summaryrefslogtreecommitdiff
path: root/modules/m_sasl.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'modules/m_sasl.cpp')
-rw-r--r--modules/m_sasl.cpp14
1 files changed, 13 insertions, 1 deletions
diff --git a/modules/m_sasl.cpp b/modules/m_sasl.cpp
index 969e5b985..ddfd84cbf 100644
--- a/modules/m_sasl.cpp
+++ b/modules/m_sasl.cpp
@@ -30,18 +30,30 @@ class Plain : public Mechanism
size_t p = decoded.find('\0');
if (p == Anope::string::npos)
+ {
+ sasl->Fail(sess);
+ delete sess;
return;
+ }
decoded = decoded.substr(p + 1);
p = decoded.find('\0');
if (p == Anope::string::npos)
+ {
+ sasl->Fail(sess);
+ delete sess;
return;
+ }
Anope::string acc = decoded.substr(0, p),
pass = decoded.substr(p + 1);
- if (acc.empty() || pass.empty())
+ if (acc.empty() || pass.empty() || !IRCD->IsNickValid(acc) || pass.find_first_of("\r\n") != Anope::string::npos)
+ {
+ sasl->Fail(sess);
+ delete sess;
return;
+ }
SASL::IdentifyRequest *req = new SASL::IdentifyRequest(this->owner, m.source, acc, pass);
FOREACH_MOD(OnCheckAuthentication, (NULL, req));
generated by cgit (git 2.34.1) at 2025-06-16 23:18:52 +0000