Always penalize clients executing a command which fails before running the handler...

diff --git a/src/command_parse.cpp b/src/command_parse.cpp
index 1c72c7de46bb484be7f98b2e8c42f3c2ae422b05..0dd793592eb9b563093cb5920a4fe1c606e6f08a 100644 (file)
--- a/src/command_parse.cpp
+++ b/src/command_parse.cpp
@@ -204,12 +204,22 @@ bool CommandParser::ProcessCommand(LocalUser *user, std::string &cmd)
        /* find the command, check it exists */
        Commandtable::iterator cm = cmdlist.find(command);
 
+       // Penalty to give if the command fails before the handler is executed
+       unsigned int failpenalty = 0;
+
        /* Modify the user's penalty regardless of whether or not the command exists */
        bool do_more = true;
        if (!user->HasPrivPermission("users/flood/no-throttle"))
        {
                // If it *doesn't* exist, give it a slightly heftier penalty than normal to deter flooding us crap
-               user->CommandFloodPenalty += cm != cmdlist.end() ? cm->second->Penalty * 1000 : 2000;
+               unsigned int penalty = (cm != cmdlist.end() ? cm->second->Penalty * 1000 : 2000);
+               user->CommandFloodPenalty += penalty;
+
+               // Increase their penalty later if we fail and the command has 0 penalty by default (i.e. in Command::Penalty) to
+               // throttle sending ERR_* from the command parser. If the command does have a non-zero penalty then this is not
+               // needed because we've increased their penalty above.
+               if (penalty == 0)
+                       failpenalty = 1000;
        }
 
 
@@ -290,11 +300,13 @@ bool CommandParser::ProcessCommand(LocalUser *user, std::string &cmd)
        {
                if (!user->IsModeSet(cm->second->flags_needed))
                {
+                       user->CommandFloodPenalty += failpenalty;
                        user->WriteNumeric(ERR_NOPRIVILEGES, "%s :Permission Denied - You do not have the required operator privileges",user->nick.c_str());
                        return do_more;
                }
                if (!user->HasPermission(command))
                {
+                       user->CommandFloodPenalty += failpenalty;
                        user->WriteNumeric(ERR_NOPRIVILEGES, "%s :Permission Denied - Oper type %s does not have access to command %s",
                                user->nick.c_str(), user->oper->NameStr(), command.c_str());
                        return do_more;
@@ -303,6 +315,7 @@ bool CommandParser::ProcessCommand(LocalUser *user, std::string &cmd)
        if ((user->registered == REG_ALL) && (!IS_OPER(user)) && (cm->second->IsDisabled()))
        {
                /* command is disabled! */
+               user->CommandFloodPenalty += failpenalty;
                if (ServerInstance->Config->DisabledDontExist)
                {
                        user->WriteNumeric(ERR_UNKNOWNCOMMAND, "%s %s :Unknown command",user->nick.c_str(),command.c_str());
@@ -323,6 +336,7 @@ bool CommandParser::ProcessCommand(LocalUser *user, std::string &cmd)
 
        if (command_p.size() < cm->second->min_params)
        {
+               user->CommandFloodPenalty += failpenalty;
                user->WriteNumeric(ERR_NEEDMOREPARAMS, "%s %s :Not enough parameters.", user->nick.c_str(), command.c_str());
                if ((ServerInstance->Config->SyntaxHints) && (user->registered == REG_ALL) && (cm->second->syntax.length()))
                        user->WriteNumeric(RPL_SYNTAX, "%s :SYNTAX %s %s", user->nick.c_str(), cm->second->name.c_str(), cm->second->syntax.c_str());
@@ -330,6 +344,7 @@ bool CommandParser::ProcessCommand(LocalUser *user, std::string &cmd)
        }
        if ((user->registered != REG_ALL) && (!cm->second->WorksBeforeReg()))
        {
+               user->CommandFloodPenalty += failpenalty;
                user->WriteNumeric(ERR_NOTREGISTERED, "%s :You have not registered",command.c_str());
                return do_more;
        }