 |
check input length before reading - ii - irc it, simple FIFO based irc client |
 |
git clone git://git.suckless.org/ii |
 |
Log |
|
Files |
|
Refs |
|
README |
|
LICENSE |
|
--- |
|
commit b25423f765690d34e4b4eb1e90a27f42d8d41035 |
|
parent 51cb204eb2a7ee840a86cc66b762ddfff56f01b2 |
|
Author: Hiltjo Posthuma <[email protected]> |
|
Date: Mon, 23 Jul 2018 21:42:59 +0200 |
|
|
|
check input length before reading |
|
|
|
thanks halbeno and quinq for the patches and feedback. |
|
|
|
Diffstat: |
|
M ii.c | 10 ++++++++-- |
|
|
|
1 file changed, 8 insertions(+), 2 deletions(-) |
|
--- |
|
diff --git a/ii.c b/ii.c |
|
@@ -460,15 +460,21 @@ proc_channels_input(int ircfd, Channel *c, char *buf) |
|
char *p = NULL; |
|
size_t buflen; |
|
|
|
- if (buf[0] != '/' && buf[0] != '\0') { |
|
+ if (buf[0] == '\0') |
|
+ return; |
|
+ if (buf[0] != '/') { |
|
proc_channels_privmsg(ircfd, c, buf); |
|
return; |
|
} |
|
+ |
|
msg[0] = '\0'; |
|
+ if ((buflen = strlen(buf)) < 2) |
|
+ return; |
|
if (buf[2] == ' ' || buf[2] == '\0') { |
|
- buflen = strlen(buf); |
|
switch (buf[1]) { |
|
case 'j': /* join */ |
|
+ if (buflen < 3) |
|
+ return; |
|
if ((p = strchr(&buf[3], ' '))) /* password parameter … |
|
*p = '\0'; |
|
if ((buf[3] == '#') || (buf[3] == '&') || (buf[3] == '… |
