[mw-devel] [Git][arthur/mw][master] Prevent transition to invalid room numbers from webclient
Tom Lake
tswsl1989 at sucs.org
Fri Jan 22 23:40:28 GMT 2016
Tom Lake pushed to branch master at Justin Mitchell / mw
Commits:
7ae988f2 by Thomas Lake at 2016-01-22T23:39:42Z
Prevent transition to invalid room numbers from webclient
- - - - -
2 changed files:
- src/webclient/comms.c
- webclient/say.js
Changes:
=====================================
src/webclient/comms.c
=====================================
--- a/src/webclient/comms.c
+++ b/src/webclient/comms.c
@@ -407,6 +407,10 @@ static int handle_command(CONNECTION *co)
user->record.idletime = lastcomm;
if (newroom == oldroom) {
return 1;
+ }else if (newroom<0 || newroom>65535) {
+ snprintf(line, sizeof line, "\03314Not leaving to invalid room ID %d", newroom);
+ ipc_send_to_username(user->record.name, IPC_TEXT, line);
+ return 1;
}else{
user->record.room = newroom;
snprintf(line, sizeof line, "\03313%s has left to room %d", user->record.name, newroom);
=====================================
webclient/say.js
=====================================
--- a/webclient/say.js
+++ b/webclient/say.js
@@ -245,7 +245,7 @@ function cmdParser(text) {
sendCmdHandle('who', drawWho);
break;
case "room":
- if (args == undefined){
+ if (args == undefined || args < 0 || args > 65535){
$('#textlist').append("<div class='error'>Usage: "+cmd+" <number></div>");
}else{
sendCmd('channel '+args);
View it on GitLab: https://projects.sucs.org/arthur/mw/commit/7ae988f2a7a9b551b8880a1fde0c6d0abe3843bd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sucs.org/pipermail/mw-devel/attachments/20160122/b8d6cddb/attachment.html>
More information about the mw-devel
mailing list