bitchx: add security patch for dcc

This commit is contained in:
Duncaen 2015-11-16 15:06:19 +01:00
parent 40926f38fb
commit 112f081a47
2 changed files with 77 additions and 1 deletions

View File

@ -0,0 +1,76 @@
diff --git include/dcc.h include/dcc.h
index 9cc1e7c..3e4f12d 100644
--- include/dcc.h
+++ include/dcc.h
@@ -97,6 +97,7 @@
#define DCC_OFFER 0x00040000
#define DCC_DELETE 0x00080000
#define DCC_TWOCLIENTS 0x00100000
+#define DCC_RESUME_REQ 0x00200000
#ifdef NON_BLOCKING_CONNECTS
#define DCC_CNCT_PEND 0x00200000
diff --git source/dcc.c source/dcc.c
index d0706f8..b158189 100644
--- source/dcc.c
+++ source/dcc.c
@@ -1415,6 +1415,7 @@ UserList *ul = NULL;
if (autoresume && stat(fullname, &sb) != -1) {
n->transfer_orders.byteoffset = sb.st_size;
n->bytes_read = 0L;
+ new_d->sock.flags |= DCC_RESUME_REQ;
send_ctcp(CTCP_PRIVMSG, nick, CTCP_DCC, "RESUME %s %d %ld", n->filename, ntohs(n->remport), sb.st_size);
} else {
DCC_int *new = NULL;
@@ -3430,6 +3431,7 @@ void dcc_getfile_resume_start (char *nick, char *description, char *address, cha
{
SocketList *s;
DCC_int *n;
+const DCC_List *pending;
char *tmp = NULL;
char *fullname = NULL;
struct stat sb;
@@ -3442,6 +3444,14 @@ struct stat sb;
put_it("%s", convert_output_format("$G %RDCC%n warning in dcc_getfile_resume_start", NULL));
return;
}
+
+ pending = find_dcc_pending(nick, description, NULL, DCC_FILEREAD, 0, -1);
+ if (!pending || !(pending->sock.flags & DCC_RESUME_REQ))
+ {
+ put_it("%s", convert_output_format("$G %RDCC%n Ignoring unsolicited ACCEPT from $0", "%s", nick));
+ return;
+ }
+
if (!(n = dcc_create(nick, description, NULL, 0, port?atol(port):0, DCC_FILEREAD, DCC_TWOCLIENTS|DCC_OFFER, start_dcc_get)))
return;
@@ -3488,17 +3498,13 @@ int blocksize = 0;
user = get_dcc_args(&args, &passwd, &port, &blocksize);
if (!user)
{
- put_it("%s", convert_output_format("$G %RDCC%n You must supply a nickname for DCC get", NULL, NULL));
+ put_it("%s", convert_output_format("$G %RDCC%n You must supply a nickname for DCC RESUME", NULL));
return;
}
+
if (!blocksize || blocksize > MAX_DCC_BLOCK_SIZE)
blocksize = get_int_var(DCC_BLOCK_SIZE_VAR);
- if (!user)
- {
- put_it("%s", convert_output_format("$G %RDCC%n You must supply a nickname for DCC RESUME", NULL));
- return;
- }
if (args && *args)
filename = args;
@@ -3557,6 +3563,8 @@ int blocksize = 0;
n->blocksize = blocksize;
n->transfer_orders.byteoffset = sb.st_size;
+ s->flags |= DCC_RESUME_REQ;
+
old_dp = doing_privmsg; old_dn = doing_notice; old_dc = in_ctcp_flag;
/* Just in case we have to fool the protocol enforcement. */
doing_privmsg = doing_notice = in_ctcp_flag = 0;

View File

@ -1,7 +1,7 @@
# Template file for 'bitchx'
pkgname=bitchx
version=1.2.1
revision=6
revision=7
build_style=gnu-configure
configure_args="--with-ssl --with-ipv6 --with-plugins"
makedepends="libressl-devel ncurses-devel"