external/uhub
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ADCH++ had a security bug that allowed UCMD extension to be relayed.

Browse Source 
uhub did not have this security bug since the hub did not advertise support for the
UCMD extension, but the message was still correctly relayed as specified in the
protocol specification.

However, this commit adds support for the UCMD extension, but only to the extent
that uhub will advertise it and uhub will also drop any such CMD message
generated by a client and will (currently) never issues a CMD message by itself.
This commit is contained in:
Jan Vidar Krey
2012-07-30 00:08:12 +02:00
parent 949b54fcdd
commit cba0121574
2 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/core/hub.c
View File

@@ -129,6 +129,14 @@ int hub_handle_message(struct hub_info* hub, struct hub_user* u, const char* lin
CHECK_FLOOD(connect, 1);
ROUTE_MSG;
case ADC_CMD_BCMD:
case ADC_CMD_DCMD:
case ADC_CMD_ECMD:
case ADC_CMD_FCMD:
case ADC_CMD_HCMD:
CHECK_FLOOD(extras, 1);
break;
default:
CHECK_FLOOD(extras, 1);
ROUTE_MSG;