Fix a vulnerability in chatMsg handler
This commit is contained in:
parent
babeb01ebe
commit
51d89b99e8
|
@ -1,3 +1,6 @@
|
||||||
|
Sat Oct 12 18:24 2013 CDT
|
||||||
|
* lib/user.js: Fix bad chatMsg packet causing exceptions
|
||||||
|
|
||||||
Sat Oct 12 15:53 2013 CDT
|
Sat Oct 12 15:53 2013 CDT
|
||||||
* lib/channel.js: Add a try-catch to playlist loading to catch
|
* lib/channel.js: Add a try-catch to playlist loading to catch
|
||||||
the mysterious error that's been coming up (corrupt pl?)
|
the mysterious error that's been coming up (corrupt pl?)
|
||||||
|
|
|
@ -229,6 +229,13 @@ User.prototype.initCallbacks = function () {
|
||||||
|
|
||||||
self.socket.on("chatMsg", function (data) {
|
self.socket.on("chatMsg", function (data) {
|
||||||
if (self.inChannel()) {
|
if (self.inChannel()) {
|
||||||
|
if (typeof data.msg !== "string") {
|
||||||
|
self.socket.emit("kick", {
|
||||||
|
reason: "Invalid chatMsg packet!"
|
||||||
|
});
|
||||||
|
self.socket.disconnect(true);
|
||||||
|
return;
|
||||||
|
}
|
||||||
if (data.msg.indexOf("/afk") !== 0) {
|
if (data.msg.indexOf("/afk") !== 0) {
|
||||||
self.setAFK(false);
|
self.setAFK(false);
|
||||||
self.autoAFK();
|
self.autoAFK();
|
||||||
|
|
Loading…
Reference in a new issue