X-Git-Url: https://git.r.bdr.sh/rbdr/mobius/blobdiff_plain/b1658a46aebe8aceb23af187de956ef91452f48a..bdd21a62b39f18b1c78ede4e0dc2bd569d33173d:/hotline/transaction_handlers.go?ds=sidebyside

diff --git a/hotline/transaction_handlers.go b/hotline/transaction_handlers.go
index 5de2b45..85f85a4 100644
--- a/hotline/transaction_handlers.go
+++ b/hotline/transaction_handlers.go
@@ -305,7 +305,7 @@ func HandleChatSend(cc *ClientConn, t *Transaction) (res []Transaction, err erro
 func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
 	if !cc.Authorize(accessSendPrivMsg) {
 		res = append(res, cc.NewErrReply(t, "You are not allowed to send private messages."))
-		return res, err
+		return res, errors.New("user is not allowed to send private messages")
 	}
 
 	msg := t.GetField(FieldData)
@@ -326,7 +326,10 @@ func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, er
 		reply.Fields = append(reply.Fields, NewField(FieldQuotingMsg, t.GetField(FieldQuotingMsg).Data))
 	}
 
-	id, _ := byteToInt(ID.Data)
+	id, err := byteToInt(ID.Data)
+	if err != nil {
+		return res, errors.New("invalid client ID")
+	}
 	otherClient, ok := cc.Server.Clients[uint16(id)]
 	if !ok {
 		return res, errors.New("invalid client ID")