Changeset 626f420 in code for cmd.c

Timestamp:

Mar 4, 2014, 5:09:42 PM (11 years ago)

Author:

Mike Belopuhov <mike@…>

Branches:

master

Children:

b7bc432

Parents:

8ef8c4e

git-author:

Mike Belopuhov <mike@…> (03/04/14 17:09:08)

git-committer:

Mike Belopuhov <mike@…> (03/04/14 17:09:42)

Message:

Add icb_vis to escape '%' chars and do some other sanitizing

File:

• cmd.c (modified) (16 diffs)

cmd.c

@@ -22 +22 @@
 #include <syslog.h>
 #include <unistd.h>
+#include <vis.h>
 #include <event.h>
 
@@ -79 +80 @@
         struct icb_group *ig = is->group;
         struct icb_session *s;
+        char whom[ICB_MAXNICKLEN];
 
         if (strlen(arg) == 0) {
@@ -85 +87 @@
         }
 
+        icb_vis(whom, arg, ICB_MAXNICKLEN);
+
         LIST_FOREACH(s, &ig->sess, entry) {
-                if (strcmp(s->nick, arg) == 0)
+                if (strcmp(s->nick, whom) == 0)
                         break;
         }
         if (s == NULL) {
-                icb_status(is, STATUS_NOTIFY, "%s is not signed on", arg);
+                icb_status(is, STATUS_NOTIFY, "%s is not signed on", whom);
                 return;
         }
@@ -110 +114 @@
         struct icb_group *ig;
         struct icb_session *s;
+        char whom[ICB_MAXNICKLEN];
 
         /* to boot or not to boot, that is the question */
@@ -119 +124 @@
         }
 
+        if (strlen(whom) == 0) {
+                icb_error(is, "Invalid user");
+                return;
+        }
+
+        icb_vis(whom, arg, ICB_MAXNICKLEN);
+
         /* who would be a target then? */
         LIST_FOREACH(s, &ig->sess, entry) {
-                if (strcmp(s->nick, arg) == 0)
+                if (strcmp(s->nick, whom) == 0)
                         break;
         }
@@ -140 +152 @@
         struct icb_group *ig;
         struct icb_session *s;
+        char group[ICB_MAXGRPLEN];
         int changing = 0;
 
@@ -147 +160 @@
         }
 
+        icb_vis(group, arg, ICB_MAXGRPLEN);
+
         LIST_FOREACH(ig, &groups, entry) {
-                if (strcmp(ig->name, arg) == 0)
+                if (strcmp(ig->name, group) == 0)
                         break;
         }
@@ -156 +171 @@
                         return;
                 } else {
-                        if ((ig = icb_addgroup(is, arg, NULL)) == NULL) {
+                        if ((ig = icb_addgroup(is, group, NULL)) == NULL) {
                                 icb_error(is, "Can't create group");
                                 return;
                         }
                         icb_log(NULL, LOG_DEBUG, "%s created group %s",
-                            is->nick, arg);
+                            is->nick, group);
                 }
         }
@@ -208 +223 @@
         struct icb_group *ig = is->group;
         struct icb_session *s;
+        char nick[ICB_MAXNICKLEN];
 
         if (strlen(arg) == 0) {
@@ -221 +237 @@
         if (strlen(arg) > ICB_MAXNICKLEN)
                 arg[ICB_MAXNICKLEN - 1] = '\0';
+        icb_vis(nick, arg, ICB_MAXNICKLEN);
         LIST_FOREACH(s, &ig->sess, entry) {
-                if (strcmp(s->nick, arg) == 0) {
+                if (strcmp(s->nick, nick) == 0) {
                         icb_error(is, "Nick is already in use");
                         return;
@@ -228 +245 @@
         }
         icb_status_group(ig, NULL, STATUS_NAME,
-            "%s changed nickname to %s", is->nick, arg);
-        strlcpy(is->nick, arg, sizeof is->nick);
+            "%s changed nickname to %s", is->nick, nick);
+        strlcpy(is->nick, nick, sizeof is->nick);
 }
 
@@ -284 +301 @@
         struct icb_group *ig = is->group;
         struct icb_session *s;
+        char whom[ICB_MAXNICKLEN];
 
         if (!ig->mod) {         /* if there is no mod, let anyone grab it */
@@ -294 +312 @@
                         return;
                 }
+                icb_vis(whom, arg, ICB_MAXNICKLEN);
                 LIST_FOREACH(s, &ig->sess, entry) {
-                        if (strcmp(s->nick, arg) == 0)
+                        if (strcmp(s->nick, whom) == 0)
                                 break;
                 }
@@ -311 +330 @@
 {
         struct icb_group *ig = is->group;
+        char topic[ICB_MAXTOPICLEN];
 
         if (strlen(arg) == 0) { /* querying the topic */
@@ -324 +344 @@
                         return;
                 }
-                strlcpy(ig->topic, arg, sizeof ig->topic);
+                icb_vis(topic, arg, ICB_MAXTOPICLEN);
+                strlcpy(ig->topic, topic, sizeof ig->topic);
                 icb_status_group(ig, NULL, STATUS_TOPIC,
                     "%s changed the topic to \"%s\"", is->nick, ig->topic);
@@ -334 +355 @@
 {
         struct icb_group *ig;
+        char group[ICB_MAXGRPLEN];
 
         if (strlen(arg) == 0)
                 return icb_who(is, NULL);
 
+        icb_vis(group, arg, ICB_MAXGRPLEN);
         LIST_FOREACH(ig, &groups, entry) {
-                if (strcmp(ig->name, arg) == 0)
+                if (strcmp(ig->name, group) == 0)
                         break;
         }
         if (ig == NULL) {
-                icb_error(is, "The group %s doesn't exist.", arg);
+                icb_error(is, "The group %s doesn't exist.", group);
                 return;
         }