diff options
| author | Wouter Coekaerts <coekie@irssi.org> | 2006-12-08 21:38:55 +0000 |
|---|---|---|
| committer | coekie <coekie@dbcabf3a-b0e7-0310-adc4-f8d773084564> | 2006-12-08 21:38:55 +0000 |
| commit | f0fb4c19d45e25fddee76e7c442b1e900666cd0c (patch) | |
| tree | 57b060b95fb83cfd44ebc8db4a56c7c9c7bb691c | |
| parent | 0aca74b6e35f55c601f91621fb64acbf402cece2 (diff) | |
| download | irssi-f0fb4c19d45e25fddee76e7c442b1e900666cd0c.zip | |
Remove CR and LF from Perl commands, to make it harder to introduce a security bug
git-svn-id: http://svn.irssi.org/repos/irssi/trunk@4396 dbcabf3a-b0e7-0310-adc4-f8d773084564
| -rw-r--r-- | src/perl/perl-common.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/src/perl/perl-common.c b/src/perl/perl-common.c index 02ae28dd..03dcc01e 100644 --- a/src/perl/perl-common.c +++ b/src/perl/perl-common.c @@ -526,6 +526,16 @@ static void perl_script_fill_hash(HV *hv, PERL_SCRIPT_REC *script) hv_store(hv, "data", 4, new_pv(script->data), 0); } +static void remove_newlines(char *str) +{ + char *writing = str; + + for (;*str;str++) + if (*str != '\n' && *str != '\r') + *(writing++) = *str; + *writing = '\0'; +} + void perl_command(const char *cmd, SERVER_REC *server, WI_ITEM_REC *item) { const char *cmdchars; @@ -540,6 +550,14 @@ void perl_command(const char *cmd, SERVER_REC *server, WI_ITEM_REC *item) sendcmd = g_strdup_printf("%c%s", *cmdchars, cmd); } + /* remove \r and \n from commands, + to make it harder to introduce a security bug in a script */ + if(strpbrk(sendcmd, "\r\n")) { + if (sendcmd == cmd) + sendcmd = strdup(cmd); + remove_newlines(sendcmd); + } + signal_emit("send command", 3, sendcmd, server, item); if (sendcmd != cmd) g_free(sendcmd); } |