bbs/deb-mbse
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Safer code for chat

Browse Source
This commit is contained in:
Michiel Broek 2006-03-06 16:34:26 +00:00
parent 1ec189bde8
commit f71bd8113a
6 changed files with 185 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -27,12 +27,18 @@ v0.83.14 23-Feb-2006
- If available each message now has a msgid in the header.
- Added a .info file with control information.
mbmon:
Better user input checking in chat.
mbsetup:
Added archiver selection for nodes in node setup.
In archiver select added checks for valid archivers and allowed
escape without selecting an archiver.
Added selection of archiver select menu.
mbtask:
Safer code for chat.
lang:
New prompts 86, 87, 88 and 89.

11
mbmon/mbmon.c
View File

@ -556,7 +556,7 @@ void Chat(int sysop)
{
int curpos = 0, width, stop = FALSE, data, rc;
unsigned char ch = 0;
char sbuf[81], resp[128], *sysop_name, *name;
char *p, sbuf[81], resp[128], *sysop_name, *name;
static char buf[200];
clr_index();
@ -667,7 +667,14 @@ void Chat(int sysop)
putchar(7);
}
} else if ((ch == '\r') && curpos) {
snprintf(buf, 200, "CPUT:2,%d,%s;", mypid, clencode(sbuf));
snprintf(buf, 12, "%d", mypid);
p = xstrcpy((char *)"CPUT:2,");
p = xstrcat(p, buf);
p = xstrcat(p, (char *)",");
p = xstrcat(p, clencode(sbuf));
p = xstrcat(p, (char *)";");
strncpy(buf, p, 200);
free(p);
if (socket_send(buf) == 0) {
strcpy(buf, socket_receive());
if (strncmp(buf, "100:2,", 6) == 0) {

63
mbtask/taskchat.c
View File

@ -134,7 +134,7 @@ void system_msg(pid_t pid, char *msg)
memset(&chat_messages[buffer_head], 0, sizeof(_chat_messages));
chat_messages[buffer_head].topid = pid;
snprintf(chat_messages[buffer_head].fromname, 36, "Server");
strncpy(chat_messages[buffer_head].fromname, "Server", 36);
strncpy(chat_messages[buffer_head].message, msg, 80);
chat_messages[buffer_head].posted = time(NULL);
}
@ -281,7 +281,7 @@ int join(pid_t pid, char *channel, int sysop)
*/
int part(pid_t pid, char *reason)
{
char buf[81];
char buf[81], *p;
chn_list *tmp;
usr_list *tmpu;
@ -303,12 +303,13 @@ int part(pid_t pid, char *reason)
snprintf(buf, 81, "%s has left channel %s, %d users left", tmpu->nick, tmp->name, tmp->users -1);
chat_msg(tmpu->channel, NULL, buf);
if (strcasecmp(tmp->name, (char *)"#sysop")) {
p = xstrcpy(tmp->name);
if (reason && strlen(reason)) {
snprintf(buf, 81, "%s %s", tmp->name, reason);
send_at((char *)"PART", tmpu->nick, buf);
} else {
send_at((char *)"PART", tmpu->nick, tmp->name);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, reason);
}
send_at((char *)"PART", tmpu->nick, p);
free(p);
}
/*
@ -366,20 +367,26 @@ void chat_cleanuser(pid_t pid)
*/
void chat_msg(char *channel, char *nick, char *msg)
{
char buf[81];
char *p;
usr_list *tmpu;
if (nick == NULL)
snprintf(buf, 81, "%s", msg);
else
snprintf(buf, 81, "<%s> %s", nick, msg);
Chatlog((char *)"+", channel, buf);
p = xstrcpy(msg);
else {
p = xstrcpy((char *)"<");
p = xstrcat(p, nick);
p = xstrcat(p, (char *)"> ");
p = xstrcat(p, msg);
}
Chatlog((char *)"+", channel, p);
for (tmpu = users; tmpu; tmpu = tmpu->next) {
if (strlen(tmpu->channel) && (strcmp(tmpu->channel, channel) == 0)) {
system_msg(tmpu->pid, buf);
system_msg(tmpu->pid, p);
}
}
free(p);
}
@ -502,7 +509,7 @@ void chat_close_r(char *data, char *buf)
void chat_put_r(char *data, char *buf)
{
char *pid, *msg, *cmd, *mbuf, *flags, temp[81];
char *p, *pid, *msg, *cmd, *mbuf, *flags, temp[81];
int first, count, owner = FALSE, found;
usr_list *tmpu, *tmp;
chn_list *tmpc;
@ -681,7 +688,13 @@ void chat_put_r(char *data, char *buf)
} else {
strncpy(tmpc->topic, cmd, 54);
snprintf(mbuf, 200, "Topic set to \"%s\"", cmd);
send_all("TOPIC %s %s\r\n", tmpc->name, tmpc->topic);
p = xstrcpy((char *)"TOPIC ");
p = xstrcat(p, tmpc->name);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, tmpc->topic);
p = xstrcat(p, (char *)"\r\n");
send_all(p);
free(p);
}
} else {
snprintf(mbuf, 200, "** You are not the channel owner");
@ -717,8 +730,17 @@ void chat_put_r(char *data, char *buf)
/*
* Send message to all links but not the #sysop channel
*/
if (strcmp(tmpu->channel, "#sysop"))
send_all("PRIVMSG %s <%s> %s\r\n", tmpu->channel, tmpu->nick, msg);
if (strcmp(tmpu->channel, "#sysop")) {
p = xstrcpy((char *)"PRIVMSG ");
p = xstrcat(p, tmpu->channel);
p = xstrcat(p, (char *)" <");
p = xstrcat(p, tmpu->nick);
p = xstrcat(p, (char *)"> ");
p = xstrcat(p, msg);
p = xstrcat(p, (char *)"\r\n");
send_all(p);
free(p);
}
}
goto ack;
}
@ -751,7 +773,7 @@ hangup:
*/
void chat_get_r(char *data, char *buf)
{
char *pid;
char *pid, *p;
usr_list *tmpu;
if (IsSema((char *)"upsalarm")) {
@ -778,7 +800,12 @@ void chat_get_r(char *data, char *buf)
/*
* Message is for us
*/
snprintf(buf, 200, "100:2,0,%s;", clencode(chat_messages[tmpu->pointer].message));
// snprintf(buf, 200, "100:2,0,%s;", clencode(chat_messages[tmpu->pointer].message));
p = xstrcpy((char *)"100:2,0,");
p = xstrcat(p, clencode(chat_messages[tmpu->pointer].message));
p = xstrcat(p, (char *)";");
strncpy(buf, p, 200);
free(p);
return;
}
}

