summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuke Bratch <luke@bratch.co.uk>2019-09-06 20:10:17 +0100
committerLuke Bratch <luke@bratch.co.uk>2019-09-06 20:10:17 +0100
commita61ba3d2b90dcbb689b312be0458651488a8f826 (patch)
treedb00fa3e056e5ade7889a057ebe34237593dd282
parentab87103cdd2971e671fb577d40073cd3837ed32b (diff)
Change how the received client string length check is done before stripping newlines to avoid a potential buffer underflow.
-rw-r--r--TODO16
-rw-r--r--blabouncer.c6
2 files changed, 18 insertions, 4 deletions
diff --git a/TODO b/TODO
index 580fa95..ea24a8f 100644
--- a/TODO
+++ b/TODO
@@ -3,3 +3,19 @@ Support multiple connect commands.
Support arrays or similar in the configuration file (for nick(s), connectcommand(s), etc.)
All the TODOs sprinkled throughout the code!
+
+Use connecting/disconnecting IPs instead of fd numbers in NOTICEs and both in debug.
+
+Option to include date in replay log replay.
+
+(I think) replay log can cause non-existent user to appear in channel (e.g. ~19:00 on 12/08/2019 for me)
+
+Do server operator messages and commands work?
+
+Add BLABOUNCER HELP as a valid command to avoid the unrecognised command error.
+
+(I vaguely recall) some unwanted stuff (channel ban info?) was relayed to another client upon a client connecting.
+
+Change BLABOUNCER REPLAY to be D:H:M instead of D:H:M:S.
+
+PM replay chat in a channel (or perhaps a random channel?) e.g. replay on 06/09/2019 at 17:05 from 13:49 in #insomnia - maybe a client thing.
diff --git a/blabouncer.c b/blabouncer.c
index ecd8d00..e0c41f8 100644
--- a/blabouncer.c
+++ b/blabouncer.c
@@ -826,10 +826,8 @@ void dochat(int *serversockfd, int *clientsockfd, struct settings *settings) {
clientbuf[clientnumbytes] = '\0'; // TODO make sure this can't overrun if some super long line (max bytes?) was received
// clear up any newlines - TODO - Should we be doing this? If not, we can stop only doing truncation checks for the server in processrawstring().
// Only check for newlines if the string length is at least one!
- if (strlen(clientbuf) > 0) {
- while (clientbuf[strlen(clientbuf) - 1] == '\n' || clientbuf[strlen(clientbuf) - 1] == '\r') {
- clientbuf[strlen(clientbuf) - 1] = '\0';
- }
+ while (strlen(clientbuf) > 0 && (clientbuf[strlen(clientbuf) - 1] == '\n' || clientbuf[strlen(clientbuf) - 1] == '\r')) {
+ clientbuf[strlen(clientbuf) - 1] = '\0';
}
debugprint(DEBUG_SOME, "BOUNCER-CLIENT RECEIVED: '%s'\n", clientbuf);