Sanitize nuh masks more to prevent the other side from rewriting them, which screws with our internal tracking of them

9 files changed, 48 insertions, 19 deletions

diff --git a/include/modes.h b/include/modes.h
index 3ba54c439..d1dc4624e 100644
--- a/include/modes.h
+++ b/include/modes.h
@@ -88,7 +88,7 @@ class CoreExport UserModeParam : public UserMode
 	 * @param value The param
 	 * @return true or false
 	 */
-	virtual bool IsValid(const Anope::string &value) const { return true; }
+	virtual bool IsValid(Anope::string &value) const { return true; }
 };
 
 /** This class is a channel mode, all channel modes use this/inherit from this
@@ -135,7 +135,7 @@ class CoreExport ChannelModeList : public ChannelMode
 	 * @param mask The mask
 	 * @return true for yes, false for no
 	 */
-	virtual bool IsValid(const Anope::string &mask) const { return true; }
+	virtual bool IsValid(Anope::string &mask) const;
 
 	/** Checks if mask affects user
 	 * Should only be used for extbans or other weird ircd-specific things.
@@ -177,7 +177,7 @@ class CoreExport ChannelModeParam : public ChannelMode
 	 * @param value The param
 	 * @return true for yes, false for no
 	 */
-	virtual bool IsValid(const Anope::string &value) const { return true; }
+	virtual bool IsValid(Anope::string &value) const { return true; }
 };
 
 /** This is a mode that is a channel status, eg +v/h/o/a/q.
@@ -259,7 +259,7 @@ class CoreExport ChannelModeKey : public ChannelModeParam
  public:
 	ChannelModeKey(char mc) : ChannelModeParam("KEY", mc) { }
 
-	bool IsValid(const Anope::string &value) const anope_override;
+	bool IsValid(Anope::string &value) const anope_override;
 };
 
 /** This class is used for oper only channel modes
@@ -404,6 +404,8 @@ class CoreExport Entry
 	 */
 	const Anope::string GetMask() const;
 
+	const Anope::string GetNUHMask() const;
+
 	/** Check if this entry matches a user
 	 * @param u The user
 	 * @param full True to match against a users real host and IP
diff --git a/include/protocol.h b/include/protocol.h
index 8f4f2ea58..48520ca43 100644
--- a/include/protocol.h
+++ b/include/protocol.h
@@ -232,6 +232,8 @@ class CoreExport IRCDProto : public Service
 	 * Defaults to Config->ListSize
 	 */
 	virtual unsigned GetMaxListFor(Channel *c);
+
+	virtual Anope::string NormalizeMask(const Anope::string &mask);
 };
 
 class CoreExport MessageSource
diff --git a/modules/protocol/bahamut.cpp b/modules/protocol/bahamut.cpp
index 72c3ee8f9..206bca250 100644
--- a/modules/protocol/bahamut.cpp
+++ b/modules/protocol/bahamut.cpp
@@ -16,7 +16,7 @@ class ChannelModeFlood : public ChannelModeParam
  public:
 	ChannelModeFlood(char modeChar, bool minusNoArg) : ChannelModeParam("FLOOD", modeChar, minusNoArg) { }
 
-	bool IsValid(const Anope::string &value) const anope_override
+	bool IsValid(Anope::string &value) const anope_override
 	{
 		try
 		{
diff --git a/modules/protocol/inspircd12.cpp b/modules/protocol/inspircd12.cpp
index 0cf3e991d..8b17d4140 100644
--- a/modules/protocol/inspircd12.cpp
+++ b/modules/protocol/inspircd12.cpp
@@ -28,7 +28,7 @@ class ChannelModeFlood : public ChannelModeParam
  public:
 	ChannelModeFlood(char modeChar, bool minusNoArg) : ChannelModeParam("FLOOD", modeChar, minusNoArg) { }
 
-	bool IsValid(const Anope::string &value) const anope_override
+	bool IsValid(Anope::string &value) const anope_override
 	{
 		try
 		{
diff --git a/modules/protocol/inspircd20.cpp b/modules/protocol/inspircd20.cpp
index 07c25972c..b27249234 100644
--- a/modules/protocol/inspircd20.cpp
+++ b/modules/protocol/inspircd20.cpp
@@ -239,7 +239,7 @@ class ColonDelimitedParamMode : public ChannelModeParam
  public:
 	ColonDelimitedParamMode(const Anope::string &modename, char modeChar) : ChannelModeParam(modename, modeChar, true) { }
 
