IDENT reply: only allow alphanumeric characters in user name
authorAlexander Barton <alex@barton.de>
Fri, 1 Jun 2012 22:24:53 +0000 (00:24 +0200)
committerAlexander Barton <alex@barton.de>
Fri, 1 Jun 2012 22:24:53 +0000 (00:24 +0200)
Only alphanumeric characters are allowed in the user name, so ignore
all IDENT replies that would violate this rule and use the one supplied
by the USER command.

src/ngircd/conn.c

index b6e6280..4d77871 100644 (file)
@@ -2174,6 +2174,7 @@ cb_Read_Resolver_Result( int r_fd, UNUSED short events )
        char *identptr;
 #ifdef IDENTAUTH
        char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
+       char *ptr;
 #else
        char readbuf[HOST_LEN + 1];
 #endif
@@ -2226,11 +2227,30 @@ cb_Read_Resolver_Result( int r_fd, UNUSED short events )
 #ifdef IDENTAUTH
                ++identptr;
                if (*identptr) {
-                       Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
-                       Client_SetUser(c, identptr, true);
-                       if (Conf_NoticeAuth)
+                       ptr = identptr;
+                       while (*ptr) {
+                               if ((*ptr < '0' || *ptr > '9') &&
+                                   (*ptr < 'A' || *ptr > 'Z') &&
+                                   (*ptr < 'a' || *ptr > 'z'))
+                                       break;
+                               ptr++;
+                       }
+                       if (*ptr) {
+                               /* Erroneous IDENT reply */
+                               Log(LOG_NOTICE,
+                                   "Got invalid IDENT reply for connection %d! Ignored.",
+                                   i);
+                       } else {
+                               Log(LOG_INFO,
+                                   "IDENT lookup for connection %d: \"%s\".",
+                                   i, identptr);
+                               Client_SetUser(c, identptr, true);
+                       }
+                       if (Conf_NoticeAuth) {
                                (void)Conn_WriteStr(i,
-                                       "NOTICE AUTH :*** Got ident response");
+                                       "NOTICE AUTH :*** Got %sident response",
+                                       *ptr == NULL ? "" : "invalid ");
+                       }
                } else {
                        Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
                        if (Conf_NoticeAuth && Conf_Ident)