4
mbtask/taskcomm.c
View File

@ -374,7 +374,7 @@ char *exe_cmd(char *in)
if (strncmp(cmd, "CPUT", 4) == 0) {
buf = calloc(SS_BUFSIZE, sizeof(char));
chat_put_r(token, buf);
snprintf(obuf, SS_BUFSIZE, "%s", buf);
strncpy(obuf, buf, SS_BUFSIZE);
free(buf);
return obuf;
}
@ -390,7 +390,7 @@ char *exe_cmd(char *in)
if (strncmp(cmd, "CGET", 4) == 0) {
buf = calloc(SS_BUFSIZE, sizeof(char));
chat_get_r(token, buf);
snprintf(obuf, SS_BUFSIZE, "%s", buf);
strncpy(obuf, buf, SS_BUFSIZE);
free(buf);
return obuf;
}

177
mbtask/taskibc.c
View File

@ -89,7 +89,7 @@ int add_server(srv_list **, char *, int, char *, char *, char *, char *);
void del_server(srv_list **, char *);
void del_router(srv_list **, char *);
int send_msg(ncs_list *, const char *, ...);
void broadcast(char *, const char *, ...);
void broadcast(char *, char *);
void check_servers(void);
int command_pass(char *, char *);
int command_server(char *, char *);
@ -538,19 +538,13 @@ void del_router(srv_list **fap, char *name)
/*
* Send a message to all servers
*/
void send_all(const char *format, ...)
void send_all(char *msg)
{
ncs_list *tnsl;
char buf[512];
va_list va_ptr;
va_start(va_ptr, format);
vsnprintf(buf, 512, format, va_ptr);
va_end(va_ptr);
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if (tnsl->state == NCS_CONNECT) {
send_msg(tnsl, buf);
send_msg(tnsl, msg);
}
}
}
@ -563,12 +557,20 @@ void send_all(const char *format, ...)
void send_at(char *cmd, char *nick, char *param)
{
ncs_list *tnsl;
char buf[512];
char *p;
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if (tnsl->state == NCS_CONNECT) {
snprintf(buf, 512, "%s %s@%s %s\r\n", cmd, nick, tnsl->myname, param);
send_msg(tnsl, buf);
p = xstrcpy(cmd);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, nick);
p = xstrcat(p, (char *)"@");
p = xstrcat(p, tnsl->myname);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, param);
p = xstrcat(p, (char *)"\r\n");
send_msg(tnsl, p);
free(p);
}
}
}
@ -578,12 +580,21 @@ void send_at(char *cmd, char *nick, char *param)
void send_nick(char *nick, char *name, char *realname)
{
ncs_list *tnsl;
char buf[512];
char *p;
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if (tnsl->state == NCS_CONNECT) {
snprintf(buf, 512, "NICK %s %s %s %s\r\n", nick, name, tnsl->myname, realname);
send_msg(tnsl, buf);
p = xstrcpy((char *)"NICK ");
p = xstrcat(p, nick);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, name);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, tnsl->myname);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, realname);
p = xstrcat(p, (char *)"\r\n");
send_msg(tnsl, p);
free(p);
}
}
}
@ -593,19 +604,13 @@ void send_nick(char *nick, char *name, char *realname)
/*
* Broadcast a message to all servers except the originating server
*/
void broadcast(char *origin, const char *format, ...)
void broadcast(char *origin, char *msg)
{
ncs_list *tnsl;
va_list va_ptr;
char buf[512];
va_start(va_ptr, format);
vsnprintf(buf, 512, format, va_ptr);
va_end(va_ptr);
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if ((tnsl->state == NCS_CONNECT) && (strcmp(origin, tnsl->server))) {
send_msg(tnsl, buf);
send_msg(tnsl, msg);
}
}
}
@ -640,7 +645,7 @@ int send_msg(ncs_list *tnsl, const char *format, ...)
void check_servers(void)
{
char *errmsg, scfgfn[PATH_MAX];
char *errmsg, *p, scfgfn[PATH_MAX];
FILE *fp;
ncs_list *tnsl, **tmp;
srv_list *srv;
