From: Pekka Riikonen <priikone@silcnet.org>
Date: Wed, 21 Feb 2001 16:09:22 +0000 (+0000)
Subject: 	updates.
X-Git-Tag: SILC.0.1~191
X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=commitdiff_plain;h=06dc0e878d04137168e1effcff21303597ed5fe0

	updates.
---

diff --git a/CHANGES b/CHANGES
index f0e7830c..b7785c8d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,9 @@ Wed Feb 21 14:17:04 EET 2001  Pekka Riikonen <priikone@poseidon.pspt.fi>
 	* Fixed minor encoding and decoding buglet from the
 	  lib/silccore/silcmode.c.
 
+	* Fixed buffer overflow from lib/silcclient/command.c in USERS
+	  command parsing.
+
 Wed Feb 21 12:44:00 EET 2001  Mika Boström <bostik@lut.fi>
 
  	* Changed all SilcConfigServer* and silc_config_server* to
diff --git a/lib/silcclient/command.c b/lib/silcclient/command.c
index e2e19573..d61ef791 100644
--- a/lib/silcclient/command.c
+++ b/lib/silcclient/command.c
@@ -1221,7 +1221,8 @@ SILC_CLIENT_CMD_FUNC(users)
   SilcIDCacheEntry id_cache = NULL;
   SilcChannelEntry channel;
   SilcBuffer buffer, idp;
-  char *name;
+  char *name, *line = NULL;
+  unsigned int line_len = 0;
 
   if (!cmd->conn) {
     SILC_NOT_CONNECTED(cmd->client, cmd->conn);
@@ -1294,18 +1295,25 @@ SILC_CLIENT_CMD_FUNC(users)
     cmd->client->ops->say(cmd->client, conn, "Users on %s", 
 			  channel->channel_name);
 
+    line = silc_calloc(4096, sizeof(*line));
+    line_len = 4096;
     silc_list_start(channel->clients);
     while ((chu = silc_list_get(channel->clients)) != SILC_LIST_END) {
       SilcClientEntry e = chu->client;
-      char *m, tmp[80], line[80], len1;
+      char *m, tmp[80], len1;
+
+      if (strlen(e->nickname) + strlen(e->server) + 100 > line_len) {
+	silc_free(line);
+	line_len += strlen(e->nickname) + strlen(e->server) + 100;
+	line = silc_calloc(line_len, sizeof(*line));
+      }
 
-      memset(line, 0, sizeof(line));
       memset(tmp, 0, sizeof(tmp));
       m = silc_client_chumode_char(chu->mode);
 
-      strcat(line, " ");
-      strcat(line, e->nickname);
-      strcat(line, e->server ? "@" : "");
+      strncat(line, " ", 1);
+      strncat(line, e->nickname, strlen(e->nickname));
+      strncat(line, e->server ? "@" : "", 1);
 
       len1 = 0;
       if (e->server)
@@ -1320,9 +1328,9 @@ SILC_CLIENT_CMD_FUNC(users)
 	  strcat(line, " ");
       }
 
-      strcat(line, "  H");
+      strncat(line, "  H", 3);
       strcat(tmp, m ? m : "");
-      strcat(line, tmp);
+      strncat(line, tmp, strlen(tmp));
 
       if (strlen(tmp) < 5)
 	for (i = 0; i < 5 - strlen(tmp); i++)
@@ -1337,6 +1345,9 @@ SILC_CLIENT_CMD_FUNC(users)
     }
   }
 
+  if (line)
+    silc_free(line);
+
   /* Notify application */
   COMMAND;