From f0fb4c19d45e25fddee76e7c442b1e900666cd0c Mon Sep 17 00:00:00 2001 From: Wouter Coekaerts Date: Fri, 8 Dec 2006 21:38:55 +0000 Subject: [PATCH] Remove CR and LF from Perl commands, to make it harder to introduce a security bug git-svn-id: http://svn.irssi.org/repos/irssi/trunk@4396 dbcabf3a-b0e7-0310-adc4-f8d773084564 --- src/perl/perl-common.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/perl/perl-common.c b/src/perl/perl-common.c index 02ae28dd..03dcc01e 100644 --- a/src/perl/perl-common.c +++ b/src/perl/perl-common.c @@ -526,6 +526,16 @@ static void perl_script_fill_hash(HV *hv, PERL_SCRIPT_REC *script) hv_store(hv, "data", 4, new_pv(script->data), 0); } +static void remove_newlines(char *str) +{ + char *writing = str; + + for (;*str;str++) + if (*str != '\n' && *str != '\r') + *(writing++) = *str; + *writing = '\0'; +} + void perl_command(const char *cmd, SERVER_REC *server, WI_ITEM_REC *item) { const char *cmdchars; @@ -540,6 +550,14 @@ void perl_command(const char *cmd, SERVER_REC *server, WI_ITEM_REC *item) sendcmd = g_strdup_printf("%c%s", *cmdchars, cmd); } + /* remove \r and \n from commands, + to make it harder to introduce a security bug in a script */ + if(strpbrk(sendcmd, "\r\n")) { + if (sendcmd == cmd) + sendcmd = strdup(cmd); + remove_newlines(sendcmd); + } + signal_emit("send command", 3, sendcmd, server, item); if (sendcmd != cmd) g_free(sendcmd); }