Skip to content
This repository has been archived by the owner on Jun 24, 2021. It is now read-only.

Commit

Permalink
SASL: Disallow beginning : and space anywhere in AUTHENTICATE parameter
Browse files Browse the repository at this point in the history 
This is a FIX FOR A SECURITY VULNERABILITY. All Charybdis users must
apply this fix if you support SASL on your servers, or unload m_sasl.so
in the meantime.
  • Loading branch information
@aaronmdjones
aaronmdjones committed Sep 3, 2016
1 parent f92b4d8 commit 818a3fd
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions modules/m_sasl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,12 @@ m_authenticate(struct Client *client_p, struct Client *source_p,
return 0;
}

if (*parv[1] == ':' || strchr(parv[1], ' '))

This comment has been minimized.

Sign in to view

Copy link
@kaniini

kaniini Sep 3, 2016

Contributor

The first check is pointless imo.
{
exit_client(client_p, client_p, client_p, "Malformed AUTHENTICATE");
return 0;
}

saslserv_p = find_named_client(ConfigFileEntry.sasl_service);
if (saslserv_p == NULL || !IsService(saslserv_p))
{
Expand Down

0 comments on commit 818a3fd

Please sign in to comment.