diff options
| -rw-r--r-- | usr.sbin/ppp/ppp/alias_irc.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/usr.sbin/ppp/ppp/alias_irc.c b/usr.sbin/ppp/ppp/alias_irc.c index e21f4b34e02..17a7f5ef319 100644 --- a/usr.sbin/ppp/ppp/alias_irc.c +++ b/usr.sbin/ppp/ppp/alias_irc.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: alias_irc.c,v 1.8 2001/08/21 04:09:16 brian Exp $ + * $OpenBSD: alias_irc.c,v 1.9 2001/09/13 10:32:56 brian Exp $ */ /* Alias_irc.c intercepts packages contain IRC CTCP commands, and @@ -236,6 +236,12 @@ lFOUND_CTCP: true_addr.s_addr = htonl(org_addr); destaddr.s_addr = 0; + /* Sanity/Security checking */ + if (!org_addr || !org_port || + pip->ip_src.s_addr != true_addr.s_addr || + org_port < IPPORT_RESERVED) + goto lBAD_CTCP; + /* Steal the FTP_DATA_PORT - it doesn't really matter, and this would probably allow it through at least _some_ firewalls. */ |