From 7125cb3775a0e384c0f2fc08fd56df9582199502 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sun, 24 Aug 2008 19:01:05 +0100 Subject: Added SET_INVALID, which set evaluators should now return instead of NULL when the given value is not accepted. This to allow certain variables actually be set to NULL (server, for example). This should fully close #444. --- irc.c | 46 ++++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 22 deletions(-) (limited to 'irc.c') diff --git a/irc.c b/irc.c index 30956bc2..d3f254ed 100644 --- a/irc.c +++ b/irc.c @@ -76,6 +76,7 @@ irc_t *irc_new( int fd ) irc_t *irc; struct sockaddr_storage sock; socklen_t socklen = sizeof( sock ); + set_t *s; irc = g_new0( irc_t, 1 ); @@ -135,28 +136,29 @@ irc_t *irc_new( int fd ) irc_connection_list = g_slist_append( irc_connection_list, irc ); - set_add( &irc->set, "away_devoice", "true", set_eval_away_devoice, irc ); - set_add( &irc->set, "auto_connect", "true", set_eval_bool, irc ); - set_add( &irc->set, "auto_reconnect", "false", set_eval_bool, irc ); - set_add( &irc->set, "auto_reconnect_delay", "5*3<900", set_eval_account_reconnect_delay, irc ); - set_add( &irc->set, "buddy_sendbuffer", "false", set_eval_bool, irc ); - set_add( &irc->set, "buddy_sendbuffer_delay", "200", set_eval_int, irc ); - set_add( &irc->set, "charset", "utf-8", set_eval_charset, irc ); - set_add( &irc->set, "debug", "false", set_eval_bool, irc ); - set_add( &irc->set, "default_target", "root", NULL, irc ); - set_add( &irc->set, "display_namechanges", "false", set_eval_bool, irc ); - set_add( &irc->set, "handle_unknown", "root", NULL, irc ); - set_add( &irc->set, "lcnicks", "true", set_eval_bool, irc ); - set_add( &irc->set, "ops", "both", set_eval_ops, irc ); - set_add( &irc->set, "password", NULL, passchange, irc ); - set_add( &irc->set, "private", "true", set_eval_bool, irc ); - set_add( &irc->set, "query_order", "lifo", NULL, irc ); - set_add( &irc->set, "root_nick", irc->mynick, set_eval_root_nick, irc ); - set_add( &irc->set, "save_on_quit", "true", set_eval_bool, irc ); - set_add( &irc->set, "simulate_netsplit", "true", set_eval_bool, irc ); - set_add( &irc->set, "strip_html", "true", NULL, irc ); - set_add( &irc->set, "to_char", ": ", set_eval_to_char, irc ); - set_add( &irc->set, "typing_notice", "false", set_eval_bool, irc ); + s = set_add( &irc->set, "away_devoice", "true", set_eval_away_devoice, irc ); + s = set_add( &irc->set, "auto_connect", "true", set_eval_bool, irc ); + s = set_add( &irc->set, "auto_reconnect", "false", set_eval_bool, irc ); + s = set_add( &irc->set, "auto_reconnect_delay", "5*3<900", set_eval_account_reconnect_delay, irc ); + s = set_add( &irc->set, "buddy_sendbuffer", "false", set_eval_bool, irc ); + s = set_add( &irc->set, "buddy_sendbuffer_delay", "200", set_eval_int, irc ); + s = set_add( &irc->set, "charset", "utf-8", set_eval_charset, irc ); + s = set_add( &irc->set, "debug", "false", set_eval_bool, irc ); + s = set_add( &irc->set, "default_target", "root", NULL, irc ); + s = set_add( &irc->set, "display_namechanges", "false", set_eval_bool, irc ); + s = set_add( &irc->set, "handle_unknown", "root", NULL, irc ); + s = set_add( &irc->set, "lcnicks", "true", set_eval_bool, irc ); + s = set_add( &irc->set, "ops", "both", set_eval_ops, irc ); + s = set_add( &irc->set, "password", NULL, passchange, irc ); + s->flags |= SET_NULL_OK; + s = set_add( &irc->set, "private", "true", set_eval_bool, irc ); + s = set_add( &irc->set, "query_order", "lifo", NULL, irc ); + s = set_add( &irc->set, "root_nick", irc->mynick, set_eval_root_nick, irc ); + s = set_add( &irc->set, "save_on_quit", "true", set_eval_bool, irc ); + s = set_add( &irc->set, "simulate_netsplit", "true", set_eval_bool, irc ); + s = set_add( &irc->set, "strip_html", "true", NULL, irc ); + s = set_add( &irc->set, "to_char", ": ", set_eval_to_char, irc ); + s = set_add( &irc->set, "typing_notice", "false", set_eval_bool, irc ); conf_loaddefaults( irc ); -- cgit v1.2.3 From f3579fd061746fe88c53330a2b9002da4193b37a Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sun, 24 Aug 2008 21:52:31 +0100 Subject: Clearer feedback after set/account set commands. --- irc.