From 4cfcc79114d89096219039104674d35ca1aba5ca Mon Sep 17 00:00:00 2001 From: Florent Le Coz Date: Sun, 6 Sep 2015 18:55:48 +0200 Subject: Check the number of argument of every IRC command received from the server Each IrcClient callback has a max and min size of argument, we call the callback only if the parsed message has a correct number of arguments, otherwise it is ignored (with a warning logged). --- src/irc/irc_client.cpp | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) (limited to 'src/irc/irc_client.cpp') diff --git a/src/irc/irc_client.cpp b/src/irc/irc_client.cpp index 4e8385c..6ab19b7 100644 --- a/src/irc/irc_client.cpp +++ b/src/irc/irc_client.cpp @@ -150,14 +150,26 @@ void IrcClient::parse_in_buffer(const size_t) // Call the standard callback (if any), associated with the command // name that we just received. - auto cb = irc_callbacks.find(message.command); - if (cb != irc_callbacks.end()) + auto it = irc_callbacks.find(message.command); + if (it != irc_callbacks.end()) { - try { - (this->*(cb->second))(message); - } catch (const std::exception& e) { - log_error("Unhandled exception: " << e.what()); - } + const auto& limits = it->second.second; + // Check that the Message is well formed before actually calling + // the callback. limits.first is the min number of arguments, + // second is the max + if (message.arguments.size() < limits.first || + (limits.second > 0 && message.arguments.size() > limits.second)) + log_warning("Invalid number of arguments for IRC command “" << message.command << + "”: " << message.arguments.size()); + else + { + const auto& cb = it->second.first; + try { + (this->*(cb))(message); + } catch (const std::exception& e) { + log_error("Unhandled exception: " << e.what()); + } + } } else { -- cgit v1.2.3