#!/bin/bash # # verify_fixes.sh - Verifică că toate fix-urile au fost aplicate corect # Data: 23 Februarie 2026 # echo "╔════════════════════════════════════════════════════════╗" echo "║ VERIFICARE FIX-URI SECURITATE - Underchat IRCD ║" echo "╚════════════════════════════════════════════════════════╝" echo "" FAILED=0 PASSED=0 # Funcție helper pentru verificare check_fix() { local file=$1 local pattern=$2 local description=$3 if grep -q "$pattern" "$file" 2>/dev/null; then echo "✅ PASS: $description" ((PASSED++)) else echo "❌ FAIL: $description" echo " File: $file" echo " Expected: $pattern" ((FAILED++)) fi } echo "═══ 1. Verificare ircd_limits.h ═══" check_fix "include/ircd_limits.h" "MAX_SENDQ_USER" "Header ircd_limits.h există" check_fix "include/ircd_limits.h" "MAX_RECVQ_USER" "RecvQ limits definite" check_fix "include/ircd_limits.h" "MAX_INCOMPLETE_MESSAGE_TIMEOUT" "Timeout definit" echo "" echo "═══ 2. Verificare unsafe string operations ═══" # s_user.c check_fix "ircd/s_user.c" "ircd_strncpy(cli_name(new_client), nick, NICKLEN)" "s_user.c:744 - strcpy fixat" check_fix "ircd/s_user.c" "ircd_strncpy(cli_name(sptr), nick, NICKLEN)" "s_user.c:859,867 - strcpy fixat" # uping.c check_fix "ircd/uping.c" "ircd_snprintf.*%10lu" "uping.c:290 - sprintf fixat" check_fix "ircd/uping.c" "ircd_strncpy(pptr->name" "uping.c:425 - strcpy fixat" # numnicks.c check_fix "ircd/numnicks.c" "ircd_strncpy(cli_yxx" "numnicks.c:333 - strcpy fixat" check_fix "ircd/numnicks.c" 'memcpy(buf, "AAAAAA", 7)' "numnicks.c:457 - strcpy fixat" # m_whois.c check_fix "ircd/m_whois.c" "strncat(markbufp" "m_whois.c:147-149 - strcat fixat" # whocmds.c check_fix "ircd/whocmds.c" 'memcpy(p1, " n/a", 5)' "whocmds.c:260 - strcpy fixat" # s_conf.c check_fix "ircd/s_conf.c" "memcpy(lp->value.cp, mark" "s_conf.c:1630 - strcpy fixat" echo "" echo "═══ 3. Verificare SendQ limits ═══" check_fix "ircd/send.c" "#include \"ircd_limits.h\"" "send.c include ircd_limits.h" check_fix "ircd/send.c" "MAX_SENDQ_USER" "SendQ limits implementate" check_fix "ircd/send.c" "SendQ exceeded" "SendQ disconnect message" echo "" echo "═══ 4. Verificare RecvQ limits ═══" check_fix "ircd/s_bsd.c" "#include \"ircd_limits.h\"" "s_bsd.c include ircd_limits.h" check_fix "ircd/s_bsd.c" "MAX_RECVQ_USER" "RecvQ limits implementate" check_fix "ircd/s_bsd.c" "RecvQ exceeded" "RecvQ disconnect message" echo "" echo "═══ 5. Verificare Incomplete Message Timeout ═══" check_fix "ircd/s_bsd.c" "MAX_INCOMPLETE_MESSAGE_TIMEOUT" "Timeout implementat" check_fix "ircd/s_bsd.c" "Incomplete message timeout" "Timeout disconnect message" echo "" echo "═══ 6. Verificare că nu mai există unsafe operations ═══" # Verifică că nu mai există strcpy/sprintf/strcat în locurile critice UNSAFE_COUNT=0 if grep -n "strcpy\|sprintf\|strcat" ircd/s_user.c ircd/uping.c ircd/numnicks.c ircd/m_whois.c ircd/whocmds.c ircd/s_conf.c 2>/dev/null | grep -v "Security fix\|ircd_strncpy\|ircd_snprintf\|strncat\|memcpy" | grep -v "^--$" > /tmp/unsafe_ops.txt; then UNSAFE_COUNT=$(wc -l < /tmp/unsafe_ops.txt) fi if [ $UNSAFE_COUNT -eq 0 ]; then echo "✅ PASS: Nu mai există unsafe string operations în fișierele fixate" ((PASSED++)) else echo "⚠️ WARNING: Găsite $UNSAFE_COUNT operații potențial unsafe:" cat /tmp/unsafe_ops.txt | head -10 echo " (verifică manual dacă sunt false positives)" fi rm -f /tmp/unsafe_ops.txt echo "" echo "╔════════════════════════════════════════════════════════╗" echo "║ REZULTATE ║" echo "╠════════════════════════════════════════════════════════╣" echo "║ ✅ PASSED: $PASSED tests ║" echo "║ ❌ FAILED: $FAILED tests ║" echo "╚════════════════════════════════════════════════════════╝" echo "" if [ $FAILED -eq 0 ]; then echo "🎉 SUCCESS! Toate fix-urile au fost aplicate corect!" echo "" echo "Next steps:" echo " 1. Compilează: make clean && make" echo " 2. Testează: ./ircd -f ircd.conf" echo " 3. Load test: python3 tests/load_test.py localhost 6667 100 60" exit 0 else echo "❌ ERORI! Unele fix-uri nu au fost aplicate corect." echo "Verifică manual fișierele menționate mai sus." exit 1 fi