From c442bc18afefff6661b1108a4980e2a4f3c8e36d Mon Sep 17 00:00:00 2001
From: Adam <Adam@anope.org>
Date: Sun, 22 Dec 2013 08:34:57 -0500
Subject: [PATCH] Do not allow /cs clone access to add duplicate masks to the
 access list or allow growing the list pass accessmax. Fix reading botservs
 case sensitive config option. Give a better error message when trying to
 clone badwords if there is no botserv.

---
 modules/commands/bs_badwords.cpp |  2 +-
 modules/commands/cs_clone.cpp    | 43 ++++++++++++++++++++++----------
 2 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/modules/commands/bs_badwords.cpp b/modules/commands/bs_badwords.cpp
index 406ec0f03..47b68aadd 100644
--- a/modules/commands/bs_badwords.cpp
+++ b/modules/commands/bs_badwords.cpp
@@ -286,7 +286,7 @@ class CommandBSBadwords : public Command
 			return;
 		}
 
-		bool casesensitive = Config->GetModule("botserv")->Get<bool>("casesensitive");
+		bool casesensitive = Config->GetModule(this->module)->Get<bool>("casesensitive");
 
 		for (unsigned i = 0, end = badwords->GetBadWordCount(); i < end; ++i)
 		{
diff --git a/modules/commands/cs_clone.cpp b/modules/commands/cs_clone.cpp
index 5a5d52065..97ad42dbd 100644
--- a/modules/commands/cs_clone.cpp
+++ b/modules/commands/cs_clone.cpp
@@ -99,11 +99,25 @@ public:
 		}
 		else if (what.equals_ci("ACCESS"))
 		{
+			std::set<Anope::string> masks;
+			unsigned access_max = Config->GetModule("chanserv")->Get<unsigned>("accessmax", "1024");
+			unsigned count = 0;
+
+			for (unsigned i = 0; i < target_ci->GetAccessCount(); ++i)
+				masks.insert(target_ci->GetAccess(i)->mask);
+
 			for (unsigned i = 0; i < ci->GetAccessCount(); ++i)
 			{
 				const ChanAccess *taccess = ci->GetAccess(i);
 				AccessProvider *provider = taccess->provider;
 
+				if (access_max && target_ci->GetDeepAccessCount() >= access_max)
+					break;
+
+				if (masks.count(taccess->mask))
+					continue;
+				masks.insert(taccess->mask);
+
 				ChanAccess *newaccess = provider->Create();
 				newaccess->ci = target_ci;
 				newaccess->mask = taccess->mask;
@@ -113,9 +127,11 @@ public:
 				newaccess->AccessUnserialize(taccess->AccessSerialize());
 
 				target_ci->AddAccess(newaccess);
+
+				++count;
 			}
 
-			source.Reply(_("All access entries from \002%s\002 have been cloned to \002%s\002."), channel.c_str(), target.c_str());
+			source.Reply(_("%d access entries from \002%s\002 have been cloned to \002%s\002."), count, channel.c_str(), target.c_str());
 		}
 		else if (what.equals_ci("AKICK"))
 		{
@@ -136,21 +152,22 @@ public:
 			BadWords *target_badwords = target_ci->Require<BadWords>("badwords"),
 				*badwords = ci->Require<BadWords>("badwords");
 
-			if (target_badwords && badwords)
+			if (!target_badwords || !badwords)
 			{
-				target_badwords->ClearBadWords();
-
-				for (unsigned i = 0; i < badwords->GetBadWordCount(); ++i)
-				{
-					const BadWord *bw = badwords->GetBadWord(i);
-					target_badwords->AddBadWord(bw->word, bw->type);
-				}
+				source.Reply(ACCESS_DENIED); // BotServ doesn't exist/badwords isn't loaded
+				return;
 			}
 
-			if (badwords)
-				badwords->Check();
-			if (target_badwords)
-				target_badwords->Check();
+			target_badwords->ClearBadWords();
+
+			for (unsigned i = 0; i < badwords->GetBadWordCount(); ++i)
+			{
+				const BadWord *bw = badwords->GetBadWord(i);
+				target_badwords->AddBadWord(bw->word, bw->type);
+			}
+
+			badwords->Check();
+			target_badwords->Check();
 
 			source.Reply(_("All badword entries from \002%s\002 have been cloned to \002%s\002."), channel.c_str(), target.c_str());
 		}