From 0cdbebb648128d9d2242d058e5e50d552f8c5a38 Mon Sep 17 00:00:00 2001 From: =?utf8?q?J=C4=81nis=20R=C5=ABcis?= Date: Wed, 31 Mar 2010 19:10:04 +0300 Subject: [PATCH] IRC: check full buffers --- irc.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/irc.c b/irc.c index 4e2e0944..a1ffb946 100644 --- a/irc.c +++ b/irc.c @@ -74,10 +74,16 @@ static void IRC_AddMessage(const char *message) { size_t len = strlen(message); + if (irc_outgoing.len + len + 2 > sizeof (irc_outgoing.data)) + { + Con_Print("[IRC] Output buffer overflow.\n"); + return; + } + memcpy(irc_outgoing.data + irc_outgoing.len, message, sizeof (irc_outgoing.data) - irc_outgoing.len - 2); - memcpy(irc_outgoing.data + min(irc_outgoing.len + len, sizeof (irc_outgoing.data) - 2), "\r\n", 2); + memcpy(irc_outgoing.data + irc_outgoing.len + len, "\r\n", 2); - irc_outgoing.len = min(irc_outgoing.len + len + 2, sizeof (irc_outgoing.data)); + irc_outgoing.len += len + 2; Con_Printf("[IRC] %lu bytes waiting to be written\n", (unsigned long) irc_outgoing.len); } @@ -229,6 +235,14 @@ static void IRC_ProcessAllMessages(void) if (!nl) { + if (remaining_len == irc_incoming.len && irc_incoming.len == sizeof (irc_incoming.data)) + { + /* Full buffer, yet STILL no newline? Flush it. */ + irc_incoming.len = 0; + Con_Print("[IRC] Input buffer overflow.\n"); + return; + } + /* Probably incomplete message. */ memmove(irc_incoming.data, remaining, remaining_len); break; -- 2.39.5