GitHub/ergo
3
0
Fork 0
mirror of https://github.com/ergochat/ergo.git synced 2025-05-06 06:37:26 +02:00
Code Issues Projects Releases Wiki Activity

safer 005 length limits (#2241)

Browse Source 
* Limit the payload to 380 bytes instead of 400
* Don't translate the final parameter

This leaves about 60 bytes for the server name.
This commit is contained in:
Shivaram Lingamneni 2025-04-06 02:59:03 -04:00 committed by GitHub
parent 98e04c10a8
commit 9c3173f573
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
irc/isupport/list.go
View File

@ -10,7 +10,7 @@ import (
) )
const ( const (
maxLastArgLength = 400 maxPayloadLength = 380
/* Modern: "As the maximum number of message parameters to any reply is 15, /* Modern: "As the maximum number of message parameters to any reply is 15,
the maximum number of RPL_ISUPPORT tokens that can be advertised is 13." the maximum number of RPL_ISUPPORT tokens that can be advertised is 13."
@ -98,7 +98,7 @@ func (il *List) GetDifference(newil *List) [][]string {
var cache []string // Token list cache var cache []string // Token list cache
for _, token := range outTokens { for _, token := range outTokens {
if len(token)+length <= maxLastArgLength { if len(token)+length <= maxPayloadLength {
// account for the space separating tokens // account for the space separating tokens
if len(cache) > 0 { if len(cache) > 0 {
length++ length++
@ -107,7 +107,7 @@ func (il *List) GetDifference(newil *List) [][]string {
length += len(token) length += len(token)
} }
if len(cache) == maxParameters || len(token)+length >= maxLastArgLength { if len(cache) == maxParameters || len(token)+length >= maxPayloadLength {
replies = append(replies, cache) replies = append(replies, cache)
cache = make([]string, 0) cache = make([]string, 0)
length = 0 length = 0
@ -130,9 +130,9 @@ func validateToken(token string) error {
return fmt.Errorf("bad isupport token (contains forbidden octets)") return fmt.Errorf("bad isupport token (contains forbidden octets)")
} }
// technically a token can be maxLastArgLength if it occurs alone, // technically a token can be maxPayloadLength if it occurs alone,
// but fail it just to be safe // but fail it just to be safe
if len(token) >= maxLastArgLength { if len(token) >= maxPayloadLength {
return fmt.Errorf("bad isupport token (too long): `%s`", token) return fmt.Errorf("bad isupport token (too long): `%s`", token)
} }
@ -158,7 +158,7 @@ func (il *List) RegenerateCachedReply() (err error) {
for _, token := range tokens { for _, token := range tokens {
// account for the space separating tokens // account for the space separating tokens
if len(cache) == maxParameters || (len(token)+1)+length > maxLastArgLength { if len(cache) == maxParameters || (len(token)+1)+length > maxPayloadLength {
il.CachedReply = append(il.CachedReply, cache) il.CachedReply = append(il.CachedReply, cache)
cache = nil cache = nil
length = 0 length = 0

4
irc/server.go
View File

@ -520,14 +520,14 @@ func (server *Server) sendRplISupportLines(client *Client, rb *ResponseBuffer, l
batchID := rb.StartNestedBatch(caps.ExtendedISupportBatchType) batchID := rb.StartNestedBatch(caps.ExtendedISupportBatchType)
defer rb.EndNestedBatch(batchID) defer rb.EndNestedBatch(batchID)
} }
translatedISupport := client.t("are supported by this server") finalText := "are supported by this server"
nick := client.Nick() nick := client.Nick()
for _, cachedTokenLine := range lines { for _, cachedTokenLine := range lines {
length := len(cachedTokenLine) + 2 length := len(cachedTokenLine) + 2
tokenline := make([]string, length) tokenline := make([]string, length)
tokenline[0] = nick tokenline[0] = nick
copy(tokenline[1:], cachedTokenLine) copy(tokenline[1:], cachedTokenLine)
tokenline[length-1] = translatedISupport tokenline[length-1] = finalText
rb.Add(nil, server.name, RPL_ISUPPORT, tokenline...) rb.Add(nil, server.name, RPL_ISUPPORT, tokenline...)
} }
} }