From ac88154f940bacb19110cb87202ce4119cc2c284 Mon Sep 17 00:00:00 2001
From: Aaron Jones <aaronmdjones@gmail.com>
Date: Sat, 3 Sep 2016 17:29:53 +0000
Subject: [PATCH] SASL: Disallow beginning : and space anywhere in AUTHENTICATE
 parameter

This is a FIX FOR A SECURITY VULNERABILITY. All Charybdis users must
apply this fix if you support SASL on your servers, or unload m_sasl.so
in the meantime.
---
 modules/m_sasl.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/modules/m_sasl.c b/modules/m_sasl.c
index ee201017..8d891265 100644
--- a/modules/m_sasl.c
+++ b/modules/m_sasl.c
@@ -143,6 +143,12 @@ m_authenticate(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *
 		return;
 	}
 
+	if (*parv[1] == ':' || strchr(parv[1], ' '))
+	{
+		exit_client(client_p, client_p, client_p, "Malformed AUTHENTICATE");
+		return;
+	}
+
 	saslserv_p = find_named_client(ConfigFileEntry.sasl_service);
 	if(saslserv_p == NULL || !IsService(saslserv_p))
 	{