-	bool IsValid(const Anope::string &value) const anope_override
+	bool IsValid(Anope::string &value) const anope_override
 	{
 		return IsValid(value, false);
 	}
@@ -288,7 +288,7 @@ class SimpleNumberParamMode : public ChannelModeParam
  public:
 	SimpleNumberParamMode(const Anope::string &modename, char modeChar) : ChannelModeParam(modename, modeChar, true) { }
 
-	bool IsValid(const Anope::string &value) const anope_override
+	bool IsValid(Anope::string &value) const anope_override
 	{
 		if (value.empty())
 			return false; // empty param is never valid
@@ -313,11 +313,12 @@ class ChannelModeFlood : public ColonDelimitedParamMode
  public:
 	ChannelModeFlood(char modeChar) : ColonDelimitedParamMode("FLOOD", modeChar) { }
 
-	bool IsValid(const Anope::string &value) const anope_override
+	bool IsValid(Anope::string &value) const anope_override
 	{
 		// The parameter of this mode is a bit different, it may begin with a '*',
 		// ignore it if that's the case
-		return ((!value.empty()) && (ColonDelimitedParamMode::IsValid(value[0] == '*' ? value.substr(1) : value)));
+		Anope::string v = value[0] == '*' ? value.substr(1) : value;
+		return ((!value.empty()) && (ColonDelimitedParamMode::IsValid(v)));
 	}
 };
 
@@ -326,7 +327,7 @@ class ChannelModeHistory : public ColonDelimitedParamMode
  public:
 	ChannelModeHistory(char modeChar) : ColonDelimitedParamMode("HISTORY", modeChar) { }
 
-	bool IsValid(const Anope::string &value) const anope_override
+	bool IsValid(Anope::string &value) const anope_override
 	{
 		return (ColonDelimitedParamMode::IsValid(value, true));
 	}
@@ -337,7 +338,7 @@ class ChannelModeRedirect : public ChannelModeParam
  public:
 	ChannelModeRedirect(char modeChar) : ChannelModeParam("REDIRECT", modeChar, true) { }
 
-	bool IsValid(const Anope::string &value) const anope_override
+	bool IsValid(Anope::string &value) const anope_override
 	{
 		// The parameter of this mode is a channel, and channel names start with '#'
 		return ((!value.empty()) && (value[0] == '#'));
diff --git a/modules/protocol/unreal.cpp b/modules/protocol/unreal.cpp
index f444947f6..fd7cb8e81 100644
--- a/modules/protocol/unreal.cpp
+++ b/modules/protocol/unreal.cpp
@@ -547,7 +547,7 @@ class ChannelModeFlood : public ChannelModeParam
 	ChannelModeFlood(char modeChar, bool minusNoArg) : ChannelModeParam("FLOOD", modeChar, minusNoArg) { }
 
 	/* Borrowed part of this check from UnrealIRCd */
-	bool IsValid(const Anope::string &value) const anope_override
+	bool IsValid(Anope::string &value) const anope_override
 	{
 		if (value.empty())
 			return false;
diff --git a/src/channels.cpp b/src/channels.cpp
index b705c8584..409cf6b55 100644
--- a/src/channels.cpp
+++ b/src/channels.cpp
@@ -400,6 +400,7 @@ void Channel::RemoveModeInternal(MessageSource &setter, ChannelMode *ocm, const
 
 void Channel::SetMode(BotInfo *bi, ChannelMode *cm, const Anope::string &param, bool enforce_mlock)
 {
+	Anope::string wparam = param;
 	if (!cm)
 		return;
 	/* Don't set modes already set */
@@ -408,11 +409,11 @@ void Channel::SetMode(BotInfo *bi, ChannelMode *cm, const Anope::string &param,
 	else if (cm->type == MODE_PARAM)
 	{
 		ChannelModeParam *cmp = anope_dynamic_static_cast<ChannelModeParam *>(cm);
-		if (!cmp->IsValid(param))
+		if (!cmp->IsValid(wparam))
 			return;
 
