1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
|
diff -Nurad src~/mod/server.mod/servmsg.c src/mod/server.mod/servmsg.c
--- src~/mod/server.mod/servmsg.c 2007-08-12 16:39:34.000000000 +0200
+++ src/mod/server.mod/servmsg.c 2007-08-12 16:39:52.000000000 +0200
@@ -461,7 +461,8 @@
to = newsplit(&msg);
fixcolon(msg);
/* Only check if flood-ctcp is active */
- strcpy(uhost, from);
+ strncpy(uhost, from, sizeof(buf));
+ buf[sizeof(buf) - 1] = '\0';
nick = splitnick(&uhost);
if (flud_ctcp_thr && detect_avalanche(msg)) {
if (!ignoring) {
@@ -471,7 +472,7 @@
p++;
else
p = uhost;
- simple_sprintf(ctcpbuf, "*!*@%s", p);
+ snprintf(ctcpbuf, sizeof(ctcpbuf), "*!*@%s", p);
addignore(ctcpbuf, botnetnick, "ctcp avalanche",
now + (60 * ignore_time));
}
@@ -486,8 +487,12 @@
p++;
if (*p == 1) {
*p = 0;
- ctcp = strcpy(ctcpbuf, p1);
- strcpy(p1 - 1, p + 1);
+ ctcp = strncpy(ctcpbuf, p1, sizeof(ctcpbuf));
+ ctcpbuf[sizeof(ctcpbuf) - 1] = '\0';
+ /* copy the part after the second : in front of it after
+ * the first :, this is temporary copied to ctcpbuf */
+ memmove(p1 - 1, p + 1, strlen(p + 1) + 1);
+
if (!ignoring)
detect_flood(nick, uhost, from,
strncmp(ctcp, "ACTION ", 7) ? FLOOD_CTCP : FLOOD_PRIVMSG);
|