empire/empserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix client code for catching rogue redirections and executes

Browse source 
The client permits redirection and execute only if it recently saw
them in player input.  The caching of recent player input for this
purpose was broken.

When save_input() evicted a line, it kept its newline.  This could
make the recent_input ring buffer fill up, which then got redirections
and execute misdiagnosed as rogue.

save_input() also screwed up when evicting one line didn't make
sufficient room for the line to be saved.  This could cause assertion
failure in forget_input().

Broken in commit 8b7d0b91, v4.3.11.
This commit is contained in:
Markus Armbruster 2008-08-23 16:19:09 -04:00
parent 741a7e54bd
commit 55b7fa1588
1 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/client/secure.c
View file

@ -38,7 +38,7 @@
#include "ringbuf.h"
#include "secure.h"
struct ring recent_input;
static struct ring recent_input;
static size_t saved_bytes;
/*
@ -51,14 +51,14 @@ size_t
save_input(char *inp)
{
size_t len = strlen(inp);
int left;
int eol;
assert(len && inp[len - 1] == '\n');
left = ring_putm(&recent_input, inp, len);
if (left < 0) {
ring_discard(&recent_input, ring_search(&recent_input, "\n"));
ring_putm(&recent_input, inp, len);
while (ring_putm(&recent_input, inp, len) < 0) {
eol = ring_search(&recent_input, "\n");
assert(eol >= 0);
ring_discard(&recent_input, eol + 1);
}
saved_bytes += len;
return saved_bytes;