@ -736,13 +741,19 @@ void check_servers(void)
Remove = TRUE;
Syslog('r', "IBC: Remove server %s", tnsl->server);
if (tnsl->state == NCS_CONNECT) {
p = calloc(512, sizeof(char));
if (local_reset) {
broadcast(tnsl->server, "SQUIT %s Reset connection\r\n", tnsl->server);
send_msg(tnsl, "SQUIT %s Your system connection is reset\r\n", tnsl->myname);
snprintf(p, 512, "SQUIT %s Reset connection\r\n", tnsl->server);
broadcast(tnsl->server, p);
snprintf(p, 512, "SQUIT %s Your system connection is reset\r\n", tnsl->myname);
send_msg(tnsl, p);
} else {
broadcast(tnsl->server, "SQUIT %s Removed from configuration\r\n", tnsl->server);
send_msg(tnsl, "SQUIT %s Your system is removed from configuration\r\n", tnsl->myname);
snprintf(p, 512, "SQUIT %s Removed from configuration\r\n", tnsl->server);
broadcast(tnsl->server, p);
snprintf(p, 512, "SQUIT %s Your system is removed from configuration\r\n", tnsl->myname);
send_msg(tnsl, p);
}
free(p);
del_router(&servers, tnsl->server);
}
if (tnsl->socket != -1) {
@ -941,7 +952,10 @@ void check_servers(void)
tnsl->gotserver = FALSE;
tnsl->token = 0;
tnsl->halfdead = 0;
broadcast(tnsl->server, "SQUIT %s Connection died\r\n", tnsl->server);
p = calloc(81, sizeof(char));
snprintf(p, 81, "SQUIT %s Connection died\r\n", tnsl->server);
broadcast(tnsl->server, p);
free(p);
callchg = TRUE;
srvchg = TRUE;
system_shout("*** NETWORK SPLIT, lost connection with server %s", tnsl->server);
@ -959,7 +973,10 @@ void check_servers(void)
tnsl->gotserver = FALSE;
tnsl->token = 0;
tnsl->halfdead = 0;
broadcast(tnsl->server, "SQUIT %s Connection died\r\n", tnsl->server);
p = calloc(81, sizeof(char));
snprintf(p, 81, "SQUIT %s Connection died\r\n", tnsl->server);
broadcast(tnsl->server, p);
free(p);
callchg = TRUE;
srvchg = TRUE;
system_shout("*** NETWORK SPLIT, lost connection with server %s", tnsl->server);
@ -1063,7 +1080,7 @@ int command_server(char *hostname, char *parameters)
srv_list *ta;
usr_list *tmp;
chn_list *tmpc;
char *name, *hops, *id, *prod, *vers, *fullname;
char *p, *name, *hops, *id, *prod, *vers, *fullname;
unsigned int token;
int ihops, found = FALSE;
@ -1096,7 +1113,10 @@ int command_server(char *hostname, char *parameters)
* In that case, the session is authorized.
*/
if (tnsl->token == token) {
broadcast(tnsl->server, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname);
p = calloc(512, sizeof(char));
snprintf(p, 512, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname);
broadcast(tnsl->server, p);
free(p);
system_shout("* New server: %s, %s", name, fullname);
tnsl->gotserver = TRUE;
callchg = TRUE;
@ -1145,7 +1165,10 @@ int command_server(char *hostname, char *parameters)
if (found && tnsl->gotpass) {
send_msg(tnsl, "PASS %s 0100 %s\r\n", tnsl->passwd, tnsl->compress ? "Z":"");
send_msg(tnsl, "SERVER %s 0 %ld mbsebbs %s %s\r\n", tnsl->myname, token, VERSION, CFG.bbs_name);
broadcast(tnsl->server, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname);
p = calloc(512, sizeof(char));
snprintf(p, 512, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname);
broadcast(tnsl->server, p);
free(p);
system_shout("* New server: %s, %s", name, fullname);
tnsl->gotserver = TRUE;
tnsl->state = NCS_CONNECT;
@ -1185,7 +1208,10 @@ int command_server(char *hostname, char *parameters)
* Got a message about a server that is not our neighbour, could be a relayed server.
*/
