summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/dns.cpp8
-rw-r--r--src/modules/m_sasl.cpp3
2 files changed, 11 insertions, 0 deletions
diff --git a/src/dns.cpp b/src/dns.cpp
index 75e5731fe..14305ccab 100644
--- a/src/dns.cpp
+++ b/src/dns.cpp
@@ -700,8 +700,16 @@ DNSResult DNS::GetResult()
/* Identical handling to PTR */
case DNS_QUERY_PTR:
+ {
/* Reverse lookups just come back as char* */
resultstr = std::string((const char*)data.first);
+ if (resultstr.find_first_not_of("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-") != std::string::npos)
+ {
+ std::string ro = req->orig;
+ delete req;
+ return DNSResult(this_id | ERROR_MASK, "Invalid char(s) in reply", 0, ro);
+ }
+ }
break;
default:
diff --git a/src/modules/m_sasl.cpp b/src/modules/m_sasl.cpp
index 66efcfe4e..b59fd3835 100644
--- a/src/modules/m_sasl.cpp
+++ b/src/modules/m_sasl.cpp
@@ -99,6 +99,9 @@ class SaslAuthenticator
if (msg[0] != this->agent)
return this->state;
+ if (msg.size() < 4)
+ return this->state;
+
if (msg[2] == "C")
this->user->Write("AUTHENTICATE %s", msg[3].c_str());
else if (msg[2] == "D")