ii

git clone https://orangeshoelaces.net/git/ii.git

b25423f765690d34e4b4eb1e90a27f42d8d41035

Author: Hiltjo Posthuma on 07/23/2018

Committer: Hiltjo Posthuma on 07/23/2018

check input length before reading

thanks halbeno and quinq for the patches and feedback.

Stats

ii.c | 10 ++++++--
1 file changed, 8 insertions(+), 2 deletions(-)

Patch

diff --git a/ii.c b/ii.c
index 53fa986..6c87314 100644
--- a/ii.c
+++ b/ii.c
@@ -460,15 +460,21 @@ proc_channels_input(int ircfd, Channel *c, char *buf)
 	char *p = NULL;
 	size_t buflen;
 
-	if (buf[0] != '/' && buf[0] != '\0') {
+	if (buf[0] == '\0')
+		return;
+	if (buf[0] != '/') {
 		proc_channels_privmsg(ircfd, c, buf);
 		return;
 	}
+
 	msg[0] = '\0';
+	if ((buflen = strlen(buf)) < 2)
+		return;
 	if (buf[2] == ' ' || buf[2] == '\0') {
-		buflen = strlen(buf);
 		switch (buf[1]) {
 		case 'j': /* join */
+			if (buflen < 3)
+				return;
 			if ((p = strchr(&buf[3], ' '))) /* password parameter */
 				*p = '\0';
 			if ((buf[3] == '#') || (buf[3] == '&') || (buf[3] == '+') ||