if (add_server(&servers, name, ihops, prod, vers, fullname, hostname)) {
broadcast(hostname, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname);
p = calloc(512, sizeof(char));
snprintf(p, 512, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname);
broadcast(hostname, p);
free(p);
srvchg = TRUE;
Syslog('+', "IBC: new relay server %s: %s", name, fullname);
system_shout("* New server: %s, %s", name, fullname);
@ -1202,7 +1228,7 @@ int command_server(char *hostname, char *parameters)
int command_squit(char *hostname, char *parameters)
{
ncs_list *tnsl;
char *name, *message;
char *p, *name, *message;
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if (strcmp(tnsl->server, hostname) == 0) {
@ -1227,7 +1253,10 @@ int command_squit(char *hostname, char *parameters)
}
system_shout("* Server %s disconnected: %s", name, message);
broadcast(hostname, "SQUIT %s %s\r\n", name, message);
p = calloc(512, sizeof(char));
snprintf(p, 512, "SQUIT %s %s\r\n", name, message);
broadcast(hostname, p);
free(p);
srvchg = TRUE;
return 0;
}
@ -1237,7 +1266,7 @@ int command_squit(char *hostname, char *parameters)
int command_user(char *hostname, char *parameters)
{
ncs_list *tnsl;
char *name, *server, *realname;
char *p, *name, *server, *realname;
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if (strcmp(tnsl->server, hostname) == 0) {
@ -1255,7 +1284,10 @@ int command_user(char *hostname, char *parameters)
}
if (add_user(&users, server, name, realname) == 0) {
broadcast(hostname, "USER %s@%s %s\r\n", name, server, realname);
p = calloc(512, sizeof(char));
snprintf(p, 512, "USER %s@%s %s\r\n", name, server, realname);
broadcast(hostname, p);
free(p);
system_shout("* New user %s@%s (%s)", name, server, realname);
}
return 0;
@ -1266,7 +1298,7 @@ int command_user(char *hostname, char *parameters)
int command_quit(char *hostname, char *parameters)
{
ncs_list *tnsl;
char *name, *server, *message;
char *p, *name, *server, *message;
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if (strcmp(tnsl->server, hostname) == 0) {
@ -1289,7 +1321,10 @@ int command_quit(char *hostname, char *parameters)
system_shout("* User %s is leaving", name);
}
del_user(&users, server, name);
broadcast(hostname, "QUIT %s@%s %s\r\n", name, server, parameters);
p = calloc(512, sizeof(char));
snprintf(p, 512, "QUIT %s@%s %s\r\n", name, server, parameters);
broadcast(hostname, p);
free(p);
return 0;
}
@ -1299,7 +1334,7 @@ int command_nick(char *hostname, char *parameters)
{
ncs_list *tnsl;
usr_list *tmp;
char *nick, *name, *server, *realname;
char *p, *nick, *name, *server, *realname;
int found;
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
@ -1350,7 +1385,10 @@ int command_nick(char *hostname, char *parameters)
return 404;
}
broadcast(hostname, "NICK %s %s %s %s\r\n", nick, name, server, realname);
p = calloc(512, sizeof(char));
snprintf(p, 512, "NICK %s %s %s %s\r\n", nick, name, server, realname);
broadcast(hostname, p);
free(p);
return 0;
}
@ -1361,7 +1399,7 @@ int command_join(char *hostname, char *parameters)
ncs_list *tnsl;
chn_list *tmp;
usr_list *tmpu;
char *nick, *server, *channel, msg[81];
char *p, *nick, *server, *channel, msg[81];
int found;
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
@ -1413,7 +1451,10 @@ int command_join(char *hostname, char *parameters)
}
}
broadcast(hostname, "JOIN %s@%s %s\r\n", nick, server, channel);
p = calloc(512, sizeof(char));
