summaryrefslogtreecommitdiff
path: root/src/mode.cpp
diff options
context:
space:
mode:
authorbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2006-09-09 15:17:58 +0000
committerbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2006-09-09 15:17:58 +0000
commitd65ee10c00f8d4b23b4e55cae293605a1ce3c689 (patch)
tree49e330ada16eea7b93f257588af7a51190fb5456 /src/mode.cpp
parentbf170145e5f8fc5ce9eaad9f63d3d2ffc8ec06c6 (diff)
Add sane limiting to mode output, so we cant have more than 100 mode chars in the sequence string, or MAXMODES parameters for the modes, or a total length of params+sequence beyond 450.
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@5182 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src/mode.cpp')
-rw-r--r--src/mode.cpp10
1 files changed, 10 insertions, 0 deletions
diff --git a/src/mode.cpp b/src/mode.cpp
index 290933ab6..1b2ea3442 100644
--- a/src/mode.cpp
+++ b/src/mode.cpp
@@ -351,6 +351,7 @@ void ModeParser::Process(const char** parameters, int pcnt, userrec *user, bool
bool adding = true, state_change = false;
unsigned char handler_id = 0;
int parameter_counter = 2; /* Index of first parameter */
+ int parameter_count = 0;
/* A mode sequence that doesnt start with + or -. Assume +. - Thanks for the suggestion spike (bug#132) */
if ((*mode_sequence.begin() != '+') && (*mode_sequence.begin() != '-'))
@@ -464,6 +465,7 @@ void ModeParser::Process(const char** parameters, int pcnt, userrec *user, bool
if ((modehandlers[handler_id]->GetNumParams(adding)) && (parameter != ""))
{
parameter_list << " " << parameter;
+ parameter_count++;
/* Does this mode have a prefix? */
if (modehandlers[handler_id]->GetPrefix() && targetchannel)
{
@@ -480,6 +482,14 @@ void ModeParser::Process(const char** parameters, int pcnt, userrec *user, bool
/* Reset the state change flag */
state_change = false;
+
+ if ((output_sequence.length() + parameter_list.str().length() > 450) || (output_sequence.length() > 100)
+ || (parameter_count > MAXMODES))
+ {
+ /* We cant have a mode sequence this long */
+ letter = mode_sequence.end();
+ continue;
+ }
}
}
}