From 6b14ac1562dda1492e7ca44c2306e2432200b8cc Mon Sep 17 00:00:00 2001 From: attilamolnar Date: Wed, 3 Oct 2012 02:50:20 +0200 Subject: Check if the mask is long enough before accessing it when checking extbans --- src/channels.cpp | 2 +- src/modules/m_channelban.cpp | 2 +- src/modules/m_gecosban.cpp | 2 +- src/modules/m_operchans.cpp | 2 +- src/modules/m_serverban.cpp | 2 +- src/modules/m_services_account.cpp | 2 +- src/modules/m_sslmodes.cpp | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/channels.cpp b/src/channels.cpp index 855fd0e15..883ae3954 100644 --- a/src/channels.cpp +++ b/src/channels.cpp @@ -449,7 +449,7 @@ bool Channel::CheckBan(User* user, const std::string& mask) return (result == MOD_RES_DENY); // extbans were handled above, if this is one it obviously didn't match - if (mask[1] == ':') + if ((mask.length() <= 2) || (mask[1] == ':')) return false; std::string::size_type at = mask.find('@'); diff --git a/src/modules/m_channelban.cpp b/src/modules/m_channelban.cpp index 655ed82cd..8c5962f2a 100644 --- a/src/modules/m_channelban.cpp +++ b/src/modules/m_channelban.cpp @@ -42,7 +42,7 @@ class ModuleBadChannelExtban : public Module ModResult OnCheckBan(User *user, Channel *c, const std::string& mask) { - if (mask[0] == 'j' && mask[1] == ':') + if ((mask.length() > 2) && (mask[0] == 'j') && (mask[1] == ':')) { std::string rm = mask.substr(2); char status = 0; diff --git a/src/modules/m_gecosban.cpp b/src/modules/m_gecosban.cpp index e7eca6d8f..73bfdb649 100644 --- a/src/modules/m_gecosban.cpp +++ b/src/modules/m_gecosban.cpp @@ -41,7 +41,7 @@ class ModuleGecosBan : public Module ModResult OnCheckBan(User *user, Channel *c, const std::string& mask) { - if (mask[0] == 'r' && mask[1] == ':') + if ((mask.length() > 2) && (mask[0] == 'r') && (mask[1] == ':')) { if (InspIRCd::Match(user->fullname, mask.substr(2))) return MOD_RES_DENY; diff --git a/src/modules/m_operchans.cpp b/src/modules/m_operchans.cpp index 2e6fad79f..8db2a4041 100644 --- a/src/modules/m_operchans.cpp +++ b/src/modules/m_operchans.cpp @@ -59,7 +59,7 @@ class ModuleOperChans : public Module ModResult OnCheckBan(User *user, Channel *c, const std::string& mask) { - if (mask[0] == 'O' && mask[1] == ':') + if ((mask.length() > 2) && (mask[0] == 'O') && (mask[1] == ':')) { if (IS_OPER(user) && InspIRCd::Match(user->oper->name, mask.substr(2))) return MOD_RES_DENY; diff --git a/src/modules/m_serverban.cpp b/src/modules/m_serverban.cpp index 541a56e54..ec38b4754 100644 --- a/src/modules/m_serverban.cpp +++ b/src/modules/m_serverban.cpp @@ -41,7 +41,7 @@ class ModuleServerBan : public Module ModResult OnCheckBan(User *user, Channel *c, const std::string& mask) { - if (mask[0] == 's' && mask[1] == ':') + if ((mask.length() > 2) && (mask[0] == 's') && (mask[1] == ':')) { if (InspIRCd::Match(user->server, mask.substr(2))) return MOD_RES_DENY; diff --git a/src/modules/m_services_account.cpp b/src/modules/m_services_account.cpp index ac5338332..cc941d905 100644 --- a/src/modules/m_services_account.cpp +++ b/src/modules/m_services_account.cpp @@ -213,7 +213,7 @@ class ModuleServicesAccount : public Module if (checking) return MOD_RES_PASSTHRU; - if (mask[1] == ':') + if ((mask.length() > 2) && (mask[1] == ':')) { if (mask[0] == 'R') { diff --git a/src/modules/m_sslmodes.cpp b/src/modules/m_sslmodes.cpp index ef63b2511..f17f30907 100644 --- a/src/modules/m_sslmodes.cpp +++ b/src/modules/m_sslmodes.cpp @@ -113,7 +113,7 @@ class ModuleSSLModes : public Module ModResult OnCheckBan(User *user, Channel *c, const std::string& mask) { - if (mask[0] == 'z' && mask[1] == ':') + if ((mask.length() > 2) && (mask[0] == 'z') && (mask[1] == ':')) { UserCertificateRequest req(user, this); req.Send(); -- cgit v1.2.3