commit 6e36691e96e68846c1334dc9f635814572421ea5
parent cb77fdfab1f23fb964fda156884d711202178d15
Author: Antoine Amarilli <a3nm@a3nm.net>
Date: Tue, 7 Feb 2012 01:30:05 +0100
compile against libircclient, fix possible buffer overflows
Diffstat:
| irctk.c | | | 42 | +++++++++++++++--------------------------- |
1 file changed, 15 insertions(+), 27 deletions(-)
diff --git a/irctk.c b/irctk.c
@@ -14,6 +14,7 @@
#include <sys/time.h>
#include <libircclient/libircclient.h>
+#include <libircclient/libirc_rfcnumeric.h>
#include <unistd.h>
#include <pthread.h>
@@ -512,7 +513,7 @@ int cmd_msg_chan(irc_session_t *s, char *target, const char* line)
int cmd_msg(irc_session_t *s, char* target, const char* line)
{
int i = 0;
- char *msg[MAX_LEN]; /* TODO TODO TODO !! */
+ char *msg[2*MAX_LEN+2];
/* Manage the fact that target may be "" */
if (!target[0])
@@ -528,10 +529,9 @@ int cmd_msg(irc_session_t *s, char* target, const char* line)
if (line[0] != '\n')
{
msg[0] = 0;
- /*TODO USE strncat better!! */
- strncat(msg, args.last_nick_in, 1000);
+ strncat(msg, args.last_nick_in, MAX_LEN-1);
strcat(msg, ": ");
- strncat(msg, line, 3000);
+ strncat(msg, line, MAX_LEN-1);
line = msg;
} else {
args.last_nick_in[0] = 0;
@@ -568,19 +568,8 @@ THREAD_FUNCTION(irc_listen)
void dump_event (irc_session_t * session, const char * event, const char * origin, const char ** params, unsigned int count)
{
- char buf[512]; // TODO danger
- int cnt;
- int rsl;
-
- buf[0] = '\0';
-
- for ( cnt = 0; cnt < count; cnt++ )
- {
- if ( cnt )
- strcat (buf, "|");
-
- strcat (buf, params[cnt]);
- }
+ int cnt = 0;
+ int rsl; // TODO use
if (atoi(event) == LIBIRC_RFC_ERR_ERRONEUSNICKNAME)
{
@@ -607,8 +596,7 @@ void dump_event (irc_session_t * session, const char * event, const char * origi
}
}
-
- debug("Event \"%s\", origin: \"%s\", params: %d [%s]", event, origin ? origin : "NULL", cnt, buf);
+ debug("Event \"%s\", origin: \"%s\", params: %d", event, origin ? origin : "NULL", cnt);
}
void event_nick (irc_session_t * session, const char * event, const char * origin, const char ** params, unsigned int count)
@@ -812,9 +800,9 @@ void event_channel (irc_session_t * session, const char * event, const char * or
printf("%s\n", pruned);
}
if (strcmp(params[0], args.nick)) // if addressed in our private chan, reply on the sender's priv chan
- strcpy(args.last_chan_in, params[0]);
- else strcpy(args.last_chan_in, origin?origin:"someone");
- strcpy(args.last_nick_in, origin?origin:"someone");
+ strncpy(args.last_chan_in, params[0], MAX_LEN-1);
+ else strncpy(args.last_chan_in, origin?origin:"someone", MAX_LEN-1);
+ strncpy(args.last_nick_in, origin?origin:"someone", MAX_LEN-1);
fflush(stdout);
}
@@ -994,8 +982,8 @@ int start (int max_wait)
debug("ready", line);
- /* TODO don't do that but a buffer of things to send, so we can save
- * to whom we are sending what despite the delays */
+ /* TODO don't do that but have a buffer of things to send, so we can save to
+ * whom we are sending what despite the delays */
/* TODO no wait on empty lines */
@@ -1016,7 +1004,7 @@ int start (int max_wait)
msg = line + i + 1;
line[i-1] = 0;
cmd_msg(s, target, msg);
- strcpy(args.last_chans_out, target);
+ strncpy(args.last_chans_out, target, MAX_LEN-1);
} else {
/* No target specified, we attempt the default */
cmd_msg(s, "", line);
@@ -1046,8 +1034,8 @@ int main (int argc, char **argv)
//debug_args();
argp_parse (&argp, argc, argv, 0, 0, &args);
- strcpy(args.last_chan_in, first_chan());
- strcpy(args.last_chans_out, first_chan());
+ strncpy(args.last_chan_in, first_chan(), MAX_LEN-1);
+ strncpy(args.last_chans_out, first_chan(), MAX_LEN-1);
//debug_args();
