aboutsummaryrefslogtreecommitdiffstats
path: root/net-im
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2004-01-26 21:06:02 +0800
committernectar <nectar@FreeBSD.org>2004-01-26 21:06:02 +0800
commit4ec2ad422bc2749522b6411462777c78d94c5979 (patch)
tree4d3a21d01da95ab19ff179cff33a8018e9670e84 /net-im
parent32c025b8b8e9a3b2c9872ddc7e0150ab60d95d81 (diff)
downloadfreebsd-ports-gnome-4ec2ad422bc2749522b6411462777c78d94c5979.tar.gz
freebsd-ports-gnome-4ec2ad422bc2749522b6411462777c78d94c5979.tar.zst
freebsd-ports-gnome-4ec2ad422bc2749522b6411462777c78d94c5979.zip
Patch almost a dozen vulnerabilities, see
<URL:http://security.e-matters.de/advisories/012004.txt>. Some fixes were Obtained from: Gaim CVS, originally submitted by Stefan Esser
Diffstat (limited to 'net-im')
-rw-r--r--net-im/gaim/Makefile2
-rw-r--r--net-im/gaim/files/patch-src::protocols::yahoo::yahoo.c248
-rw-r--r--net-im/gaim/files/patch-src::proxy.c19
-rw-r--r--net-im/gaim/files/patch-src::util.c161
4 files changed, 426 insertions, 4 deletions
diff --git a/net-im/gaim/Makefile b/net-im/gaim/Makefile
index 59f6bd6d3c15..e58e0e2ad861 100644
--- a/net-im/gaim/Makefile
+++ b/net-im/gaim/Makefile
@@ -6,7 +6,7 @@
PORTNAME= gaim
PORTVERSION= 0.75
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES?= net
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME}
diff --git a/net-im/gaim/files/patch-src::protocols::yahoo::yahoo.c b/net-im/gaim/files/patch-src::protocols::yahoo::yahoo.c
new file mode 100644
index 000000000000..ecb6ec9f450b
--- /dev/null
+++ b/net-im/gaim/files/patch-src::protocols::yahoo::yahoo.c
@@ -0,0 +1,248 @@
+*** src/protocols/yahoo/yahoo.c.orig Thu Jan 22 09:57:03 2004
+--- src/protocols/yahoo/yahoo.c Thu Jan 22 10:15:11 2004
+***************
+*** 20,25 ****
+--- 20,26 ----
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
++ #include <limits.h>
+ #include "internal.h"
+
+ #include "account.h"
+***************
+*** 131,138 ****
+--- 132,146 ----
+ while (pos + 1 < len) {
+ if (data[pos] == 0xc0 && data[pos + 1] == 0x80)
+ break;
++ if (x >= sizeof(key)-1) {
++ x++;
++ continue;
++
++ }
+ key[x++] = data[pos++];
+ }
++ if (x >= sizeof(key)-1)
++ x = 0;
+ key[x] = 0;
+ pos += 2;
+ pair->key = strtol(key, NULL, 10);
+***************
+*** 868,899 ****
+ }
+ }
+
+ #define OUT_CHARSET "utf-8"
+
+ static char *yahoo_decode(const char *text)
+ {
+ char *converted;
+! char *p, *n, *new;
+!
+! n = new = g_malloc(strlen (text) + 1);
+!
+! for (p = (char *)text; *p; p++, n++) {
+ if (*p == '\\') {
+! sscanf(p + 1, "%3o\n", (int *)n);
+! p += 3;
+! }
+! else
+! *n = *p;
+ }
+-
+ *n = '\0';
+-
+ converted = g_convert(new, n - new, OUT_CHARSET, "iso-8859-1", NULL, NULL, NULL);
+ g_free(new);
+
+ return converted;
+ }
+
+ static void yahoo_process_mail(GaimConnection *gc, struct yahoo_packet *pkt)
+ {
+ GaimAccount *account = gaim_connection_get_account(gc);
+--- 876,941 ----
+ }
+ }
+
++
++ static void octal(const char **p, const char *end, unsigned char *n)
++ {
++ int i, c;
++
++ for (i = 0, c = 0; i < 3 && *p < end; ++i, ++*p) {
++ c <<= 3;
++ switch (**p) {
++ case '0': break;
++ case '1': c += 1; break;
++ case '2': c += 2; break;
++ case '3': c += 3; break;
++ case '4': c += 4; break;
++ case '5': c += 5; break;
++ case '6': c += 6; break;
++ case '7': c += 7; break;
++ default:
++ if (i == 0) {
++ *n = **p;
++ ++*p;
++ return;
++ }
++ c >>= 3;
++ goto done;
++ }
++ }
++ done:
++ *n = (c > UCHAR_MAX) ? '?' : c;
++ return;
++ }
++
+ #define OUT_CHARSET "utf-8"
+
+ static char *yahoo_decode(const char *text)
+ {
+ char *converted;
+! unsigned char *n, *new;
+! size_t len;
+! const char *p, *end;
+!
