jabber.developer2 0ee3d67ea0 fix(flatfile): harden flat-file backend against injection and traversal attacks
Security fixes for 7 vulnerabilities in database_flatfile.c:

1. Path traversal via crafted JID (HIGH):
   _ff_jid_to_dir() now strips '/', '\' -> '_' and collapses '..' -> '__',
   preventing a malicious federated JID from escaping the log directory.

2. Log injection via unescaped message body (HIGH):
   Add _ff_escape_message()/_ff_unescape_message() -- escape \n, \r, \\
   in message text on write, unescape on read. Prevents remote contacts
   from injecting fake log lines with forged sender/timestamp/encryption.

3. Metadata field injection (HIGH):
   Add _ff_escape_meta_value()/_ff_unescape_meta_value() -- escape |, ],
   \\, \n, \r in stanza_id/archive_id/replace_id. Parser uses escape-aware
   _ff_find_unescaped_char() and _ff_split_meta() instead of strchr/strsplit.

4. Sender ": " parsing confusion (MEDIUM):
   Escape ": " -> "\: " in XMPP resource on write. Parser uses
   _ff_find_unescaped_colonspace() + _ff_unescape_sender_resource().

5. LMC correction chain cycle -> infinite loop (MEDIUM):
   Add visited hash-set and FF_MAX_LMC_DEPTH (100) limit to chain walker.

6. Unbounded getline() -> OOM (MEDIUM):
   Add FF_MAX_LINE_LEN (10 MB) cap in _ff_readline(); overlength lines
   are skipped with a warning. Replaces all char buf[8192]/fgets() sites
   with dynamic getline() + truncated-line detection at EOF.

7. Symlink attack + TOCTOU on file creation (MEDIUM):
   Replace fopen("a") with open(O_WRONLY|O_APPEND|O_CREAT|O_EXCL|O_NOFOLLOW)
   + fdopen() -- atomic new-file detection, symlink rejection via O_NOFOLLOW.
   _ff_ensure_dir() checks g_lstat() for symlinks. File permissions 0600
   set via open() mode, not post-hoc g_chmod().
2026-03-04 18:54:24 +03:00
2021-12-24 13:49:07 +01:00
2016-03-09 12:55:57 +01:00
2025-03-11 12:15:09 +01:00
2022-02-01 15:01:28 +01:00
2025-01-28 16:43:13 +01:00
2021-08-26 00:30:55 +00:00
2026-02-18 17:39:25 +01:00
2019-04-24 01:08:38 +02:00
2025-04-10 07:23:35 +02:00
2025-09-01 16:57:10 +02:00
2025-06-20 18:20:47 +00:00
2020-05-21 09:16:18 +02:00

CProof

Build Status

CProof is a console based XMPP chat client based on Profanity.

alt tag

See the Quick Start Guide for information on installing and using CProof.

Project

CProof enables you to communicate with privacy, freedom and comfort. Our open-source chat application delivers secure, end-to-end encrypted messaging (OTR, PGP, OMEMO, OX) built on the trusted XMPP protocol. With a decentralized design, you can connect directly or even host your own server, keeping your data in your hands. Whether you're chatting with friends or collaborating securely, CProof makes private communication simple, reliable, and truly yours.

Installation

Check our installation guide for detailed instructions.

How to contribute

See our Helping Out page for a concise summary of ways to help us.

Review the Contributing Guide and Code Overview pages for advanced technical details.

Getting help

Prior to asking questions, check our User Guide, then check out the FAQ.

If you are still having a problem then search the issue tracker.

As a last resort, feel free to write us on support@jabber.tech or create a new issue depending on what your problem is.

Website

Feel free to visit our website: jabber.space.

You may also check the repository if you like, available on git.jabber.space/devs/profanity.

Plugins

Plugins repository: https://git.jabber.space/devs/cproof-plugins

Description
No description provided
Readme 40 MiB
Languages
C 95.2%
Python 1.7%
Makefile 0.9%
M4 0.8%
Shell 0.7%
Other 0.6%