From b999e18edaeef068ab35aa0e5b79537af99033a3 Mon Sep 17 00:00:00 2001 From: Thomas Mannfred Carlsson Date: Sat, 7 Feb 2026 20:42:50 +0200 Subject: [PATCH 1/6] Bail on zero length buffer to rb_linebuf_get --- libratbox/src/linebuf.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libratbox/src/linebuf.c b/libratbox/src/linebuf.c index 32d09a60..9c02e3ba 100644 --- a/libratbox/src/linebuf.c +++ b/libratbox/src/linebuf.c @@ -446,6 +446,9 @@ rb_linebuf_get(rb_buf_head_t * bufhead, char *buf, size_t buflen, bool partial, size_t cpylen; char *start, *ch; + if(buflen == 0) + return 0; + /* make sure we have a line */ if(bufhead->list.head == NULL) return 0; /* Obviously not.. hrm. */ @@ -897,4 +900,3 @@ unsigned int rb_linebuf_numlines(rb_buf_head_t *bufhead) { return bufhead->numlines; } - From b9bdb7a2e5c7df690e8585e16c184f3ac129a7bb Mon Sep 17 00:00:00 2001 From: Thomas Mannfred Carlsson Date: Sat, 7 Feb 2026 23:15:20 +0200 Subject: [PATCH 2/6] Assert invalid buflen --- libratbox/src/linebuf.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/libratbox/src/linebuf.c b/libratbox/src/linebuf.c index 9c02e3ba..1dbf4b4c 100644 --- a/libratbox/src/linebuf.c +++ b/libratbox/src/linebuf.c @@ -446,8 +446,7 @@ rb_linebuf_get(rb_buf_head_t * bufhead, char *buf, size_t buflen, bool partial, size_t cpylen; char *start, *ch; - if(buflen == 0) - return 0; + assert(buflen>0); /* make sure we have a line */ if(bufhead->list.head == NULL) From 0e5ac8bfca863b030c71aee02e70b757a19acc2f Mon Sep 17 00:00:00 2001 From: Thomas Mannfred Carlsson Date: Sat, 7 Feb 2026 23:18:07 +0200 Subject: [PATCH 3/6] lrb_assert for invalid buflen --- libratbox/src/linebuf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libratbox/src/linebuf.c b/libratbox/src/linebuf.c index 1dbf4b4c..c5472dfc 100644 --- a/libratbox/src/linebuf.c +++ b/libratbox/src/linebuf.c @@ -446,7 +446,7 @@ rb_linebuf_get(rb_buf_head_t * bufhead, char *buf, size_t buflen, bool partial, size_t cpylen; char *start, *ch; - assert(buflen>0); + lrb_assert(buflen > 0); /* make sure we have a line */ if(bufhead->list.head == NULL) From 36b610b46ca9a382adf2d0705aa1b98bc0407ed4 Mon Sep 17 00:00:00 2001 From: Thomas Mannfred Carlsson Date: Sat, 7 Feb 2026 23:20:54 +0200 Subject: [PATCH 4/6] Added tls1.3 in example.conf --- doc/example.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/example.conf b/doc/example.conf index e2f9c677..4c40484f 100755 --- a/doc/example.conf +++ b/doc/example.conf @@ -118,7 +118,7 @@ serverinfo { ssld_count = 1; /* tls_min_ver: minimum version of ssl/tls we support. Options are as follows - * "ssl3", "tls1.0", "tls1.1" and "tls1.2". SSLv3 is broken and shouldn't be used. + * "ssl3", "tls1.0", "tls1.1", "tls1.2" and "tls1.3". SSLv3 is broken and shouldn't be used. * Also some versions of OpenSSL may have SSLv3 disabled entirely, in such case * tls1 will be enforced regardless of this parameter. */ From ac7e7abc59fddeb0b5f99d4c3c864e11a034b9d1 Mon Sep 17 00:00:00 2001 From: Thomas Mannfred Carlsson Date: Sat, 7 Feb 2026 23:36:38 +0200 Subject: [PATCH 5/6] Correct start index for parse_nameservers --- src/dns.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/dns.c b/src/dns.c index d913fb8b..ca2945f2 100644 --- a/src/dns.c +++ b/src/dns.c @@ -287,7 +287,7 @@ parse_nameservers(char **parv, int parc) rb_dlinkDestroy(ptr, &nameservers); } - for(i = 2; i < parc; i++) + for(i = 1; i < parc; i++) { server = rb_strdup(parv[i]); rb_dlinkAddTailAlloc(server, &nameservers); @@ -408,4 +408,3 @@ rehash_resolver(void) { rb_helper_write(dns_helper, "R"); } - From 342c2ed80f0057479c8e3f30f0f2b4245815bc12 Mon Sep 17 00:00:00 2001 From: Aaron Sethman Date: Sun, 8 Feb 2026 05:13:55 -0500 Subject: [PATCH 6/6] fix assert --- libratbox/include/rb_tools.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libratbox/include/rb_tools.h b/libratbox/include/rb_tools.h index eb635ef4..691950a3 100644 --- a/libratbox/include/rb_tools.h +++ b/libratbox/include/rb_tools.h @@ -43,7 +43,7 @@ rb_strlcat(char *dest, const char *src, size_t count) size_t len = strlen(src); size_t res = dsize + len; - assert(dsize >= count); + assert(dsize < count); dest += dsize; count -= dsize;