From 9422f4157ccff0482cd70105ada3bd9325455eaa Mon Sep 17 00:00:00 2001
From: brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>
Date: Sat, 13 Oct 2007 21:26:50 +0000
Subject: Add sanity checks to the ssl modules so that theres no possibility of
 an out of range fd being passed to the events. The cull_list commit is a
 tidy-up only.

git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@8155 e03df62e-2008-0410-955e-edbf42e46eb7
---
 src/cull_list.cpp                   |  2 +-
 src/modules/extra/m_ssl_gnutls.cpp  | 20 ++++++++++++++++++++
 src/modules/extra/m_ssl_openssl.cpp | 20 ++++++++++++++++++++
 3 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/src/cull_list.cpp b/src/cull_list.cpp
index 9aecb8d83..a1e4aa998 100644
--- a/src/cull_list.cpp
+++ b/src/cull_list.cpp
@@ -190,7 +190,7 @@ int CullList::Apply()
 					ServerInstance->local_users.erase(x);
 			}
 			ServerInstance->clientlist->erase(iter);
-			DELETE(a->GetUser());
+			delete a->GetUser();
 		}
 
 		list.erase(list.begin());
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 477113543..4af425e0b 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -348,6 +348,10 @@ class ModuleSSLGnuTLS : public Module
 
 	virtual void OnRawSocketAccept(int fd, const std::string &ip, int localport)
 	{
+		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return;
+
 		issl_session* session = &sessions[fd];
 
 		session->fd = fd;
@@ -377,6 +381,10 @@ class ModuleSSLGnuTLS : public Module
 
 	virtual void OnRawSocketConnect(int fd)
 	{
+		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return;
+
 		issl_session* session = &sessions[fd];
 
 		session->fd = fd;
@@ -395,6 +403,10 @@ class ModuleSSLGnuTLS : public Module
 
 	virtual void OnRawSocketClose(int fd)
 	{
+		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return;
+
 		CloseSession(&sessions[fd]);
 
 		EventHandler* user = ServerInstance->SE->GetRef(fd);
@@ -410,6 +422,10 @@ class ModuleSSLGnuTLS : public Module
 
 	virtual int OnRawSocketRead(int fd, char* buffer, unsigned int count, int &readresult)
 	{
+		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return 0;
+
 		issl_session* session = &sessions[fd];
 
 		if (!session->sess)
@@ -501,6 +517,10 @@ class ModuleSSLGnuTLS : public Module
 
 	virtual int OnRawSocketWrite(int fd, const char* buffer, int count)
 	{
+		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return 0;
+
 		issl_session* session = &sessions[fd];
 		const char* sendbuffer = buffer;
 
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 16ae012c2..76270c650 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -392,6 +392,10 @@ class ModuleSSLOpenSSL : public Module
 
 	virtual void OnRawSocketAccept(int fd, const std::string &ip, int localport)
 	{
+		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return;
+
 		issl_session* session = &sessions[fd];
 
 		session->fd = fd;
@@ -415,6 +419,10 @@ class ModuleSSLOpenSSL : public Module
 
 	virtual void OnRawSocketConnect(int fd)
 	{
+                /* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return;
+
 		issl_session* session = &sessions[fd];
 
 		session->fd = fd;
@@ -438,6 +446,10 @@ class ModuleSSLOpenSSL : public Module
 
 	virtual void OnRawSocketClose(int fd)
 	{
+		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return;
+
 		CloseSession(&sessions[fd]);
 
 		EventHandler* user = ServerInstance->SE->GetRef(fd);
@@ -453,6 +465,10 @@ class ModuleSSLOpenSSL : public Module
 
 	virtual int OnRawSocketRead(int fd, char* buffer, unsigned int count, int &readresult)
 	{
+		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return 0;
+
 		issl_session* session = &sessions[fd];
 
 		if (!session->sess)
@@ -534,6 +550,10 @@ class ModuleSSLOpenSSL : public Module
 
 	virtual int OnRawSocketWrite(int fd, const char* buffer, int count)
 	{
+		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+			return 0;
+
 		issl_session* session = &sessions[fd];
 
 		if (!session->sess)
-- 
cgit v1.2.3