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'irc.c') diff --git a/irc.c b/irc.c index d3f254ed..9b4e0020 100644 --- a/irc.c +++ b/irc.c @@ -33,13 +33,19 @@ static gboolean irc_userping( gpointer _irc, int fd, b_input_condition cond ); GSList *irc_connection_list = NULL; -static char *passchange( set_t *set, char *value ) +static char *set_eval_password( set_t *set, char *value ) { irc_t *irc = set->data; - irc_setpass( irc, value ); - irc_usermsg( irc, "Password successfully changed" ); - return NULL; + if( irc->status & USTATUS_IDENTIFIED ) + { + irc_setpass( irc, value ); + return NULL; + } + else + { + return SET_INVALID; + } } static char *set_eval_charset( set_t *set, char *value ) @@ -149,7 +155,7 @@ irc_t *irc_new( int fd ) s = set_add( &irc->set, "handle_unknown", "root", NULL, irc ); s = set_add( &irc->set, "lcnicks", "true", set_eval_bool, irc ); s = set_add( &irc->set, "ops", "both", set_eval_ops, irc ); - s = set_add( &irc->set, "password", NULL, passchange, irc ); + s = set_add( &irc->set, "password", NULL, set_eval_password, irc ); s->flags |= SET_NULL_OK; s = set_add( &irc->set, "private", "true", set_eval_bool, irc ); s = set_add( &irc->set, "query_order", "lifo", NULL, irc ); -- cgit v1.2.3 From 39f93f0ce1c0a179b51f5ff6474d57509e9e0d17 Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sun, 31 Aug 2008 14:42:33 +0100 Subject: /join can now be used to join chatrooms, join_chat should not be used anymore. /join should not be used for unnamed groupchats anymore, use "chat with" instead. --- irc.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'irc.c') diff --git a/irc.c b/irc.c index 9b4e0020..d6b11dca 100644 --- a/irc.c +++ b/irc.c @@ -780,7 +780,9 @@ void irc_login( irc_t *irc ) irc_reply( irc, 2, ":Host %s is running BitlBee " BITLBEE_VERSION " " ARCH "/" CPU ".", irc->myhost ); irc_reply( irc, 3, ":%s", IRCD_INFO ); irc_reply( irc, 4, "%s %s %s %s", irc->myhost, BITLBEE_VERSION, UMODES UMODES_PRIV, CMODES ); - irc_reply( irc, 5, "PREFIX=(ov)@+ CHANTYPES=#& CHANMODES=,,,%s NICKLEN=%d NETWORK=BitlBee CASEMAPPING=rfc1459 MAXTARGETS=1 WATCH=128 :are supported by this server", CMODES, MAX_NICK_LENGTH - 1 ); + irc_reply( irc, 5, "PREFIX=(ov)@+ CHANTYPES=%s CHANMODES=,,,%s NICKLEN=%d NETWORK=BitlBee " + "CASEMAPPING=rfc1459 MAXTARGETS=1 WATCH=128 :are supported by this server", + CTYPES, CMODES, MAX_NICK_LENGTH - 1 ); irc_motd( irc ); irc->umode[0] = '\0'; irc_umode_set( irc, "+" UMODE, 1 ); @@ -1021,7 +1023,7 @@ int irc_send( irc_t *irc, char *nick, char *s, int flags ) struct groupchat *c = NULL; user_t *u = NULL; - if( *nick == '#' || *nick == '&' ) + if( strchr( CTYPES, *nick ) ) { if( !( c = irc_chat_by_channel( irc, nick ) ) ) { -- cgit v1.2.3 From 3183c21afa7700ebc4dac02367653d1398a5b14a Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sat, 6 Sep 2008 23:59:32 +0100 Subject: Completely reviewed all uses of irc->password, irc_setpass() and USTATUS_IDENTIFIED after another account overwriting vulnerability was found by Tero Marttila. --- irc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'irc.c') diff --git a/irc.c b/irc.c index 9b4e0020..dd244c09 100644 --- a/irc.c +++ b/irc.c @@ -37,7 +37,7 @@ static char *set_eval_password( set_t *set, char *value ) { irc_t *irc = set->data; - if( irc->status & USTATUS_IDENTIFIED ) + if( irc->status & USTATUS_IDENTIFIED && value ) { irc_setpass( irc, value ); return NULL; @@ -238,7 +238,7 @@ void irc_free( irc_t * irc ) log_message( LOGLVL_INFO, "Destroying connection with fd %d", irc->fd ); if( irc->status & USTATUS_IDENTIFIED && set_getbool( &irc->set, "save_on_quit" ) ) - if( storage_save( irc, TRUE ) != STORAGE_OK ) + if( storage_save( irc, NULL, TRUE ) != STORAGE_OK ) irc_usermsg( irc, "Error while saving settings!" ); irc_connection_list = g_slist_remove( irc_connection_list, irc ); -- cgit v1.2.3 From e1720ce8958ae014ce38d03b7b9ab129d947921b Mon Sep 17 00:00:00 2001 From: Wilmer van der Gaast Date: Sun, 14 Dec 2008 01:38:59 +0000 Subject: Fixed a bug in the IRC parser where lines that start with a colon and don't contain any spaces could make BitlBee read uninitialized memory (and possibly even parse it as if it were a command). Also fixed a small memory leak around there. --- irc.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'irc.c') diff --git a/irc.c b/irc.c index 10b4fd83..2dcc625d 100644 --- a/irc.c +++ b/irc.c @@ -406,10 +406,8 @@ void irc_process( irc_t *irc ) lines[i] = conv; } - if( lines[i] ) + if( lines[i] && ( cmd = irc_parse_line( lines[i] ) ) ) { - if( ( cmd = irc_parse_line( lines[i] ) ) == NULL ) - continue; irc_exec( irc, cmd ); g_free( cmd ); } @@ -484,7 +482,7 @@ char **irc_parse_line( char *line ) /* Move the line pointer to the start of the command, skipping spaces and the optional prefix. */ if( line[0] == ':' ) { - for( i = 0; line[i] != ' '; i ++ ); + for( i = 0; line[i] && line[i] != ' '; i ++ ); line = line + i; } for( i = 0; line[i] == ' '; i ++ ); -- cgit v1.2.3