diff options
| author | cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864> | 2009-02-14 03:08:25 +0000 |
|---|---|---|
| committer | cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864> | 2009-02-14 03:08:25 +0000 |
| commit | b167c89ca6a839bcd1109b2131eb1970ad68e9b6 (patch) | |
| tree | 5bafb49fc913766ca81616ffd5fb4461a6256bea /src | |
| parent | 4b291b12f82ee31ff39f0b868ebfb13a24e76d1a (diff) | |
Audited os_akill, os_set, os_sgline, os_sqline, os_staff, and os_szline.
git-svn-id: http://anope.svn.sourceforge.net/svnroot/anope/trunk@2043 5417fbe8-f217-4b02-8779-1006273d7864
Diffstat (limited to 'src')
| -rw-r--r-- | src/core/os_akill.c | 17 | ||||
| -rw-r--r-- | src/core/os_sgline.c | 6 | ||||
| -rw-r--r-- | src/core/os_sqline.c | 4 | ||||
| -rw-r--r-- | src/core/os_szline.c | 4 |
4 files changed, 20 insertions, 11 deletions
diff --git a/src/core/os_akill.c b/src/core/os_akill.c index d2ff92b7e..34ee062a1 100644 --- a/src/core/os_akill.c +++ b/src/core/os_akill.c @@ -26,9 +26,10 @@ class CommandOSAKill : public Command private: CommandReturn DoAdd(User *u, std::vector<std::string> ¶ms) { - int deleted = 0, last_param = 2; + int deleted = 0; + unsigned last_param = 2; const char *expiry, *mask; - char reason[BUFSIZE]; + char reason[BUFSIZE], realreason[BUFSIZE]; time_t expires; mask = params.size() > 1 ? params[1].c_str() : NULL; @@ -56,12 +57,12 @@ class CommandOSAKill : public Command else if (expires > 0) expires += time(NULL); - if (params.size() < last_param) + if (params.size() <= last_param) { this->OnSyntaxError(u); return MOD_CONT; } - snprintf(reason, sizeof(reason), "%s%s%s", params[last_param].c_str(), last_param == 2 ? " " : "", last_param == 2 ? params[3].c_str() : ""); + snprintf(reason, sizeof(reason), "%s%s%s", params[last_param].c_str(), last_param == 2 && params.size() > 3 ? " " : "", last_param == 2 && params.size() > 3 ? params[3].c_str() : ""); if (mask && *reason) { /* We first do some sanity check on the proposed mask. */ if (strchr(mask, '!')) @@ -88,9 +89,11 @@ class CommandOSAKill : public Command * -Rob **/ if (AddAkiller) - snprintf(reason, sizeof(reason), "[%s] %s", u->nick, reason); + snprintf(realreason, sizeof(realreason), "[%s] %s", u->nick, reason); + else + snprintf(realreason, sizeof(realreason), "%s", reason); - deleted = add_akill(u, mask, u->nick, expires, reason); + deleted = add_akill(u, mask, u->nick, expires, realreason); if (deleted < 0) return MOD_CONT; else if (deleted) @@ -127,7 +130,7 @@ class CommandOSAKill : public Command snprintf(buf, sizeof(buf), "expires in %d %s%s", wall_expiry, s, wall_expiry == 1 ? "" : "s"); } - ircdproto->SendGlobops(s_OperServ, "%s added an AKILL for %s (%s) (%s)", u->nick, mask, reason, buf); + ircdproto->SendGlobops(s_OperServ, "%s added an AKILL for %s (%s) (%s)", u->nick, mask, realreason, buf); } if (readonly) diff --git a/src/core/os_sgline.c b/src/core/os_sgline.c index baa9f0551..71aabe240 100644 --- a/src/core/os_sgline.c +++ b/src/core/os_sgline.c @@ -65,6 +65,12 @@ class CommandOSSGLine : public Command } snprintf(rest, sizeof(rest), "%s%s%s", param, params.size() > last_param ? " " : "", params.size() > last_param ? params[last_param].c_str() : ""); + if (static_cast<std::string>(rest).find(':') == std::string::npos) + { + this->OnSyntaxError(u); + return MOD_CONT; + } + sepstream sep(rest, ':'); std::string mask; sep.GetToken(mask); diff --git a/src/core/os_sqline.c b/src/core/os_sqline.c index 6ddd09f57..bb75d0e91 100644 --- a/src/core/os_sqline.c +++ b/src/core/os_sqline.c @@ -57,12 +57,12 @@ class CommandOSSQLine : public Command else if (expires > 0) expires += time(NULL); - if (params.size() < last_param) + if (params.size() <= last_param) { this->OnSyntaxError(u); return MOD_CONT; } - snprintf(reason, sizeof(reason), "%s%s%s", params[last_param].c_str(), last_param == 2 ? " " : "", last_param == 2 ? params[3].c_str() : ""); + snprintf(reason, sizeof(reason), "%s%s%s", params[last_param].c_str(), last_param == 2 && params.size() > 3 ? " " : "", last_param == 2 && params.size() > 3 ? params[3].c_str() : ""); if (mask && *reason) { /* We first do some sanity check on the proposed mask. */ diff --git a/src/core/os_szline.c b/src/core/os_szline.c index a3224ba7f..b3b86736d 100644 --- a/src/core/os_szline.c +++ b/src/core/os_szline.c @@ -57,12 +57,12 @@ class CommandOSSZLine : public Command else if (expires > 0) expires += time(NULL); - if (params.size() < last_param) + if (params.size() <= last_param) { this->OnSyntaxError(u); return MOD_CONT; } - snprintf(reason, sizeof(reason), "%s%s%s", params[last_param].c_str(), last_param == 2 ? " " : "", last_param == 2 ? params[3].c_str() : ""); + snprintf(reason, sizeof(reason), "%s%s%s", params[last_param].c_str(), last_param == 2 && params.size() > 3 ? " " : "", last_param == 2 && params.size() > 3 ? params[3].c_str() : ""); if (mask && *reason) { /* We first do some sanity check on the proposed mask. */ |