summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorin2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204>2003-09-06 11:14:15 +0800
committerin2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204>2003-09-06 11:14:15 +0800
commite22d3269f7d450ba90e42073943fc16bcc81a568 (patch)
treee0e5d89ebd167e750777d6bbdfb3e9646258869e
parentf712b39ec788717f4090adba536dfd892eeb56c9 (diff)
downloadpttbbs-e22d3269f7d450ba90e42073943fc16bcc81a568.tar
pttbbs-e22d3269f7d450ba90e42073943fc16bcc81a568.tar.gz
pttbbs-e22d3269f7d450ba90e42073943fc16bcc81a568.tar.bz2
pttbbs-e22d3269f7d450ba90e42073943fc16bcc81a568.tar.lz
pttbbs-e22d3269f7d450ba90e42073943fc16bcc81a568.tar.xz
pttbbs-e22d3269f7d450ba90e42073943fc16bcc81a568.tar.zst
pttbbs-e22d3269f7d450ba90e42073943fc16bcc81a568.zip
blog security fix
git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@1161 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
-rw-r--r--mbbsd/announce.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/mbbsd/announce.c b/mbbsd/announce.c
index c8f69baf..ac001d28 100644
--- a/mbbsd/announce.c
+++ b/mbbsd/announce.c
@@ -1133,8 +1133,16 @@ void BlogMain(int num)
break;
case '4':{
char hash[35];
+ int i;
getdata(16, 0, "請輸入該篇的雜湊值: ",
hash, sizeof(hash), DOECHO);
+ for( i = 0 ; hash[i] != 0 ; ++i ) /* 前面用 getdata() 保證有 \0 */
+ if( !islower(hash[i]) && !isnumber(hash[i]) )
+ break;
+ if( i != 32 ){
+ vmsg("輸入錯誤");
+ break;
+ }
if( hash[0] != 0 &&
getans("請確定刪除(Y/N)?[N] ") == 'y' ){
MYSQL mysql;