+! len = strlen (text);
+! p = text;
+! end = &text[len];
+! n = new = g_malloc(len + 1);
+! while (p < end) {
+ if (*p == '\\') {
+! ++p;
+! octal(&p, end, n);
+! } else
+! *n = *p++;
+! ++n;
+ }
+ *n = '\0';
+ converted = g_convert(new, n - new, OUT_CHARSET, "iso-8859-1", NULL, NULL, NULL);
+ g_free(new);
+
+ return converted;
+ }
+
++
+ static void yahoo_process_mail(GaimConnection *gc, struct yahoo_packet *pkt)
+ {
+ GaimAccount *account = gaim_connection_get_account(gc);
+***************
+*** 1903,1934 ****
+
+ static void yahoo_web_pending(gpointer data, gint source, GaimInputCondition cond)
+ {
+ GaimConnection *gc = data;
+ GaimAccount *account = gaim_connection_get_account(gc);
+ struct yahoo_data *yd = gc->proto_data;
+! char buf[1024], buf2[256], *i = buf, *r = buf2;
+! int len, o = 0;
+
+ len = read(source, buf, sizeof(buf));
+! if (len <= 0 || strncmp(buf, "HTTP/1.0 302", strlen("HTTP/1.0 302"))) {
+ gaim_connection_error(gc, _("Unable to read"));
+ return;
+ }
+!
+! while ((i = strstr(i, "Set-Cookie: ")) && 0 < 2) {
+! i += strlen("Set-Cookie: ");
+! for (;*i != ';'; r++, i++) {
+! *r = *i;
+! }
+! *r=';';
+! r++;
+! *r=' ';
+! r++;
+! o++;
+! }
+! /* Get rid of that "; " */
+! *(r-2) = '\0';
+! yd->auth = g_strdup(buf2);
+ gaim_input_remove(gc->inpa);
+ close(source);
+ /* Now we have our cookies to login with. I'll go get the milk. */
+--- 1945,1974 ----
+
+ static void yahoo_web_pending(gpointer data, gint source, GaimInputCondition cond)
+ {
++ static const char http302[] = "HTTP/1.0 302";
++ static const char setcookie[] = "Set-Cookie: ";
+ GaimConnection *gc = data;
+ GaimAccount *account = gaim_connection_get_account(gc);
+ struct yahoo_data *yd = gc->proto_data;
+! char buf[1024], *i = buf;
+! int len;
+! GString *s;
+
+ len = read(source, buf, sizeof(buf));
+! if (len <= 0 || (len >= sizeof(http302)-1 &&
+! memcmp(http302, buf, sizeof(http302)-1) != 0)) {
+ gaim_connection_error(gc, _("Unable to read"));
+ return;
+ }
+! s = g_string_sized_new(len);
+! buf[len] = '\0';
+! while ((i = strstr(i, setcookie)) != NULL) {
+! i += sizeof(setcookie)-1;
+! for (;*i != ';'; i++)
+! g_string_append_c(s, *i);
+! g_string_append(s, "; ");
+! }
+! yd->auth = g_string_free(s, FALSE);
+ gaim_input_remove(gc->inpa);
+ close(source);
+ /* Now we have our cookies to login with. I'll go get the milk. */
+***************
+*** 1937,1943 ****
+ yahoo_got_web_connected, gc) != 0) {
+ gaim_connection_error(gc, _("Connection problem"));
+ return;
+! }
+ }
+
+ static void yahoo_got_cookies(gpointer data, gint source, GaimInputCondition cond)
+--- 1977,1983 ----
+ yahoo_got_web_connected, gc) != 0) {
+ gaim_connection_error(gc, _("Connection problem"));
+ return;
+! }
+ }
+
+ static void yahoo_got_cookies(gpointer data, gint source, GaimInputCondition cond)
+***************
+*** 1974,1988 ****
+ const char *c = buf;
+ char *d;
+ char name[64], value[64];
