summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorattilamolnar <attilamolnar@hush.com>2013-08-27 18:33:32 +0200
committerattilamolnar <attilamolnar@hush.com>2013-08-27 18:33:32 +0200
commit25ab5612f2ed8f0163c338740abd9f133af89356 (patch)
tree54f966dcdb994970fac4ad873c903ff3c834767b /src
parent261d5bb566f6383efea99e73c933a2af6f408341 (diff)
Fix crash caused by passing a large integer to ctime()
In addition to verifying the return value of localtime(), correct tm_year if it is out of bounds Reported by @JDowny
Diffstat (limited to 'src')
-rw-r--r--src/commands/cmd_whowas.cpp13
-rw-r--r--src/helperfuncs.cpp21
2 files changed, 23 insertions, 11 deletions
diff --git a/src/commands/cmd_whowas.cpp b/src/commands/cmd_whowas.cpp
index 17a779ec3..3a6444b45 100644
--- a/src/commands/cmd_whowas.cpp
+++ b/src/commands/cmd_whowas.cpp
@@ -58,14 +58,6 @@ CmdResult CommandWhowas::Handle (const std::vector<std::string>& parameters, Use
for (whowas_set::iterator ux = grp->begin(); ux != grp->end(); ux++)
{
WhoWasGroup* u = *ux;
- time_t rawtime = u->signon;
- tm *timeinfo;
- char b[25];
-
- timeinfo = localtime(&rawtime);
-
- strncpy(b,asctime(timeinfo),24);
- b[24] = 0;
user->WriteNumeric(314, "%s %s %s %s * :%s",user->nick.c_str(),parameters[0].c_str(),
u->ident.c_str(),u->dhost.c_str(),u->gecos.c_str());
@@ -74,10 +66,11 @@ CmdResult CommandWhowas::Handle (const std::vector<std::string>& parameters, Use
user->WriteNumeric(379, "%s %s :was connecting from *@%s",
user->nick.c_str(), parameters[0].c_str(), u->host.c_str());
+ std::string signon = ServerInstance->TimeString(u->signon);
if (!ServerInstance->Config->HideWhoisServer.empty() && !user->HasPrivPermission("servers/auspex"))
- user->WriteNumeric(312, "%s %s %s :%s",user->nick.c_str(),parameters[0].c_str(), ServerInstance->Config->HideWhoisServer.c_str(), b);
+ user->WriteNumeric(312, "%s %s %s :%s",user->nick.c_str(),parameters[0].c_str(), ServerInstance->Config->HideWhoisServer.c_str(), signon.c_str());
else
- user->WriteNumeric(312, "%s %s %s :%s",user->nick.c_str(),parameters[0].c_str(), u->server.c_str(), b);
+ user->WriteNumeric(312, "%s %s %s :%s",user->nick.c_str(),parameters[0].c_str(), u->server.c_str(), signon.c_str());
}
}
else
diff --git a/src/helperfuncs.cpp b/src/helperfuncs.cpp
index 5a8f55f11..439320c1e 100644
--- a/src/helperfuncs.cpp
+++ b/src/helperfuncs.cpp
@@ -495,7 +495,26 @@ bool InspIRCd::SilentULine(const std::string& sserver)
std::string InspIRCd::TimeString(time_t curtime)
{
- return std::string(ctime(&curtime),24);
+#ifdef _WIN32
+ if (curtime < 0)
+ curtime = 0;
+#endif
+
+ struct tm* timeinfo = localtime(&curtime);
+ if (!timeinfo)
+ {
+ curtime = 0;
+ timeinfo = localtime(&curtime);
+ }
+
+ // If the calculated year exceeds four digits or is less than the year 1000,
+ // the behavior of asctime() is undefined
+ if (timeinfo->tm_year + 1900 > 9999)
+ timeinfo->tm_year = 9999 - 1900;
+ else if (timeinfo->tm_year + 1900 < 1000)
+ timeinfo->tm_year = 0;
+
+ return std::string(asctime(timeinfo),24);
}
// You should only pass a single character to this.