a7a671d1e8efbc44bffd80062191f75c38;hpb=4e56e5341f632827af3810e26cd59ac0c15b642b diff --git a/src/ngircd/parse.c b/src/ngircd/parse.c index ef2dbbba..ec856a0c 100644 --- a/src/ngircd/parse.c +++ b/src/ngircd/parse.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001,2002 by Alexander Barton (alex@barton.de) + * Copyright (c)2001-2008 Alexander Barton (alex@barton.de) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -9,11 +9,8 @@ * Please read the file COPYING, README and AUTHORS for more information. */ - #include "portab.h" -static char UNUSED id[] = "$Id: parse.c,v 1.72 2008/02/17 13:26:42 alex Exp $"; - /** * @file * IRC command parser and validator. @@ -341,11 +338,39 @@ Validate_Command( UNUSED CONN_ID Idx, UNUSED REQUEST *Req, bool *Closed ) static bool -Validate_Args( UNUSED CONN_ID Idx, UNUSED REQUEST *Req, bool *Closed ) +#ifdef STRICT_RFC +Validate_Args(CONN_ID Idx, REQUEST *Req, bool *Closed) +#else +Validate_Args(UNUSED CONN_ID Idx, UNUSED REQUEST *Req, bool *Closed) +#endif { +#ifdef STRICT_RFC + int i; +#endif + + *Closed = false; + +#ifdef STRICT_RFC assert( Idx >= 0 ); assert( Req != NULL ); - *Closed = false; + + /* CR and LF are never allowed in command parameters. + * But since we do accept lines terminated only with CR or LF in + * "non-RFC-compliant mode" (besides the correct CR+LF combination), + * this check can only trigger in "strict RFC" mode; therefore we + * optimize it away otherwise ... */ + for (i = 0; i < Req->argc; i++) { + if (strchr(Req->argv[i], '\r') || strchr(Req->argv[i], '\n')) { + Log(LOG_ERR, + "Invalid character(s) in parameter (connection %d, command %s)!?", + Idx, Req->command); + if (!Conn_WriteStr(Idx, + "ERROR :Invalid character(s) in parameter!")) + *Closed = true; + return false; + } + } +#endif return true; } /* Validate_Args */ @@ -356,7 +381,8 @@ static bool Handle_Numeric(CLIENT *client, REQUEST *Req) { static const struct _NUMERIC Numerics[] = { - { 005, IRC_Num_ISUPPORT }, + { 5, IRC_Num_ISUPPORT }, + { 20, NULL }, { 376, IRC_Num_ENDOFMOTD } }; int i, num; @@ -364,8 +390,12 @@ Handle_Numeric(CLIENT *client, REQUEST *Req) CLIENT *prefix, *target = NULL; /* Determine target */ - if (Req->argc > 0) - target = Client_Search(Req->argv[0]); + if (Req->argc > 0) { + if (strcmp(Req->argv[0], "*") != 0) + target = Client_Search(Req->argv[0]); + else + target = Client_ThisServer(); + } if (!target) { /* Status code without target!? */ @@ -384,8 +414,11 @@ Handle_Numeric(CLIENT *client, REQUEST *Req) num = atoi(Req->command); for (i = 0; i < (int) ARRAY_SIZE(Numerics); i++) { - if (num == Numerics[i].numeric) + if (num == Numerics[i].numeric) { + if (!Numerics[i].function) + return CONNECTED; return Numerics[i].function(client, Req); + } } LogDebug("Ignored status code %s from \"%s\".",