Validate credentials sent via sasl more

author: Adam <Adam@anope.org> 2014-10-16 21:38:46 -0400
committer: Adam <Adam@anope.org> 2014-10-16 21:38:46 -0400
commit: b940077553a538a14519bd11207c96bfd7b5ae4e (patch)
tree: 1fbd3cae418248f0f9b4fe496742c36d684498a1 /modules/m_sasl.cpp
parent: c8ded08b43a6fb3d4512370c33bc455e3c721feb (diff)
1 files changed, 13 insertions, 1 deletions
diff --git a/modules/m_sasl.cpp b/modules/m_sasl.cpp
index 969e5b985..ddfd84cbf 100644
--- a/modules/m_sasl.cpp
+++ b/modules/m_sasl.cpp
@@ -30,18 +30,30 @@ class Plain : public Mechanism
 
 			size_t p = decoded.find('\0');
 			if (p == Anope::string::npos)
+			{
+				sasl->Fail(sess);
+				delete sess;
 				return;
+			}
 			decoded = decoded.substr(p + 1);
 
 			p = decoded.find('\0');
 			if (p == Anope::string::npos)
+			{
+				sasl->Fail(sess);
+				delete sess;
 				return;
+			}
 
 			Anope::string acc = decoded.substr(0, p),
 				pass = decoded.substr(p + 1);
 
-			if (acc.empty() || pass.empty())
+			if (acc.empty() || pass.empty() || !IRCD->IsNickValid(acc) || pass.find_first_of("\r\n") != Anope::string::npos)
+			{
+				sasl->Fail(sess);
+				delete sess;
 				return;
+			}
 
 			SASL::IdentifyRequest *req = new SASL::IdentifyRequest(this->owner, m.source, acc, pass);
 			FOREACH_MOD(OnCheckAuthentication, (NULL, req));
author	Adam <Adam@anope.org>	2014-10-16 21:38:46 -0400
committer	Adam <Adam@anope.org>	2014-10-16 21:38:46 -0400
commit	b940077553a538a14519bd11207c96bfd7b5ae4e (patch)
tree	1fbd3cae418248f0f9b4fe496742c36d684498a1 /modules/m_sasl.cpp
parent	c8ded08b43a6fb3d4512370c33bc455e3c721feb (diff)