From 3183c21afa7700ebc4dac02367653d1398a5b14a Mon Sep 17 00:00:00 2001
From: Wilmer van der Gaast <wilmer@gaast.net>
Date: Sat, 6 Sep 2008 23:59:32 +0100
Subject: Completely reviewed all uses of irc->password, irc_setpass() and
 USTATUS_IDENTIFIED after another account overwriting vulnerability was found
 by Tero Marttila.

---
 storage.c | 40 +++++++++++++++++++++++++++++++---------
 1 file changed, 31 insertions(+), 9 deletions(-)

(limited to 'storage.c')

diff --git a/storage.c b/storage.c
index 06044f80..f011ade2 100644
--- a/storage.c
+++ b/storage.c
@@ -102,20 +102,21 @@ storage_status_t storage_check_pass (const char *nick, const char *password)
 	return STORAGE_NO_SUCH_USER;
 }
 
-storage_status_t storage_load (const char *nick, const char *password, irc_t * irc)
+storage_status_t storage_load (irc_t * irc, const char *password)
 {
 	GList *gl;
 	
+	if (irc && irc->status & USTATUS_IDENTIFIED)
+		return STORAGE_OTHER_ERROR;
+	
 	/* Loop until we don't get NO_SUCH_USER */
 	for (gl = global.storage; gl; gl = gl->next) {
 		storage_t *st = gl->data;
 		storage_status_t status;
 
-		status = st->load(nick, password, irc);
-		if (status == STORAGE_OK) {
-			irc_setpass(irc, password);
+		status = st->load(irc, password);
+		if (status == STORAGE_OK)
 			return status;
-		}
 		
 		if (status != STORAGE_NO_SUCH_USER) 
 			return status;
@@ -124,9 +125,27 @@ storage_status_t storage_load (const char *nick, const char *password, irc_t * i
 	return STORAGE_NO_SUCH_USER;
 }
 
-storage_status_t storage_save (irc_t *irc, int overwrite)
+storage_status_t storage_save (irc_t *irc, char *password, int overwrite)
 {
-	return ((storage_t *)global.storage->data)->save(irc, overwrite);
+	storage_status_t st;
+	
+	if (password != NULL) {
+		/* Should only use this in the "register" command. */
+		if (irc->password || overwrite)
+			return STORAGE_OTHER_ERROR;
+		
+		irc_setpass(irc, password);
+	} else if ((irc->status & USTATUS_IDENTIFIED) == 0) {
+		return STORAGE_NO_SUCH_USER;
+	}
+	
+	st = ((storage_t *)global.storage->data)->save(irc, overwrite);
+	
+	if (password != NULL) {
+		irc_setpass(irc, NULL);
+	}
+	
+	return st;
 }
 
 storage_status_t storage_remove (const char *nick, const char *password)
@@ -142,14 +161,16 @@ storage_status_t storage_remove (const char *nick, const char *password)
 		storage_status_t status;
 
 		status = st->remove(nick, password);
-		if (status != STORAGE_NO_SUCH_USER && 
-			status != STORAGE_OK)
+		if (status != STORAGE_NO_SUCH_USER && status != STORAGE_OK)
 			ret = status;
 	}
 	
 	return ret;
 }
 
+#if 0
+Not using this yet. Test thoroughly before adding UI hooks to this function.
+
 storage_status_t storage_rename (const char *onick, const char *nnick, const char *password)
 {
 	storage_status_t status;
@@ -188,3 +209,4 @@ storage_status_t storage_rename (const char *onick, const char *nnick, const cha
 
 	return STORAGE_OK;
 }
+#endif
-- 
cgit v1.2.3