summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorRichard Hitt <rbh00@msi.rbh00.pacbell.net>2012-11-13 12:06:35 -0800
committerRichard Hitt <rbh00@msi.rbh00.pacbell.net>2012-11-13 12:06:35 -0800
commitb59f9abd1a26ef83b0d2496a1170ba498ada8955 (patch)
treed923aa10581049441d70c247598a4e4d43f4716c
parentc896176925670cea87f13a428285ddf12e25745e (diff)
Limit url-grabbing to NOTICE, PRIVMSG, TOPIC, 332 (RPL_TOPIC), 372 (RPL_MOTD)
-rw-r--r--src/common/server.c2
-rw-r--r--src/common/url.c44
2 files changed, 45 insertions, 1 deletions
diff --git a/src/common/server.c b/src/common/server.c
index dbfdcdd8..3e694c43 100644
--- a/src/common/server.c
+++ b/src/common/server.c
@@ -157,6 +157,8 @@ server_send_real (server *serv, char *buf, int len)
 {
 	fe_add_rawlog (serv, buf, len, TRUE);
 
+	url_check_line (buf, len);
+
 	return tcp_send_real (serv->ssl, serv->sok, serv->encoding, serv->using_irc,
 								 buf, len);
 }
diff --git a/src/common/url.c b/src/common/url.c
index 0a4c3609..52e37daa 100644
--- a/src/common/url.c
+++ b/src/common/url.c
@@ -331,12 +331,53 @@ url_check_word (const char *word, int len)
 	return 0;
 }
 
+/* List of IRC commands for which contents (and thus possible URLs)
+ * are visible to the user.  NOTE:  Trailing blank required in each. */
+static char *commands[] = {
+	"NOTICE ",
+	"PRIVMSG ",
+	"TOPIC ",
+	"332 ",		/* RPL_TOPIC */
+	"372 "		/* RPL_MOTD */
+};
+
+#define ARRAY_SIZE(a) (sizeof (a) / sizeof ((a)[0]))
+
 void
 url_check_line (char *buf, int len)
 {
 	char *po = buf;
 	char *start;
-	int wlen;
+	int i, wlen;
+
+	/* Skip over message prefix */
+	if (*po == ':')
+	{
+		po = strchr (po, ' ');
+		if (!po)
+			return;
+		po++;
+	}
+	/* Allow only commands from the above list */
+	for (i = 0; i < ARRAY_SIZE (commands); i++)
+	{
+		char *cmd = commands[i];
+		int len = strlen (cmd);
+
+		if (strncmp (cmd, po, len) == 0)
+		{
+			po += len;
+			break;
+		}
+	}
+	if (i == ARRAY_SIZE (commands))
+		return;
+
+	/* Skip past the channel name or user nick */
+	po = strchr (po, ' ');
+	if (!po)
+		return;
+	po++;
 
 	if (buf[0] == ':' && buf[1] != 0)
 		po++;
@@ -350,6 +391,7 @@ url_check_line (char *buf, int len)
 		{
 		case 0:
 		case ' ':
+		case '\r':
 
 			wlen = po - start;
 			if (wlen > 2)