+ while ((c < (buf + len)) && (c = strstr(c, "<input "))) {
+ c = strstr(c, "name=\"") + strlen("name=\"");
+! for (d = name; *c!='"'; c++, d++)
+ *d = *c;
+ *d = '\0';
+ d = strstr(c, "value=\"") + strlen("value=\"");
+ if (strchr(c, '>') < d)
+ break;
+! for (c = d, d = value; *c!='"'; c++, d++)
+ *d = *c;
+ *d = '\0';
+ g_hash_table_insert(hash, g_strdup(name), g_strdup(value));
+--- 2014,2030 ----
+ const char *c = buf;
+ char *d;
+ char name[64], value[64];
++ int count = sizeof(name)-1;
+ while ((c < (buf + len)) && (c = strstr(c, "<input "))) {
+ c = strstr(c, "name=\"") + strlen("name=\"");
+! for (d = name; *c!='"' && count; c++, d++, count--)
+ *d = *c;
+ *d = '\0';
++ count = sizeof(value)-1;
+ d = strstr(c, "value=\"") + strlen("value=\"");
+ if (strchr(c, '>') < d)
+ break;
+! for (c = d, d = value; *c!='"' && count; c++, d++, count--)
+ *d = *c;
+ *d = '\0';
+ g_hash_table_insert(hash, g_strdup(name), g_strdup(value));
diff --git a/net-im/gaim/files/patch-src::proxy.c b/net-im/gaim/files/patch-src::proxy.c
new file mode 100644
index 000000000000..bbf4a19b3124
--- /dev/null
+++ b/net-im/gaim/files/patch-src::proxy.c
@@ -0,0 +1,19 @@
+*** src/proxy.c.orig Thu Jan 22 08:27:26 2004
+--- src/proxy.c Thu Jan 22 08:28:05 2004
+***************
+*** 974,980 ****
+
+ gaim_input_remove(phb->inpa);
+
+! while ((nlc != 2) && (read(source, &inputline[pos++], 1) == 1)) {
+ if (inputline[pos - 1] == '\n')
+ nlc++;
+ else if (inputline[pos - 1] != '\r')
+--- 974,980 ----
+
+ gaim_input_remove(phb->inpa);
+
+! while ((pos < sizeof(inputline)-1) && (nlc != 2) && (read(source, &inputline[pos++], 1) == 1)) {
+ if (inputline[pos - 1] == '\n')
+ nlc++;
+ else if (inputline[pos - 1] != '\r')
diff --git a/net-im/gaim/files/patch-src::util.c b/net-im/gaim/files/patch-src::util.c
index 67054a740409..79a71a97de84 100644
--- a/net-im/gaim/files/patch-src::util.c
+++ b/net-im/gaim/files/patch-src::util.c
@@ -1,5 +1,160 @@
-*** src/util.c.orig Tue Jan 13 14:49:00 2004
---- src/util.c Tue Jan 13 14:49:11 2004
+*** src/util.c.orig Fri Jan 9 22:04:56 2004
+--- src/util.c Thu Jan 22 08:26:14 2004
+***************
+*** 247,270 ****
+ /**************************************************************************
+ * Quoted Printable Functions
+ **************************************************************************/
+! void
+! gaim_quotedp_decode(const char *str, char **ret_str, int *ret_len)
+ {
+! char *p, *n, *new;
+
+! n = new = g_malloc(strlen (str) + 1);
+
+! for (p = (char *)str; *p; p++, n++) {
+ if (*p == '=') {
+! sscanf(p + 1, "%2x\n", (int *)n);
+! p += 2;
+! }
+! else if (*p == '_')
+ *n = ' ';
+ else
+ *n = *p;
+ }
+-
+ *n = '\0';
+
+ if (ret_len)
+--- 247,317 ----
+ /**************************************************************************
+ * Quoted Printable Functions
+ **************************************************************************/
