From 4d471bc5df22eaf338c1ab8f63b504c103056a03 Mon Sep 17 00:00:00 2001 From: w00t Date: Mon, 27 Oct 2008 21:51:48 +0000 Subject: Be a hell of a lot more strict about malformed UID commands. We've always been strict in the past, for some reason, we were previously very permissive about broken UID - there is no reason to be. If they're fucking up, then make them fix their problem :) (this is also a lazy man's fix to get around bad pointers/etc by deleting users outside of culllist). git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@10731 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/modules/m_spanningtree/uid.cpp | 39 ++++++++++++++++---------------------- 1 file changed, 16 insertions(+), 23 deletions(-) (limited to 'src/modules') diff --git a/src/modules/m_spanningtree/uid.cpp b/src/modules/m_spanningtree/uid.cpp index 9ddc154c6..0e529ee37 100644 --- a/src/modules/m_spanningtree/uid.cpp +++ b/src/modules/m_spanningtree/uid.cpp @@ -31,10 +31,8 @@ bool TreeSocket::ParseUID(const std::string &source, std::deque &pa */ if (params.size() < 10) { - if (!params.empty()) - this->WriteLine(std::string(":")+this->ServerInstance->Config->GetSID()+" KILL "+params[0]+" :Invalid client introduction ("+params[0]+" with only "+ - ConvToStr(params.size())+" of 10 or more parameters?)"); - return true; + this->SendError("Invalid client introduction (wanted 10 or more parameters, got " + (params.empty() ? "0" : ConvToStr(params.size())) + "!)"); + return false; } time_t age_t = ConvToInt(params[1]); @@ -45,24 +43,24 @@ bool TreeSocket::ParseUID(const std::string &source, std::deque &pa if (!remoteserver) { - this->WriteLine(std::string(":")+this->ServerInstance->Config->GetSID()+" KILL "+params[0]+" :Invalid client introduction (Unknown server "+source+")"); - return true; + this->SendError("Invalid client introduction (Unknown server "+source+")"); + return false; } /* Check parameters for validity before introducing the client, discovered by dmb */ else if (!age_t) { - this->WriteLine(std::string(":")+this->ServerInstance->Config->GetSID()+" KILL "+params[0]+" :Invalid client introduction (Invalid TS?)"); - return true; + this->SendError("Invalid client introduction (Invalid TS?)"); + return false; } else if (!signon) { - this->WriteLine(std::string(":")+this->ServerInstance->Config->GetSID()+" KILL "+params[0]+" :Invalid client introduction (Invalid signon?)"); - return true; + this->SendError("Invalid client introduction (Invalid signon?)"); + return false; } else if (params[8][0] != '+') { - this->WriteLine(std::string(":")+this->ServerInstance->Config->GetSID()+" KILL "+params[0]+" :Invalid client introduction (Malformed MODE sequence?)"); - return true; + this->SendError("Invalid client introduction (Malformed MODE sequence?)"); + return false; } /* check for collision */ @@ -93,7 +91,7 @@ bool TreeSocket::ParseUID(const std::string &source, std::deque &pa } catch (...) { - SendError("Protocol violation - Duplicate UUID '" + params[0] + "' on introduction of new user"); + this->SendError("Protocol violation - Duplicate UUID '" + params[0] + "' on introduction of new user"); return false; } (*(this->ServerInstance->Users->clientlist))[params[2]] = _new; @@ -139,10 +137,8 @@ bool TreeSocket::ParseUID(const std::string &source, std::deque &pa mh->OnModeChange(_new, _new, NULL, params[paramptr++], true); else { - this->WriteLine(std::string(":")+this->ServerInstance->Config->GetSID()+" KILL "+params[0]+" :Broken UID command, expected a parameter for user mode '"+(*v)+"' but there aren't enough parameters in the command!"); - this->ServerInstance->Users->clientlist->erase(params[0]); - delete _new; - return true; + this->SendError("Broken UID command, expected a parameter for user mode '"+ConvToStr(*v)+"' but there aren't enough parameters in the command!"); + return false; } } else @@ -152,15 +148,12 @@ bool TreeSocket::ParseUID(const std::string &source, std::deque &pa } else { - this->WriteLine(std::string(":")+this->ServerInstance->Config->GetSID()+" KILL "+params[0]+" :Warning: Broken UID command, unknown user mode '"+(*v)+"' in the mode string!"); - this->ServerInstance->Users->clientlist->erase(params[0]); - delete _new; - return true; + // XXX: to avoid this, we really need to send u/cmodes in CAPAB like we do 005 (I've thought this a long time anyway..) + this->SendError("Warning: Broken UID command, unknown user mode '"+ConvToStr(*v)+"' in the mode string! (mismatched modules/bug?)"); + return false; } } - //_new->ProcessNoticeMasks(params[7].c_str()); - /* now we've done with modes processing, put the + back for remote servers */ if (params[8][0] != '+') params[8] = "+" + params[8]; -- cgit v1.2.3