From 561d7efc4473b92d137354922443844967a9d874 Mon Sep 17 00:00:00 2001 From: Jilles Tjoelker Date: Sun, 3 Feb 2013 19:38:46 +0100 Subject: [PATCH] UID/EUID: Check that the UID starts with the server's SID. If not, the local link that sent the command is broken, as with syntactically invalid UIDs. --- modules/core/m_nick.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/modules/core/m_nick.c b/modules/core/m_nick.c index 0caa4596..51c04980 100644 --- a/modules/core/m_nick.c +++ b/modules/core/m_nick.c @@ -94,7 +94,7 @@ static int change_remote_nick(struct Client *, struct Client *, time_t, static int clean_nick(const char *, int loc_client); static int clean_username(const char *); static int clean_host(const char *); -static int clean_uid(const char *uid); +static int clean_uid(const char *uid, const char *sid); static void set_initial_nick(struct Client *client_p, struct Client *source_p, char *nick); static void change_local_nick(struct Client *client_p, struct Client *source_p, char *nick, int); @@ -362,7 +362,7 @@ ms_uid(struct Client *client_p, struct Client *source_p, int parc, const char *p return 0; } - if(!clean_uid(parv[8])) + if(!clean_uid(parv[8], source_p->id)) { rb_snprintf(squitreason, sizeof squitreason, "Invalid UID %s for nick %s on %s", @@ -453,7 +453,7 @@ ms_euid(struct Client *client_p, struct Client *source_p, int parc, const char * return 0; } - if(!clean_uid(parv[8])) + if(!clean_uid(parv[8], source_p->id)) { rb_snprintf(squitreason, sizeof squitreason, "Invalid UID %s for nick %s on %s", @@ -623,10 +623,13 @@ clean_host(const char *host) } static int -clean_uid(const char *uid) +clean_uid(const char *uid, const char *sid) { int len = 1; + if(strncmp(uid, sid, strlen(sid))) + return 0; + if(!IsDigit(*uid++)) return 0;