aboutsummaryrefslogtreecommitdiffstats
path: root/irc.c
diff options
context:
space:
mode:
authorWilmer van der Gaast <wilmer@gaast.net>2008-09-06 23:59:32 +0100
committerWilmer van der Gaast <wilmer@gaast.net>2008-09-06 23:59:32 +0100
commit3183c21afa7700ebc4dac02367653d1398a5b14a (patch)
tree70f46f382d76a99e1a4c9cd790604ab8cbc7da94 /irc.c
parent0a4f6f4d3eff2944ff36a0bd6ec0986824f23ade (diff)
Completely reviewed all uses of irc->password, irc_setpass() and
USTATUS_IDENTIFIED after another account overwriting vulnerability was found by Tero Marttila.
Diffstat (limited to 'irc.c')
-rw-r--r--irc.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/irc.c b/irc.c
index 9b4e0020..dd244c09 100644
--- a/irc.c
+++ b/irc.c
@@ -37,7 +37,7 @@ static char *set_eval_password( set_t *set, char *value )
{
irc_t *irc = set->data;
- if( irc->status & USTATUS_IDENTIFIED )
+ if( irc->status & USTATUS_IDENTIFIED && value )
{
irc_setpass( irc, value );
return NULL;
@@ -238,7 +238,7 @@ void irc_free( irc_t * irc )
log_message( LOGLVL_INFO, "Destroying connection with fd %d", irc->fd );
if( irc->status & USTATUS_IDENTIFIED && set_getbool( &irc->set, "save_on_quit" ) )
- if( storage_save( irc, TRUE ) != STORAGE_OK )
+ if( storage_save( irc, NULL, TRUE ) != STORAGE_OK )
irc_usermsg( irc, "Error while saving settings!" );
irc_connection_list = g_slist_remove( irc_connection_list, irc );
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 21:22:38 +0000