X-Git-Url: https://git.quassel-irc.org/?a=blobdiff_plain;f=src%2Fcore%2Fcipher.cpp;h=fb6a69720668f7acd905e88e3989092046a91d8a;hb=4cf9c160f318a71400b032ea6d3031b9e6628a56;hp=3f299f40c04fcd24e6071f89f6cb7a60bcdc073c;hpb=310dc3ae20541ec5364a9e70a17f3322adb5723f;p=quassel.git

diff --git a/src/core/cipher.cpp b/src/core/cipher.cpp
index 3f299f40..fb6a6972 100644
--- a/src/core/cipher.cpp
+++ b/src/core/cipher.cpp
@@ -13,7 +13,7 @@
 */
 
 #include "cipher.h"
-#include "logger.h"
+#include "logmessage.h"
 
 Cipher::Cipher()
 {
@@ -117,7 +117,6 @@ QByteArray Cipher::decrypt(QByteArray cipherText)
     // (if cbc and no error we parse cbc) || (if ecb and error we parse cbc)
     if ((m_cbc && !error) || (!m_cbc && error))
     {
-        cipherText = cipherText;
         temp = blowfishCBC(cipherText, false);
 
         if (temp == cipherText)
@@ -364,6 +363,10 @@ QByteArray Cipher::blowfishECB(QByteArray cipherText, bool direction)
     }
     else
     {
+        // ECB Blowfish encodes in blocks of 12 chars, so anything else is malformed input
+        if ((temp.length() % 12) != 0)
+            return cipherText;
+
         temp = b64ToByte(temp);
         while ((temp.length() % 8) != 0) temp.append('\0');
     }
@@ -376,8 +379,13 @@ QByteArray Cipher::blowfishECB(QByteArray cipherText, bool direction)
     if (!cipher.ok())
         return cipherText;
 
-    if (direction)
+    if (direction) {
+        // Sanity check
+        if ((temp2.length() % 8) != 0)
+            return cipherText;
+
         temp2 = byteToB64(temp2);
+    }
 
     return temp2;
 }