From 9fbff0c7589166c185c6885b0d67b2402228e8b6 Mon Sep 17 00:00:00 2001 From: plutooo Date: Thu, 1 Aug 2013 13:15:55 -0700 Subject: [PATCH] nTox: fixed 2 possible crashes, 3 incorrect packet lengths --- testing/nTox.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/testing/nTox.c b/testing/nTox.c index f87a2a25..de75d2ff 100644 --- a/testing/nTox.c +++ b/testing/nTox.c @@ -133,6 +133,9 @@ void line_eval(char lines[HISTORY][STRING_LENGTH], char *line) } else if (inpt_command == 'm') { //message command: /m friendnumber messsage size_t len = strlen(line); + if(len < 3) + return; + char numstring[len-3]; char message[len-3]; int i; @@ -141,13 +144,13 @@ void line_eval(char lines[HISTORY][STRING_LENGTH], char *line) numstring[i] = line[i+3]; } else { int j; - for (j = (i+1); j < len; j++) + for (j = (i+1); j < (len+1); j++) message[j-i-1] = line[j+3]; break; } } int num = atoi(numstring); - if (m_sendmessage(num, (uint8_t*) message, sizeof(message)) != 1) { + if (m_sendmessage(num, (uint8_t*) message, strlen(message) + 1) != 1) { new_lines("[i] could not send message"); } else { new_lines(format_message(message, -1)); @@ -162,7 +165,7 @@ void line_eval(char lines[HISTORY][STRING_LENGTH], char *line) name[i-3] = line[i]; } name[i-3] = 0; - setname(name, i); + setname(name, i - 2); char numstring[100]; sprintf(numstring, "[i] changed nick to %s", (char*)name); new_lines(numstring); @@ -179,7 +182,7 @@ void line_eval(char lines[HISTORY][STRING_LENGTH], char *line) status[i-3] = line[i]; } status[i-3] = 0; - m_set_userstatus(status, strlen((char*)status)); + m_set_userstatus(status, strlen((char*)status) + 1); char numstring[100]; sprintf(numstring, "[i] changed status to %s", (char*)status); new_lines(numstring);