From e61f1a6d8553b85b86457ca6ad0e69b2c1d1a2cb Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Wed, 3 Nov 1999 04:01:23 +0000 Subject: [PATCH] * Fixed buffer overrun problems in cmd_rchg(), cmd_hchg(), and cmd_uchg() * Removed my email address as the feedback content from the docs; replaced it with a reference to the Citadel/UX web site. --- citadel/ChangeLog | 6 ++++- citadel/README.txt | 16 +++++++++--- citadel/citserver.c | 52 +++++++++++++++++++++---------------- citadel/copyright.txt | 10 +++---- citadel/install.txt | 9 ++++--- citadel/sysop.txt | 8 +++--- citadel/techdoc/hack.txt | 2 +- citadel/techdoc/session.txt | 3 ++- citadel/utils.txt | 7 ++--- 9 files changed, 66 insertions(+), 47 deletions(-) diff --git a/citadel/ChangeLog b/citadel/ChangeLog index e1e0147de..38bacd21c 100644 --- a/citadel/ChangeLog +++ b/citadel/ChangeLog @@ -1,4 +1,9 @@ $Log$ +Revision 1.411 1999/11/03 04:01:20 ajc +* Fixed buffer overrun problems in cmd_rchg(), cmd_hchg(), and cmd_uchg() +* Removed my email address as the feedback content from the docs; replaced + it with a reference to the Citadel/UX web site. + Revision 1.410 1999/11/02 19:51:23 ajc * Fixed timeout problem for remote client sessions (all timeouts were set to 1 second ... probably a temporary hack that was missed in the cleanup) @@ -1417,4 +1422,3 @@ Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant Fri Jul 10 1998 Art Cancro * Initial CVS import - diff --git a/citadel/README.txt b/citadel/README.txt index b4c6e405c..eeed2c12d 100644 --- a/citadel/README.txt +++ b/citadel/README.txt @@ -1,6 +1,8 @@ Citadel/UX release notes -- version 5.50 + + ALL FURTHER CHANGES WILL BE IN THE "ChangeLog" FILE. - Please see the file "ChangeLog" for more information. + Please view that file for further information. @@ -184,6 +186,12 @@ off the same code. I've looked around at the various mods people have made to Citadel/UX and tried to implement the most-often-added and most-requested features to the stock distribution. If there's a feature you want/need that still isn't here, drop me a line and I'll see what I can do about adding it -to the next release. I can be contacted at ajc@uncnsrd.mt-kisco.ny.us or -simply log on to my BBS at uncnsrd.mt-kisco.ny.us (internet) or 914-244-3252 -(dialup). +to the next release. + + + + + For more information, visit the Citadel/UX web site at UNCENSORED! BBS + http://uncnsrd.mt-kisco.ny.us + + diff --git a/citadel/citserver.c b/citadel/citserver.c index a2ee6e7e8..0f96bf068 100644 --- a/citadel/citserver.c +++ b/citadel/citserver.c @@ -275,7 +275,7 @@ void cmd_info(void) { void cmd_rchg(char *argbuf) { - char newroomname[ROOMNAMELEN]; + char newroomname[256]; extract(newroomname, argbuf, 0); newroomname[ROOMNAMELEN-1] = 0; @@ -291,10 +291,9 @@ void cmd_rchg(char *argbuf) void cmd_hchg(char *argbuf) { - char newhostname[25]; + char newhostname[256]; extract(newhostname, argbuf, 0); - newhostname[24] = 0; if (strlen(newhostname) > 0) { safestrncpy(CC->fake_hostname, newhostname, sizeof(CC->fake_hostname) ); @@ -305,29 +304,36 @@ void cmd_hchg(char *argbuf) cprintf("%d OK\n", OK); } -void cmd_uchg(char *newusername) +void cmd_uchg(char *argbuf) { - if (CC->usersupp.axlevel < 6) - { - cprintf("%d You must be an Aide to use UCHG.\n", - ERROR+HIGHER_ACCESS_REQUIRED); - return; - } - if ((newusername) && (newusername[0])) - { - CC->cs_flags &= ~CS_STEALTH; - memset(CC->fake_username, 0, 32); - if (strncasecmp(newusername, CC->curr_user, strlen(CC->curr_user))) - safestrncpy(CC->fake_username, newusername, sizeof(CC->fake_username)); - } - else - { - CC->fake_username[0] = '\0'; - CC->cs_flags |= CS_STEALTH; - } - cprintf("%d\n",OK); + + char newusername[256]; + + extract(newusername, argbuf, 0); + + if (CC->usersupp.axlevel < 6) { + cprintf("%d You must be an Aide to masquerade your name.