snprintf(p, 512, "JOIN %s@%s %s\r\n", nick, server, channel);
broadcast(hostname, p);
free(p);
chnchg = TRUE;
return 0;
}
@ -1425,7 +1466,7 @@ int command_part(char *hostname, char *parameters)
ncs_list *tnsl;
chn_list *tmp;
usr_list *tmpu;
char *nick, *server, *channel, *message, msg[81];
char *p, *nick, *server, *channel, *message, msg[81];
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if (strcmp(tnsl->server, hostname) == 0) {
@ -1475,10 +1516,19 @@ int command_part(char *hostname, char *parameters)
}
}
if (message)
broadcast(hostname, "PART %s@%s %s %s\r\n", nick, server, channel, message);
else
broadcast(hostname, "PART %s@%s %s\r\n", nick, server, channel);
p = xstrcpy((char *)"PART ");
p = xstrcat(p, nick);
p = xstrcat(p, (char *)"@");
p = xstrcat(p, server);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, channel);
if (message) {
p = xstrcat(p, (char *)" ");
p = xstrcat(p, message);
}
p = xstrcat(p, (char *)"\r\n");
broadcast(hostname, p);
free(p);
return 0;
}
@ -1488,7 +1538,7 @@ int command_topic(char *hostname, char *parameters)
{
ncs_list *tnsl;
chn_list *tmp;
char *channel, *topic, msg[81];
char *p, *channel, *topic, msg[81];
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if (strcmp(tnsl->server, hostname) == 0) {
@ -1515,7 +1565,13 @@ int command_topic(char *hostname, char *parameters)
}
}
broadcast(hostname, "TOPIC %s %s\r\n", channel, topic);
p = xstrcpy((char *)"TOPIC ");
p = xstrcat(p, channel);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, topic);
p = xstrcat(p, (char *)"\r\n");
broadcast(hostname, p);
free(p);
return 0;
}
@ -1525,7 +1581,7 @@ int command_privmsg(char *hostname, char *parameters)
{
ncs_list *tnsl;
chn_list *tmp;
char *channel, *msg;
char *p, *channel, *msg;
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
if (strcmp(tnsl->server, hostname) == 0) {
@ -1550,7 +1606,13 @@ int command_privmsg(char *hostname, char *parameters)
if (strcmp(tmp->name, channel) == 0) {
tmp->lastmsg = now;
chat_msg(channel, NULL, msg);
broadcast(hostname, "PRIVMSG %s %s\r\n", channel, msg);
p = xstrcpy((char *)"PRIVMSG ");
p = xstrcat(p, channel);
p = xstrcat(p, (char *)" ");
p = xstrcat(p, msg);
p = xstrcat(p, (char *)"\r\n");
broadcast(hostname, p);
free(p);
return 0;
}
}
@ -1743,6 +1805,7 @@ void ibc_shutdown(void)
{
ncs_list *tnsl;
usr_list *usrp;
char *p;
Syslog('r', "IBC: start shutdown connections");
@ -1751,13 +1814,17 @@ void ibc_shutdown(void)
/*
* Our user, still connected
*/
p = calloc(512, sizeof(char));
if (strlen(usrp->channel) && strcmp(usrp->channel, "#sysop")) {
/*
* In a channel
*/
broadcast((char *)"foobar", "PART %s@%s %s System shutdown\r\n", usrp->nick, usrp->server, usrp->channel);
snprintf(p, 512, "PART %s@%s %s System shutdown\r\n", usrp->nick, usrp->server, usrp->channel);
broadcast((char *)"foobar", p);
}
broadcast((char *)"foobar", "QUIT %s@%s System shutdown\r\n", usrp->nick, usrp->server);
snprintf(p, 512, "QUIT %s@%s System shutdown\r\n", usrp->nick, usrp->server);
broadcast((char *)"foobar", p);
free(p);
}
}

2
mbtask/taskibc.h
View File

@ -112,7 +112,7 @@ int add_channel(chn_list **, char *, char *, char *);
void del_channel(chn_list **, char *);
int do_command(char *, char *, char *);
void send_all(const char *, ...);
void send_all(char *);
void send_at(char *, char *, char *);
void send_nick(char *, char *, char *);
void check_servers(void);