Send ERR_SASLTOOLONG when a client sends an oversized AUTHENTICATE.

author: Peter Powell <petpow@saberuk.com> 2017-10-11 11:27:07 +0100
committer: Peter Powell <petpow@saberuk.com> 2017-10-12 14:46:50 +0100
commit: 118fd780a9c98b9b2ab98e3e0bd8298074493381 (patch)
tree: 3474614902bc49ebdfe6e84d31411467e6a3db58
parent: 407b2e004cf66e442771ec5d2bbe700dee1f3760 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/src/modules/m_sasl.cpp b/src/modules/m_sasl.cpp
index 6e28a91aa..64631a691 100644
--- a/src/modules/m_sasl.cpp
+++ b/src/modules/m_sasl.cpp
@@ -30,6 +30,7 @@ enum
 	// From IRCv3 sasl-3.1
 	RPL_SASLSUCCESS = 903,
 	ERR_SASLFAIL = 904,
+	ERR_SASLTOOLONG = 905,
 	ERR_SASLABORTED = 906,
 	RPL_SASLMECHS = 908
 };
@@ -295,6 +296,10 @@ class SaslAuthenticator
 
 class CommandAuthenticate : public SplitCommand
 {
+ private:
+	 // The maximum length of an AUTHENTICATE request.
+	 static const size_t MAX_AUTHENTICATE_SIZE = 400;
+
  public:
 	SimpleExtItem<SaslAuthenticator>& authExt;
 	Cap::Capability& cap;
@@ -316,6 +321,12 @@ class CommandAuthenticate : public SplitCommand
 			if (parameters[0].find(' ') != std::string::npos || parameters[0][0] == ':')
 				return CMD_FAILURE;
 
+			if (parameters[0].length() > MAX_AUTHENTICATE_SIZE)
+			{
+				user->WriteNumeric(ERR_SASLTOOLONG, "SASL message too long");
+				return CMD_FAILURE;
+			}
+
 			SaslAuthenticator *sasl = authExt.get(user);
 			if (!sasl)
 				authExt.set(user, new SaslAuthenticator(user, parameters[0]));
author	Peter Powell <petpow@saberuk.com>	2017-10-11 11:27:07 +0100
committer	Peter Powell <petpow@saberuk.com>	2017-10-12 14:46:50 +0100
commit	118fd780a9c98b9b2ab98e3e0bd8298074493381 (patch)
tree	3474614902bc49ebdfe6e84d31411467e6a3db58
parent	407b2e004cf66e442771ec5d2bbe700dee1f3760 (diff)