diff options
| author | Nei <ailin.nemui@gmail.com> | 2018-01-04 22:29:29 +0000 |
|---|---|---|
| committer | Nei <ailin.nemui@gmail.com> | 2018-01-04 22:29:29 +0000 |
| commit | 9df3d92598108b6e68fcc5521cd1fab8462d7ec5 (patch) | |
| tree | ab398fccadb5a676a1a50f06eb9dce1da6e5e5e6 /src/core | |
| parent | e405330e04dc344797f00c12cf8fd7f63b17e0e4 (diff) | |
| parent | 7bed781622c8e336bc7c739109c0a07bf3a9c8e3 (diff) | |
| download | irssi-9df3d92598108b6e68fcc5521cd1fab8462d7ec5.zip | |
Merge branch 'security' into 'master'
Security
Closes GL#18, GL#19, GL#20, GL#21
See merge request irssi/irssi!29
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/misc.c | 7 | ||||
| -rw-r--r-- | src/core/special-vars.c | 4 |
2 files changed, 9 insertions, 2 deletions
diff --git a/src/core/misc.c b/src/core/misc.c index e589b8c5..4e9f4bbe 100644 --- a/src/core/misc.c +++ b/src/core/misc.c @@ -703,8 +703,11 @@ int expand_escape(const char **data) *data += 2; return strtol(digit, NULL, 16); case 'c': - /* control character (\cA = ^A) */ - (*data)++; + /* check for end of string */ + if ((*data)[1] == '\0') + return 0; + /* control character (\cA = ^A) */ + (*data)++; return i_toupper(**data) - 64; case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': diff --git a/src/core/special-vars.c b/src/core/special-vars.c index aaf8da8f..f254c200 100644 --- a/src/core/special-vars.c +++ b/src/core/special-vars.c @@ -384,6 +384,7 @@ char *parse_special(char **cmd, SERVER_REC *server, void *item, } nest_free = FALSE; nest_value = NULL; +#if 0 /* this code is disabled due to security issues until it is fixed */ if (**cmd == '(' && (*cmd)[1] != '\0') { /* subvariable */ int toplevel = nested_orig_cmd == NULL; @@ -412,6 +413,9 @@ char *parse_special(char **cmd, SERVER_REC *server, void *item, if (toplevel) nested_orig_cmd = NULL; } +#else + if (nested_orig_cmd) nested_orig_cmd = NULL; +#endif if (**cmd != '{') brackets = FALSE; |