ObjIRC  Check-in [2cc7844016]

Overview
Comment:Make sure no newlines from parameters are sent.

Not doing so would allow hijacking a connection.

Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 2cc784401620aa8736dd33e1ab3908768058b813b22454ca5d8eb194d302a1d1
User & Date: js on 2012-11-28 21:30:19
Other Links: manifest | tags
Context
2012-12-22
15:19
Fix Xcode project. check-in: 8d09d11bca user: js tags: trunk
2012-11-28
21:30
Make sure no newlines from parameters are sent. check-in: 2cc7844016 user: js tags: trunk
2012-11-24
11:56
Remove the IRCChannels class. check-in: 620b9b2a30 user: js tags: trunk
Changes

Modified src/IRCConnection.m from [002f1423f2] to [08dd759998].

135
136
137
138
139
140
141


142
143
144
145
146
147
148
149


150
151
152
153
154
155
156
157
158
159
160
161



162
163
164
165
166
167
168
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175







+
+








+
+












+
+
+







- (void)disconnect
{
	[self disconnectWithReason: nil];
}

- (void)disconnectWithReason: (OFString*)reason
{
	reason = [[reason componentsSeparatedByString: @"\n"] firstObject];

	if (reason == nil)
		[self sendLine: @"QUIT"];
	else
		[self sendLineWithFormat: @"QUIT :%@", reason];
}

- (void)joinChannel: (OFString*)channel
{
	channel = [[channel componentsSeparatedByString: @"\n"] firstObject];

	[self sendLineWithFormat: @"JOIN %@", channel];
}

- (void)leaveChannel: (OFString*)channel
{
	[self leaveChannel: channel
		    reason: nil];
}

- (void)leaveChannel: (OFString*)channel
	      reason: (OFString*)reason
{
	channel = [[channel componentsSeparatedByString: @"\n"] firstObject];
	reason = [[reason componentsSeparatedByString: @"\n"] firstObject];

	if (reason == nil)
		[self sendLineWithFormat: @"PART %@", channel];
	else
		[self sendLineWithFormat: @"PART %@ :%@", channel, reason];

	[channels removeObjectForKey: channel];
}
190
191
192
193
194
195
196





197

198
199
200
201
202





203

204
205
206
207
208
209


210
211
212
213
214



215
216
217
218
219
220
221
197
198
199
200
201
202
203
204
205
206
207
208

209
210
211
212
213
214
215
216
217
218
219

220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243







+
+
+
+
+
-
+





+
+
+
+
+
-
+






+
+





+
+
+








	[pool release];
}

- (void)sendMessage: (OFString*)msg
		 to: (OFString*)to
{
	OFArray *lines = [msg componentsSeparatedByString: @"\n"];
	OFEnumerator *enumerator = [lines objectEnumerator];
	OFString *line;

	while ((line = [enumerator nextObject]) != nil)
	[self sendLineWithFormat: @"PRIVMSG %@ :%@", to, msg];
		[self sendLineWithFormat: @"PRIVMSG %@ :%@", to, line];
}

- (void)sendNotice: (OFString*)notice
		to: (OFString*)to
{
	OFArray *lines = [notice componentsSeparatedByString: @"\n"];
	OFEnumerator *enumerator = [lines objectEnumerator];
	OFString *line;

	while ((line = [enumerator nextObject]) != nil)
	[self sendLineWithFormat: @"NOTICE %@ :%@", to, notice];
		[self sendLineWithFormat: @"NOTICE %@ :%@", to, line];
}

- (void)kickUser: (OFString*)user
	 channel: (OFString*)channel
	  reason: (OFString*)reason
{
	reason = [[reason componentsSeparatedByString: @"\n"] firstObject];

	[self sendLineWithFormat: @"KICK %@ %@ :%@", channel, user, reason];
}

- (void)changeNicknameTo: (OFString*)nickname_
{
	nickname_ = [[nickname_ componentsSeparatedByString: @"\n"]
	    firstObject];

	[self sendLineWithFormat: @"NICK %@", nickname_];
}

- (void)IRC_processLine: (OFString*)line
{
	OFArray *components;
	OFString *action = nil;