+! static void hex(const char **p, const char *end, unsigned char *n)
+ {
+! int i, c;
+
+! for (i = 0, c = 0; i < 2 && *p < end; ++i, ++*p) {
+! c <<= 4;
+! switch (**p) {
+! case '0': break;
+! case '1': c += 1; break;
+! case '2': c += 2; break;
+! case '3': c += 3; break;
+! case '4': c += 4; break;
+! case '5': c += 5; break;
+! case '6': c += 6; break;
+! case '7': c += 7; break;
+! case '8': c += 8; break;
+! case '9': c += 9; break;
+! case 'a': c += 10; break;
+! case 'b': c += 11; break;
+! case 'c': c += 12; break;
+! case 'd': c += 13; break;
+! case 'e': c += 14; break;
+! case 'f': c += 15; break;
+! case 'A': c += 10; break;
+! case 'B': c += 11; break;
+! case 'C': c += 12; break;
+! case 'D': c += 13; break;
+! case 'E': c += 14; break;
+! case 'F': c += 15; break;
+! default:
+! if (i == 0) {
+! *n = **p;
+! ++*p;
+! return;
+! }
+! c >>= 4;
+! goto done;
+! }
+! }
+! done:
+! *n = (c > UCHAR_MAX) ? '?' : c;
+! return;
+! }
+
+! void
+! gaim_quotedp_decode(const char *str, char **ret_str, int *ret_len)
+! {
+! const char *p, *end;
+! unsigned char *n, *new;
+! size_t len;
+!
+! len = strlen (str);
+! n = new = g_malloc(len + 1);
+! p = str;
+! end = &p[len];
+! while (p < end) {
+ if (*p == '=') {
+! ++p;
+! hex(&p, end, n);
+! } else if (*p == '_')
+ *n = ' ';
+ else
+ *n = *p;
++ ++n;
+ }
+ *n = '\0';
+
+ if (ret_len)
+***************
+*** 1962,1968 ****
+ char **ret_path)
+ {
+ char scan_info[255];
+! char port_str[5];
+ int f;
+ const char *turl;
+ char host[256], path[256];
+--- 2009,2015 ----
+ char **ret_path)
+ {
+ char scan_info[255];
+! char port_str[6];
+ int f;
+ const char *turl;
+ char host[256], path[256];
+***************
+*** 1982,1997 ****
+ }
+
+ g_snprintf(scan_info, sizeof(scan_info),
+! "%%[%s]:%%[%s]/%%[%s]", addr_ctrl, port_ctrl, page_ctrl);
+
+ f = sscanf(url, scan_info, host, port_str, path);
+
+ if (f == 1)
+ {
+ g_snprintf(scan_info, sizeof(scan_info),
+! "%%[%s]/%%[%s]",
+ addr_ctrl, page_ctrl);
+ f = sscanf(url, scan_info, host, path);
+ g_snprintf(port_str, sizeof(port_str), "80");
+ }
+
+--- 2029,2049 ----
+ }
+
+ g_snprintf(scan_info, sizeof(scan_info),
+! "%%255[%s]:%%5[%s]/%%255[%s]", addr_ctrl, port_ctrl, page_ctrl);
+! addr_ctrl[sizeof(addr_ctrl)-1] = '\0';
+! port_ctrl[sizeof(port_ctrl)-1] = '\0';
+! page_ctrl[sizeof(page_ctrl)-1] = '\0';
+
+ f = sscanf(url, scan_info, host, port_str, path);
+
+ if (f == 1)
+ {
+ g_snprintf(scan_info, sizeof(scan_info),
+! "%%255[%s]/%%255[%s]",
+ addr_ctrl, page_ctrl);
+ f = sscanf(url, scan_info, host, path);
++ addr_ctrl[sizeof(addr_ctrl)-1] = '\0';
++ page_ctrl[sizeof(page_ctrl)-1] = '\0';
+ g_snprintf(port_str, sizeof(port_str), "80");
+ }
+
***************
*** 2081,2089 ****
static size_t
@@ -11,7 +166,7 @@
return content_len;
}
---- 2081,2094 ----
+--- 2133,2146 ----
static size_t
parse_content_len(const char *data, size_t data_len)
{