d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Close the "IRC DCC" security breach reported recently on Bugtraq.

Browse Source 
Submitted by:	Makoto MATSUSHITA <matusita@jp.FreeBSD.org>
This commit is contained in:
ru 2001-08-21 11:21:08 +00:00
parent 2286423a99
commit 4d0fae19b5
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/libalias/alias_irc.c
View File

@ -236,6 +236,12 @@ AliasHandleIrcOut(struct ip *pip, /* IP packet to examine */
true_addr.s_addr = htonl(org_addr);
destaddr.s_addr = 0;
/* Sanity/Security checking */
if (!org_addr || !org_port ||
pip->ip_src.s_addr != true_addr.s_addr ||
org_port < IPPORT_RESERVED)
goto lBAD_CTCP;
/* Steal the FTP_DATA_PORT - it doesn't really matter, and this
would probably allow it through at least _some_
firewalls. */

6
sys/netinet/libalias/alias_irc.c
View File

@ -236,6 +236,12 @@ AliasHandleIrcOut(struct ip *pip, /* IP packet to examine */
true_addr.s_addr = htonl(org_addr);
destaddr.s_addr = 0;
/* Sanity/Security checking */
if (!org_addr || !org_port ||
pip->ip_src.s_addr != true_addr.s_addr ||
org_port < IPPORT_RESERVED)
goto lBAD_CTCP;
/* Steal the FTP_DATA_PORT - it doesn't really matter, and this
would probably allow it through at least _some_
firewalls. */