Changeset 3183c21 for irc.c


Ignore:
Timestamp:
2008-09-06T22:59:32Z (11 years ago)
Author:
Wilmer van der Gaast <wilmer@…>
Branches:
master
Children:
15d1469
Parents:
0a4f6f4
Message:

Completely reviewed all uses of irc->password, irc_setpass() and
USTATUS_IDENTIFIED after another account overwriting vulnerability was
found by Tero Marttila.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • irc.c

    r0a4f6f4 r3183c21  
    3838        irc_t *irc = set->data;
    3939       
    40         if( irc->status & USTATUS_IDENTIFIED )
     40        if( irc->status & USTATUS_IDENTIFIED && value )
    4141        {
    4242                irc_setpass( irc, value );
     
    239239       
    240240        if( irc->status & USTATUS_IDENTIFIED && set_getbool( &irc->set, "save_on_quit" ) )
    241                 if( storage_save( irc, TRUE ) != STORAGE_OK )
     241                if( storage_save( irc, NULL, TRUE ) != STORAGE_OK )
    242242                        irc_usermsg( irc, "Error while saving settings!" );
    243243       
Note: See TracChangeset for help on using the changeset viewer.