 		Anope::string cparam;
-		if (GetParam(cm->name, cparam) && cparam.equals_cs(param))
+		if (GetParam(cm->name, cparam) && cparam.equals_cs(wparam))
 			return;
 	}
 	else if (cm->type == MODE_STATUS)
@@ -424,7 +425,11 @@ void Channel::SetMode(BotInfo *bi, ChannelMode *cm, const Anope::string &param,
 	else if (cm->type == MODE_LIST)
 	{
 		ChannelModeList *cml = anope_dynamic_static_cast<ChannelModeList *>(cm);
-		if (this->HasMode(cm->name, param) || !cml->IsValid(param))
+
+		if (!cml->IsValid(wparam))
+			return;
+
+		if (this->HasMode(cm->name, wparam))
 			return;
 	}
 
@@ -439,7 +444,6 @@ void Channel::SetMode(BotInfo *bi, ChannelMode *cm, const Anope::string &param,
 		this->chanserv_modecount++;
 	}
 
-	Anope::string wparam = param;
 	ChannelMode *wcm = cm->Wrap(wparam);
 
 	ModeManager::StackerAdd(bi, this, wcm, true, wparam);
diff --git a/src/modes.cpp b/src/modes.cpp
index 668f7c150..4138cfebe 100644
--- a/src/modes.cpp
+++ b/src/modes.cpp
@@ -175,6 +175,13 @@ ChannelModeList::ChannelModeList(const Anope::string &cm, char mch) : ChannelMod
 	this->type = MODE_LIST;
 }
 
+bool ChannelModeList::IsValid(Anope::string &mask) const
+{
+	if (name == "BAN" || name == "EXCEPT" || name == "INVITEOVERRIDE")
+		mask = IRCD->NormalizeMask(mask);
+	return true;
+}
+
 ChannelModeParam::ChannelModeParam(const Anope::string &cm, char mch, bool ma) : ChannelMode(cm, mch), minus_no_arg(ma)
 {
 	this->type = MODE_PARAM;
@@ -231,7 +238,7 @@ bool UserModeNoone::CanSet(User *u) const
 	return false;
 }
 
-bool ChannelModeKey::IsValid(const Anope::string &value) const
+bool ChannelModeKey::IsValid(Anope::string &value) const
 {
 	if (!value.empty() && value.find(':') == Anope::string::npos && value.find(',') == Anope::string::npos)
 		return true;
@@ -796,7 +803,7 @@ Entry::Entry(const Anope::string &m, const Anope::string &fh) : name(m), mask(fh
 
 					this->host = cidr_ip;
 
-					Log(LOG_DEBUG) << "Ban " << this->mask << " has cidr " << this->cidr_len;
+					Log(LOG_DEBUG) << "Ban " << m << " has cidr " << this->cidr_len;
 				}
 			}
 			catch (const ConvertException &) { }
@@ -812,6 +819,14 @@ const Anope::string Entry::GetMask() const
 	return this->mask;
 }
 
+const Anope::string Entry::GetNUHMask() const
+{
+	Anope::string n = nick.empty() ? "*" : nick,
+			u = user.empty() ? "*" : user,
+			h = host.empty() ? "*" : host;
+	return n + "!" + u + "@" + h;
+}
+
 bool Entry::Matches(User *u, bool full) const
 {
 	/* First check if this mode has defined any matches (usually for extbans). */
diff --git a/src/protocol.cpp b/src/protocol.cpp
index 89e4a3c86..a32f521f2 100644
--- a/src/protocol.cpp
+++ b/src/protocol.cpp
@@ -387,6 +387,11 @@ unsigned IRCDProto::GetMaxListFor(Channel *c)
 	return c->HasMode("LBAN") ? 0 : Config->GetBlock("networkinfo")->Get<int>("modelistsize");
 }
 
+Anope::string IRCDProto::NormalizeMask(const Anope::string &mask)
+{
+	return Entry("", mask).GetNUHMask();
+}
+
 MessageSource::MessageSource(const Anope::string &src) : source(src), u(NULL), s(NULL)
 {
 	/* no source for incoming message is our uplink */