From b2a25ac7c38009618f9a6275a946d2a637454041 Mon Sep 17 00:00:00 2001 From: Michael Poole Date: Tue, 27 Mar 2007 03:37:39 +0000 Subject: [PATCH] Check for missing parameters to iauth messages (SF bug#1685648). git-svn-id: file:///home/klmitch/undernet-ircu/undernet-ircu-svn/ircu2/branches/u2_10_12_branch@1791 c9e4aea6-c8fd-4c43-8297-357d70d61c8c --- ChangeLog | 11 ++++++++ ircd/s_auth.c | 4 ++- tests/bug-1685648.cmd | 9 ++++++ tests/iauth-test | 66 +++++++++++++++++++++++++++++++++++++++++++ tests/ircd.conf | 1 + 5 files changed, 90 insertions(+), 1 deletion(-) create mode 100644 tests/bug-1685648.cmd create mode 100755 tests/iauth-test diff --git a/ChangeLog b/ChangeLog index e653729..97bc410 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,14 @@ +2007-03-26 Michael Poole + + * ircd/s_auth.c (iauth_parse): Check for missing arguments when + parsing the iauth message. + + * tests/bug-1685648.cmd: New file to test this. + + * tests/iauth-test: New file to exercise the code path. + + * tests/ircd.conf: Use the iauth-test helper program. + 2007-03-26 Michael Poole * ircd/m_silence.c (forward_silences): Do not try twice to process diff --git a/ircd/s_auth.c b/ircd/s_auth.c index d3e816b..71dad1a 100644 --- a/ircd/s_auth.c +++ b/ircd/s_auth.c @@ -1990,7 +1990,9 @@ static void iauth_parse(struct IAuth *iauth, char *message) } else { /* Try to find the client associated with the request. */ id = strtol(params[0], NULL, 10); - if (id < 0 || id > HighestFd || !(cli = LocalClientArray[id])) + if (parc < 3) + sendto_iauth(NULL, "E Missing :Need "); + else if (id < 0 || id > HighestFd || !(cli = LocalClientArray[id])) /* Client no longer exists (or never existed). */ sendto_iauth(NULL, "E Gone :[%s %s %s]", params[0], params[1], params[2]); diff --git a/tests/bug-1685648.cmd b/tests/bug-1685648.cmd new file mode 100644 index 0000000..3bde970 --- /dev/null +++ b/tests/bug-1685648.cmd @@ -0,0 +1,9 @@ +define srv1 localhost:7601 +define srv1-name irc.example.net +define cl1-nick Bug1685648 +define channel #random-channel + +connect cl1 %cl1-nick% buguser %srv1% :Some buggy user +:cl1 join %channel% +:cl1 expect %srv1-name% 366 %channel% +:cl1 quit done diff --git a/tests/iauth-test b/tests/iauth-test new file mode 100755 index 0000000..4e4a8ba --- /dev/null +++ b/tests/iauth-test @@ -0,0 +1,66 @@ +#! /usr/bin/perl +# iauth-test: test script for IRC authorization (iauth) protocol +# Copyright 2006-2007 Michael Poole +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. + +require 5.008; # We assume deferred signal handlers, new in 5.008. +use strict; +use warnings; +use vars qw(%pending); + +use FileHandle; # for autoflush method on file handles + +# This script is an iauth helper script to help check for bugs in +# ircu's IAuth handling. + +sub dolog ($) { + print LOG "$_[0]\n"; +} + +sub reply ($;$$) { + my ($msg, $client, $extra) = @_; + + if (not defined $msg) { + # Accept this for easier handling of client reply messages. + return; + } elsif (ref $msg eq '') { + $msg =~ s/^(.) ?/$1 $client->{id} $client->{ip} $client->{port} / if $client; + dolog "< $msg"; + print "$msg\n"; + } elsif (ref $msg eq 'ARRAY') { + grep { reply($_, $client, $extra); } @$msg; + } elsif (ref $msg eq 'CODE') { + &$msg($client, $extra); + } else { + die "Unknown reply message type."; + } +} + +open LOG, ">> iauth.log"; +autoflush LOG 1; +autoflush STDOUT 1; +autoflush STDERR 1; +dolog "IAuth starting at " . scalar(localtime(time)); +reply("O ARU"); + +while (<>) { + # Chomp newline and log incoming message. + s/\r?\n?\r?$//; + dolog "> $_"; + + # If there's an ID at the start of the line, parse it out. + my $client = $pending{my $id = $1} if s/^(\d+) //; + + # Figure out how to handle the command. + if (/^C (\S+) (\S+) (.+)$/) { + $pending{$id} = { id => $id, ip => $1, port => $2 }; + } elsif (/^([DT])/ and $client) { + delete $pending{$id}; + } elsif (/^n (.+)$/ and $client) { + reply("C $client->{id} :Do not choke on missing parameters.") if $1 eq 'Bug1685648'; + reply("D", $client); + } +} diff --git a/tests/ircd.conf b/tests/ircd.conf index 5f8c5bf..eedadc7 100644 --- a/tests/ircd.conf +++ b/tests/ircd.conf @@ -33,6 +33,7 @@ Client { ip = "127.*"; class = "Local"; }; Operator { local = no; class = "Local"; host = "*@127.*"; password = "$PLAIN$oper"; name = "oper"; }; Port { server = yes; port = 7600; }; Port { port = 7601; }; +IAuth { program = "../tests/iauth-test"; }; Features { "HUB" = "TRUE"; -- 2.20.1