cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
196b84aa91
openbsd-ports/net/ircd-hybrid/patches/patch-modules_m_links_c
jasper 546caf8233 Security fix for CVE-2009-4016, "IRCD-hybrid 'LINKS' Command 
Integer Underflow Vulnerability.

tested and ok ajacoutot@
2010-02-01 09:23:33 +00:00

37 lines
1.2 KiB
Plaintext
Raw Blame History

$OpenBSD: patch-modules_m_links_c,v 1.1 2010/02/01 09:23:33 jasper Exp $
Security fix for CVE-2009-4016, "IRCD-hybrid 'LINKS' Command
Integer Underflow Vulnerability.
Patch from upstream svn, revision 1044.
--- modules/m_links.c.orig Mon Feb 1 09:19:14 2010
+++ modules/m_links.c Mon Feb 1 09:20:09 2010
@@ -83,15 +83,11 @@ do_links(struct Client *source_p, int parc, char **par
{
if (IsOper(source_p) || !ConfigServerHide.flatten_links)
{
- char *mask = (parc > 2 ? parv[2] : parv[1]);
+ const char *mask = (parc > 2 ? parv[2] : parv[1]);
const char *me_name, *nick, *p;
struct Client *target_p;
- char clean_mask[2 * HOSTLEN + 4];
dlink_node *ptr;
- if (!EmptyString(mask)) /* only necessary if there is a mask */
- mask = collapse(clean_string(clean_mask, (const unsigned char*) mask, 2 * HOSTLEN));
-
me_name = ID_or_name(&me, source_p->from);
nick = ID_or_name(source_p, source_p->from);
@@ -162,8 +158,8 @@ m_links(struct Client *client_p, struct Client *source
me.name, source_p->name);
return;
}
- else
- last_used = CurrentTime;
+
+ last_used = CurrentTime;
if (!ConfigServerHide.flatten_links)
{
Reference in New Issue View Git Blame Copy Permalink