Fix /links buffer overflow.
This commit is contained in:
parent
04bf0760f9
commit
306274351b
|
@ -87,6 +87,8 @@ mo_links(struct Client *client_p, struct Client *source_p, int parc, const char
|
||||||
|
|
||||||
if(parc > 2)
|
if(parc > 2)
|
||||||
{
|
{
|
||||||
|
if(strlen(parv[2]) > HOSTLEN)
|
||||||
|
return 0;
|
||||||
if(hunt_server(client_p, source_p, ":%s LINKS %s :%s", 1, parc, parv)
|
if(hunt_server(client_p, source_p, ":%s LINKS %s :%s", 1, parc, parv)
|
||||||
!= HUNTED_ISME)
|
!= HUNTED_ISME)
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -138,19 +140,21 @@ clean_string(char *dest, const unsigned char *src, size_t len)
|
||||||
if(dest == NULL || src == NULL)
|
if(dest == NULL || src == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
len -= 3; /* allow for worst case, '^A\0' */
|
while (*src && (len > 1))
|
||||||
|
|
||||||
while (*src && (len > 0))
|
|
||||||
{
|
{
|
||||||
if(*src & 0x80) /* if high bit is set */
|
if(*src & 0x80) /* if high bit is set */
|
||||||
{
|
{
|
||||||
*d++ = '.';
|
*d++ = '.';
|
||||||
--len;
|
--len;
|
||||||
|
if(len <= 1)
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
else if(!IsPrint(*src)) /* if NOT printable */
|
else if(!IsPrint(*src)) /* if NOT printable */
|
||||||
{
|
{
|
||||||
*d++ = '^';
|
*d++ = '^';
|
||||||
--len;
|
--len;
|
||||||
|
if(len <= 1)
|
||||||
|
break;
|
||||||
*d++ = 0x40 + *src; /* turn it into a printable */
|
*d++ = 0x40 + *src; /* turn it into a printable */
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|
Loading…
Reference in New Issue