Skip to content

Commit baa3212

Browse files
authored
Change to prevent module from reading out of bounds
1 parent 0cd3c8f commit baa3212

File tree

1 file changed

+28
-26
lines changed

1 file changed

+28
-26
lines changed

files/qline.c

Lines changed: 28 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -1,26 +1,26 @@
11
/*
2-
* Q-LINE MODULE: Provides the /QLINE and /UNQLINE commands, allowing O-lined users with the server-ban:gline privs to manually add Q-lines (global nick bans)
2+
* Q-LINE MODULE: Provides the /QLINE and /UNQLINE commands, allowing O-lined users with the server-ban:gline privs to manually add Q-lines (global nick bans)
33
* at the server level, rather than relying on Services to do so via the /(UN)SQLINE server-only command or config file access.
44
*
55
* USAGE:
6-
*
6+
*
77
* Add a new Q-line entry: /QLINE <nickmask> :<Reason>
88
* Delete an active Q-line entry: /UNQLINE <nickmask>
99
* -----------------------------------------------------------------------------------------------------------------------------------------------
1010
* MIT License
11-
*
11+
*
1212
* Copyright (c) 2022 Avery 'Hexick' Q. [pseudonym]
13-
*
13+
*
1414
* Permission is hereby granted, free of charge, to any person obtaining a copy
1515
* of this software and associated documentation files (the "Software"), to deal
1616
* in the Software without restriction, including without limitation the rights
1717
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
1818
* copies of the Software, and to permit persons to whom the Software is
1919
* furnished to do so, subject to the following conditions:
20-
*
20+
*
2121
* The above copyright notice and this permission notice shall be included in all
2222
* copies or substantial portions of the Software.
23-
*
23+
*
2424
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
2525
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
2626
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -84,57 +84,59 @@ MOD_UNLOAD() {
8484
/* The actual structure of the QLINE command to be performed */
8585
CMD_FUNC(cmd_qline) {
8686
char mo[32];
87-
const char *comment = (parc == 3) ? parv[2] : NULL;
88-
const char *tkllayer[9] = {
87+
const char* comment = (parc == 3) ? parv[2] : NULL;
88+
const char* tkllayer[10] = {
8989
me.name, /*0 server.name */
9090
"+", /*1 + = X-line add */
9191
"Q", /*2 X-line type */
9292
"*" , /*3 user */
9393
parv[1], /*4 host */
94-
client->name, /*5 Who set the ban */
94+
client->name, /*5 Who set the ban */
9595
"0", /*6 expire_at; never expire */
9696
NULL, /*7 set_at */
97-
"no reason" /*8 default reason */
97+
"no reason", /*8 default reason */
98+
NULL /*9 Extra NULL element to prevent OOB */
9899
};
99-
100-
/* Verify privs */
101-
if (!ValidatePermissionsForPath("server-ban:gline",client,NULL,NULL,NULL)) {
100+
101+
/* Verify privs */
102+
if (!ValidatePermissionsForPath("server-ban:gline", client, NULL, NULL, NULL)) {
102103
sendnumeric(client, ERR_NOPRIVILEGES);
103104
return;
104105
}
105-
106-
/* Ensure the proper number of parameters */
106+
107+
/* Ensure the proper number of parameters */
107108
if (parc < 2)
108109
return;
109-
110-
/* Do the thang */
110+
111+
/* Do the thang */
111112
ircsnprintf(mo, sizeof(mo), "%lld", (long long)TStime());
112113
tkllayer[7] = mo;
113114
tkllayer[8] = comment ? comment : "no reason";
114-
cmd_tkl(&me, NULL, 9, tkllayer);
115+
cmd_tkl(&me, NULL, 10, tkllayer);
115116
}
116117

117118
/* The actual structure of the UNQLINE command to be performed */
118119
CMD_FUNC(cmd_unqline) {
119-
const char *tkllayer[6] = {
120+
const char* tkllayer[7] = {
120121
me.name, /*0 server.name */
121122
"-", /*1 - = X-line removed */
122123
"Q", /*2 X-line type */
123124
"*", /*3 unused */
124125
parv[1], /*4 host */
125-
client->name /*5 who removed the line */
126+
client->name, /*5 who removed the line */
127+
NULL /*6 Extra NULL element to prevent OOB */
126128
};
127-
129+
128130
/* Verify privs */
129-
if (!ValidatePermissionsForPath("server-ban:gline",client,NULL,NULL,NULL)) {
131+
if (!ValidatePermissionsForPath("server-ban:gline", client, NULL, NULL, NULL)) {
130132
sendnumeric(client, ERR_NOPRIVILEGES);
131133
return;
132134
}
133-
135+
134136
/* Ensure the proper number of parameters */
135137
if (parc < 2)
136138
return;
137-
138-
/* Do the thang */
139-
cmd_tkl(&me, NULL, 6, tkllayer);
139+
140+
/* Do the thang */
141+
cmd_tkl(&me, NULL, 7, tkllayer);
140142
}

0 commit comments

Comments
 (0)