Просмотр исходного кода

* Port [3919] to 1.2.16 from trunk
* Fixed cmd_handle not properly bounds checking max handlen. (fixes #305)


svn: 3920

Bryan Drewery 17 лет назад
Родитель
Сommit
805bbe81d2
3 измененных файлов с 5 добавлено и 5 удалено
  1. 1 0
      doc/UPDATES
  2. 3 5
      src/cmds.c
  3. 1 0
      src/userrec.c

+ 1 - 0
doc/UPDATES

@@ -17,6 +17,7 @@
 * Fixed countless buffer overflows. (fixes #226)
 * Fixed a rare segfault on userfile transfer timeouts
 * Fixed bots getting confused about their hub/uplink after userfile transfer fails (fixes #61)
+* Fixed cmd_handle not properly bounds checking max handlen. (fixes #305)
 
 1.2.15 - http://wraith.botpack.net/milestone/1.2.15
 * Fix a possible segfault when binaries compiled wrong

+ 3 - 5
src/cmds.c

@@ -1178,7 +1178,7 @@ static void cmd_handle(int idx, char *par)
 {
   char newhandle[HANDLEN + 1] = "";
 
-  strncpy(newhandle, newsplit(&par), sizeof newhandle);
+  strlcpy(newhandle, newsplit(&par), sizeof newhandle);
 
   if (!newhandle[0]) {
     dprintf(idx, "Usage: handle <new-handle>\n");
@@ -1192,10 +1192,8 @@ static void cmd_handle(int idx, char *par)
     dprintf(idx, "Sorry, perm owners may not change their handle without recompiling binaries.\n");
     return;
   } else if (strchr(BADHANDCHARS, newhandle[0]) != NULL) {
-    dprintf(idx, "Bizarre quantum forces prevent handle from starting with '%c'.\n",
-	    newhandle[0]);
-  } else if (get_user_by_handle(userlist, newhandle) &&
-	     egg_strcasecmp(dcc[idx].nick, newhandle)) {
+    dprintf(idx, "Bizarre quantum forces prevent handle from starting with '%c'.\n", newhandle[0]);
+  } else if (get_user_by_handle(userlist, newhandle) && egg_strcasecmp(dcc[idx].nick, newhandle)) {
     dprintf(idx, "Somebody is already using %s.\n", newhandle);
   } else if (!egg_strcasecmp(newhandle, conf.bot->nick)) {
     dprintf(idx, "Hey!  That's MY name!\n");

+ 1 - 0
src/userrec.c

@@ -558,6 +558,7 @@ int change_handle(struct userrec *u, char *newh)
 	if (dcc[i].u.chat->channel < GLOBAL_CHANS)
 	  botnet_send_nkch(i, s);
       }
+      break;
     }
   return 1;
 }