added more checking to prevent a user's library size from being negative

Author: drscholl

FAQ

@@ -55,3 +55,8 @@ A:  If you have memory to spare, you can increase the value of
 
 Q:  How do I get my server listed on napigator.com?
 A:  Go to www.napigator.com and look for the section on adding servers.
+
+Q:  How do I link my server to other servers?
+A:  Find the people who run the server you want to link with and discuss it
+    with them.  If both parties agree you exchange a password and follow
+    the directions in the README for linking up.

add_file.c

@@ -72,7 +72,7 @@ static void
 insert_datum (DATUM * info, char *av)
 {
     LIST *tokens, *ptr;
-    int fsize;
+    unsigned int fsize;
 
     ASSERT (info != 0);
     ASSERT (av != 0);
@@ -199,7 +199,7 @@ HANDLER (add_file)
 {
     char *av[6];
     DATUM *info;
-    int fsize;
+    unsigned int fsize;
 
     (void) tag;
     (void) len;
@@ -229,10 +229,12 @@ HANDLER (add_file)
     }
 
     /* ensure we have a valid byte count */
-    fsize = atoi (av[2]);
-    if (fsize < 1)
+    fsize = strtoul (av[2],0,10);
+    /* check for overflow */
+    if(con->user->libsize + fsize < con->user->libsize)
     {
-	send_cmd (con, MSG_SERVER_NOSUCH, "invalid file size");
+	log("add_file(): %u byte file would overflow %s's library size",
+		fsize, con->user->nick);
 	return;
     }
 
@@ -273,6 +275,7 @@ HANDLER (share_file)
     char *av[4];
     DATUM *info;
     int i, type;
+    unsigned int fsize;
 
     (void) len;
     (void) tag;
@@ -327,10 +330,18 @@ HANDLER (share_file)
 	return;
     }
 
+    fsize = strtoul (av[1], 0, 10);
+    if(fsize + con->user->libsize < con->user->libsize)
+    {
+	log("share_file(): %u byte file would overflow %s's library size",
+		fsize, con->user->nick);
+	return;
+    }
+
     if (!(info = new_datum (av[0], av[2])))
 	return;
     info->user = con->user;
-    info->size = atoi (av[1]);
+    info->size = fsize;
     info->type = type;
 
     insert_datum (info, av[0]);
@@ -342,7 +353,8 @@ HANDLER (user_sharing)
 {
     char *av[3];
     USER *user;
-    int deltanum, deltasize;
+    int shared;
+    unsigned int libsize;
 
     (void) len;
     ASSERT (validate_connection (con));
@@ -358,13 +370,34 @@ HANDLER (user_sharing)
 	log ("user_sharing(): no such user %s (from %s)", av[0], con->host);
 	return;
     }
-    deltanum = atoi (av[1]) - user->shared;
-    Num_Files += deltanum;
-    user->shared += deltanum;
-    deltasize = atoi (av[2]) - user->libsize;
-    Num_Gigs += deltasize;
-    user->libsize += deltasize;
-    pass_message_args (con, tag, "%s %d %d", user->nick, user->shared,
+
+    shared = atoi(av[1]);
+
+    if(shared<0)
+    {
+	log("user_sharing(): negative count for %s from %s", av[0], con->host);
+	Num_Files -= user->shared;
+	Num_Gigs -= user->libsize;
+	user->shared = 0;
+	user->libsize = 0;
+    }
+    else
+    {
+	if(shared > user->shared)
+	    Num_Files += shared - user->shared;
+	else
+	    Num_Files -= user->shared - shared;
+	user->shared = shared;
+
+	libsize = strtoul (av[2],0,10);
+	if(libsize>user->libsize)
+	    Num_Gigs += libsize - user->libsize;
+	else
+	    Num_Gigs -= user->libsize - libsize;
+	user->libsize = libsize;
+    }
+
+    pass_message_args (con, tag, "%s %hu %u", user->nick, user->shared,
 		       user->libsize);
 }
 
@@ -374,7 +407,7 @@ HANDLER (add_directory)
 {
     char *dir, *basename, *md5, *size, *bitrate, *freq, *duration;
     char path[_POSIX_PATH_MAX], dirbuf[_POSIX_PATH_MAX];
-    int pathlen;
+    int pathlen, fsize;
     DATUM *info;
 
     (void) tag;
@@ -457,11 +490,18 @@ HANDLER (add_directory)
 	    continue;		/* get next file */
 	}
 
+	fsize = atoi (size);
+	if(fsize<1)
+	{
+	    send_cmd(con,MSG_SERVER_NOSUCH,"invalid size");
+	    continue;
+	}
+
 	/* create the db record for this file */
 	if (!(info = new_datum (path, md5)))
 	    return;
 	info->user = con->user;
-	info->size = atoi (size);
+	info->size = fsize;
 	info->bitrate = bitrateToMask (atoi (bitrate), con->user);
 	info->frequency = freqToMask (atoi (freq), con->user);
 	info->duration = atoi (duration);

handler.c

@@ -16,13 +16,13 @@
 #include <ctype.h>
 #endif
 
+/* 214 */
 HANDLER (server_stats)
 {
     (void) pkt;
-    (void) tag;
     (void) len;
-    send_cmd (con, MSG_SERVER_STATS, "%d %d %d", Users->dbsize, Num_Files,
-	      Num_Gigs / (1024 * 1024));
+    send_cmd (con, tag, "%d %d %.0f", Users->dbsize, Num_Files,
+	      Num_Gigs / 1048576.);
 }
 
 /* 10018 :<server> <target> <packet>
@@ -479,7 +479,7 @@ handle_connection (CONNECTION * con)
 		    && tag != MSG_CLIENT_ADD_DIRECTORY)
 		{
 		    pass_message_args (con, MSG_SERVER_USER_SHARING,
-				       "%s %d %d", con->user->nick,
+				       "%s %hu %u", con->user->nick,
 				       con->user->shared, con->user->libsize);
 		    con->user->sharing = 0;
 		}
@@ -489,7 +489,7 @@ handle_connection (CONNECTION * con)
 		if (tag != MSG_CLIENT_REMOVE_FILE)
 		{
 		    pass_message_args (con, MSG_SERVER_USER_SHARING,
-				       "%s %d %d", con->user->nick,
+				       "%s %hu %u", con->user->nick,
 				       con->user->shared, con->user->libsize);
 		    con->user->unsharing = 0;
 		}

remove_file.c

@@ -13,7 +13,7 @@ HANDLER (remove_file)
 {
     USER *user;
     DATUM *info;
-    int fsize;
+    unsigned int fsize;
 
     (void) tag;
     (void) len;

synch.c

@@ -58,7 +58,7 @@ sync_user (USER * user, CONNECTION * con)
     /* do this before the joins so the user's already in the channel see
        the real file count */
     if (user->shared)
-	send_cmd (con, MSG_SERVER_USER_SHARING, "%s %d %d", user->nick,
+	send_cmd (con, MSG_SERVER_USER_SHARING, "%s %hu %u", user->nick,
 		  user->shared, user->libsize);
 
     /* send the channels this user is listening on */