Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix information leak through TCL variables. #643

Merged
merged 6 commits into from
Oct 12, 2018
Merged

Fix information leak through TCL variables. #643

merged 6 commits into from
Oct 12, 2018

Conversation

michaelortmann
Copy link
Member

@michaelortmann michaelortmann commented Sep 22, 2018
edited
Loading

Found by: maimizuno
Patch by: michaelortmann
Fixes: #137 and #414 as part of #51

One-line summary:
Fix information leak through TCL variables.

Additional description (if needed):
Before check_tcl_bind() Tcl_SetVar() is called. This Fix adds Tcl_UnsetVar() at the end of check_tcl_bind()

Please don't forget to update (not close) #51 after merge.

Test cases demonstrating functionality (if applicable):

  1. scripts/643.tcl
proc 643 args {
  foreach a [info vars ::_*] { if ![string eq "" [set $a]] { putlog "DEBUG $a:[set $a]" } }
  return 0
}
  1. eggdrop.conf
source scripts/643.tcl

  1. $ ./eggdrop -nt

  2. send private message to eggdrop

/msg <botnick> testmsg
  1. execute at partyline:
.tcl 643

before:

[01:00:35] [testuser!~michael@localhost] testmsg 
.tcl 643
[01:00:41] DEBUG ::_lu1:assoc
[01:00:41] DEBUG ::_event1:init-server
[01:00:41] DEBUG ::_out1:server
[01:00:41] DEBUG ::_out2:WHOIS linux
[01:00:41] DEBUG ::_out3:sent
[01:00:41] DEBUG ::_log1:o
[01:00:41] DEBUG ::_log2:*
[01:00:41] DEBUG ::_log3:DEBUG ::_log2:*
[01:00:41] DEBUG ::_filt1:1
[01:00:41] DEBUG ::_filt2:.tcl 643
[01:00:41] DEBUG ::_msg1:testuser
[01:00:41] DEBUG ::_msg2:~michael@localhost
[01:00:41] DEBUG ::_msg3:michael
[01:00:41] DEBUG ::_msgm1:testuser
[01:00:41] DEBUG ::_msgm2:~michael@localhost
[01:00:41] DEBUG ::_msgm3:michael
[01:00:41] DEBUG ::_msgm4:testmsg
[01:00:41] DEBUG ::_raw1:zen.localdomain
[01:00:41] DEBUG ::_raw2:318
[01:00:41] DEBUG ::_raw3:linux linux :End of WHOIS list.
[01:00:41] DEBUG ::_dcc1:-HQ
[01:00:41] DEBUG ::_dcc2:1
[01:00:41] DEBUG ::_dcc3:643
[01:00:41] DEBUG ::_chonof1:-HQ
[01:00:41] DEBUG ::_chonof2:1
[01:00:41] DEBUG ::_chjn1:linux
[01:00:41] DEBUG ::_chjn2:-HQ
[01:00:41] DEBUG ::_chjn3:0
[01:00:41] DEBUG ::_chjn4:*
[01:00:41] DEBUG ::_chjn5:1
[01:00:41] DEBUG ::_chjn6:llama@console
Tcl: 0

after:

[01:02:14] [testuser!~michael@localhost] testmsg 
.tcl 643
[01:02:17] DEBUG ::_dcc1:-HQ
[01:02:17] DEBUG ::_dcc2:1
[01:02:17] DEBUG ::_dcc3:643
Tcl: 0

@michaelortmann michaelortmann changed the title (WIP) Add Tcl_UnsetVar() (Fix #137 and #414) Fix information leak through TCL variables. Sep 22, 2018
@michaelortmann michaelortmann changed the title (Fix #137 and #414) Fix information leak through TCL variables. Fix information leak through TCL variables. Sep 22, 2018
@Cizzle Cizzle added this to the v1.8.4 milestone Oct 11, 2018
@Cizzle
Copy link
Member

Cizzle commented Oct 11, 2018

LGTM

@vanosg
Copy link
Member

vanosg commented Oct 12, 2018

build

@vanosg vanosg merged commit bfa5f60 into eggheads:develop Oct 12, 2018
@michaelortmann michaelortmann deleted the tclunsetvar branch October 12, 2018 03:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.8.4
Development

Successfully merging this pull request may close these issues.

Global variables: security concern with $::msg[1-4] / $::msgm[1-4]?
3 participants
@michaelortmann @Cizzle @vanosg