Better validate MODE +k & +l parameters and return errors

Implement new numeric ERR_INVALIDMODEPARAM_MSG(696) and:

- Reject channel keys with spaces and return ERR_INVALIDMODEPARAM_MSG;
  This was possible until now and resulted in garbled IRC commands later.
- Reject empty channel keys and return ERR_INVALIDMODEPARAM_MSG;
  This was possible until now and resulted in garbled IRC commands later.
- Return ERR_INVALIDMODEPARAM_MSG when user limit is out of bounds;
  This was silently ignored until now.

Closes #290. Thanks Val Lorentz for reporting it!

diff --git a/src/ngircd/irc-mode.c b/src/ngircd/irc-mode.c
index 4a26ef02f6cd32c9abd93a10d66864466e66d5c5..0ea046e561c9196f646006602f0a14362149f42f 100644 (file)
--- a/src/ngircd/irc-mode.c
+++ b/src/ngircd/irc-mode.c
@@ -620,6 +620,18 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel)
                                                Client_ID(Origin), Req->command);
                                goto chan_exit;
                        }
+                       if (!Req->argv[arg_arg][0] || strchr(Req->argv[arg_arg], ' ')) {
+                               if (is_machine)
+                                       Log(LOG_ERR,
+                                           "Got invalid key on MODE +k for \"%s\" from \"%s\"! Ignored.",
+                                           Channel_Name(Channel), Client_ID(Origin));
+                               else
+                                       connected = IRC_WriteErrClient(Origin,
+                                              ERR_INVALIDMODEPARAM_MSG,
+                                               Client_ID(Origin),
+                                               Channel_Name(Channel), 'k');
+                               goto chan_exit;
+                       }
                        if (is_oper || is_machine || is_owner ||
                            is_admin || is_op || is_halfop) {
                                Channel_ModeDel(Channel, 'k');
@@ -660,15 +672,25 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel)
                                                Client_ID(Origin), Req->command);
                                goto chan_exit;
                        }
+                       l = atol(Req->argv[arg_arg]);
+                       if (l <= 0 || l >= 0xFFFF) {
+                               if (is_machine)
+                                       Log(LOG_ERR,
+                                           "Got MODE +l with invalid limit for \"%s\" from \"%s\"! Ignored.",
+                                           Channel_Name(Channel), Client_ID(Origin));
+                               else
+                                       connected = IRC_WriteErrClient(Origin,
+                                               ERR_INVALIDMODEPARAM_MSG,
+                                               Client_ID(Origin),
+                                               Channel_Name(Channel), 'l');
+                               goto chan_exit;
+                       }
                        if (is_oper || is_machine || is_owner ||
                            is_admin || is_op || is_halfop) {
-                               l = atol(Req->argv[arg_arg]);
-                               if (l > 0 && l < 0xFFFF) {
-                                       Channel_ModeDel(Channel, 'l');
-                                       Channel_SetMaxUsers(Channel, l);
-                                       snprintf(argadd, sizeof(argadd), "%ld", l);
-                                       x[0] = *mode_ptr;
-                               }
+                               Channel_ModeDel(Channel, 'l');
+                               Channel_SetMaxUsers(Channel, l);
+                               snprintf(argadd, sizeof(argadd), "%ld", l);
+                               x[0] = *mode_ptr;
                        } else {
                                connected = IRC_WriteErrClient(Origin,
                                        ERR_CHANOPRIVSNEEDED_MSG,

diff --git a/src/ngircd/messages.h b/src/ngircd/messages.h
index 76a04ff98d4d11a373bd0cfb0695dd65a87280e6..1bbfa69971de4d30f569c08c13900387c93d96b7 100644 (file)
--- a/src/ngircd/messages.h
+++ b/src/ngircd/messages.h
@@ -1,6 +1,6 @@
 /*
  * ngIRCd -- The Next Generation IRC Daemon
- * Copyright (c)2001-2020 Alexander Barton (alex@barton.de) and Contributors.
+ * Copyright (c)2001-2023 Alexander Barton (alex@barton.de) and Contributors.
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -162,6 +162,8 @@
 #define ERR_USERNOTONSERV_MSG          "504 %s %s :User is not on this server"
 #define ERR_NOINVITE_MSG               "518 %s :Cannot invite to %s (+V)"
 
+#define ERR_INVALIDMODEPARAM_MSG       "696 %s %s %c * :Invalid mode parameter"
+
 #ifdef ZLIB
 # define RPL_STATSLINKINFOZIP_MSG      "211 %s %s %d %ld %ld/%ld %ld %ld/%ld :%ld"
 #endif