\n", + ERROR+HIGHER_ACCESS_REQUIRED); + return; + } + + if (strlen(newusername) > 0) { + CC->cs_flags &= ~CS_STEALTH; + memset(CC->fake_username, 0, 32); + if (strncasecmp(newusername, CC->curr_user, + strlen(CC->curr_user))) + safestrncpy(CC->fake_username, newusername, + sizeof(CC->fake_username)); + } + else { + CC->fake_username[0] = '\0'; + CC->cs_flags |= CS_STEALTH; + } + cprintf("%d\n",OK); } + + /* * returns an asterisk if there are any express messages waiting, * space otherwise. diff --git a/citadel/copyright.txt b/citadel/copyright.txt index f66d30b21..5f011b9c8 100644 --- a/citadel/copyright.txt +++ b/citadel/copyright.txt @@ -29,10 +29,8 @@ ICQ client code derived from ICQLIB written by: You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - Feedback concerning Citadel/UX goes to: ajc@uncnsrd.mt-kisco.ny.us - The home of Citadel/UX is UNCENSORED! BBS: - telnet://uncnsrd.mt-kisco.ny.us - http://uncnsrd.mt-kisco.ny.us - 914-244-3252 (modem) + + For more information, visit the Citadel/UX web site at UNCENSORED! BBS + http://uncnsrd.mt-kisco.ny.us + diff --git a/citadel/install.txt b/citadel/install.txt index 4a9aecbb4..926b19e03 100644 --- a/citadel/install.txt +++ b/citadel/install.txt @@ -344,7 +344,8 @@ other. Please refer these questions to your local sendmail wizard. THE PEANUT GALLERY - That's just about all the information you need to install the system. If -you have any comments, suggestions, bomb threats, etc., send them to -ajc@uncnsrd.mt-kisco.ny.us or call Uncensored Communications Group BBS at -(914) 244-3252 (modem) or uncnsrd.mt-kisco.ny.us (Internet). + That's just about all the information you need to install the system. + For more information, visit the Citadel/UX web site at UNCENSORED! BBS + http://uncnsrd.mt-kisco.ny.us + + diff --git a/citadel/sysop.txt b/citadel/sysop.txt index 0058eff90..c41596a86 100644 --- a/citadel/sysop.txt +++ b/citadel/sysop.txt @@ -260,7 +260,7 @@ course, if you still have trouble, you could always bug ^sysadm about it!" CONCLUSION - - Comments from the Peanut Gallery should be directed to (at) my email -address ajc@uncnsrd.mt-kisco.ny.us, or call UNCENSORED! BBS at 914-244-3252 -(modem) or uncnsrd.mt-kisco.ny.us (Internet). + + For more information, visit the Citadel/UX web site at UNCENSORED! BBS + http://uncnsrd.mt-kisco.ny.us + diff --git a/citadel/techdoc/hack.txt b/citadel/techdoc/hack.txt index 52335ddd9..889d56200 100644 --- a/citadel/techdoc/hack.txt +++ b/citadel/techdoc/hack.txt @@ -1,5 +1,5 @@ hack.txt for Citadel/UX - written by Art Cancro (ajc@uncnsrd.mt-kisco.ny.us) + (possibly a little out of date) Much of this document is borrowed from the original hack.doc from Citadel-CP/M and Citadel-86, because many of the concepts are the same. Hats diff --git a/citadel/techdoc/session.txt b/citadel/techdoc/session.txt index bd94c8527..490375bab 100644 --- a/citadel/techdoc/session.txt +++ b/citadel/techdoc/session.txt @@ -23,7 +23,8 @@ the same name but perform different functions. If you don't coordinate new developments ahead of time, please at least send in an e-mail documenting what you did, so that your new commands can be added to this document. - The coordinator of the Citadel/UX project is Art Cancro . + The coordinator of the Citadel/UX project is Art Cancro +. CONNECTING TO A SERVER diff --git a/citadel/utils.txt b/citadel/utils.txt index 4584e0a9e..ead1f1eb5 100644 --- a/citadel/utils.txt +++ b/citadel/utils.txt @@ -120,6 +120,7 @@ properly restricted. -------------------------------------------------------------------------- - That should cover all of the included utilities. Comments, suggestions, -etc. may be sent to ajc@uncnsrd.mt-kisco.ny.us or call UNCENSORED! BBS at -(914) 244-3252 (modem) or uncnsrd.mt-kisco.ny.us (Internet). + That should cover all of the included utilities. + For more information, visit the Citadel/UX web site at UNCENSORED! BBS + http://uncnsrd.mt-kisco.ny.us + -- 2.30.2