diff options
author | jedgar <jedgar@FreeBSD.org> | 2001-01-25 11:19:53 +0800 |
---|---|---|
committer | jedgar <jedgar@FreeBSD.org> | 2001-01-25 11:19:53 +0800 |
commit | 9e022f1b0a6d26b54e9f77c182446fd37bd3df4f (patch) | |
tree | 7985bce401329d4a79f51b6343f368a43fd3d3dd /net | |
parent | 6e46f1c8ac23ea89091fc72a74a66054ea48e847 (diff) | |
download | freebsd-ports-gnome-9e022f1b0a6d26b54e9f77c182446fd37bd3df4f.tar.gz freebsd-ports-gnome-9e022f1b0a6d26b54e9f77c182446fd37bd3df4f.tar.zst freebsd-ports-gnome-9e022f1b0a6d26b54e9f77c182446fd37bd3df4f.zip |
- Update port to 0.4.6p1 (fixes remote buffer overflow)
- Add some additional buffer checks
Diffstat (limited to 'net')
-rw-r--r-- | net/micq/Makefile | 11 | ||||
-rw-r--r-- | net/micq/distinfo | 2 | ||||
-rw-r--r-- | net/micq/files/patch-aa | 21 | ||||
-rw-r--r-- | net/micq/files/patch-ab | 11 | ||||
-rw-r--r-- | net/micq/files/patch-ac | 11 | ||||
-rw-r--r-- | net/micq/files/patch-ad | 20 | ||||
-rw-r--r-- | net/micq/files/patch-ae | 24 |
7 files changed, 84 insertions, 16 deletions
diff --git a/net/micq/Makefile b/net/micq/Makefile index b9840e2f6ac8..1e66b15d57bf 100644 --- a/net/micq/Makefile +++ b/net/micq/Makefile @@ -6,21 +6,22 @@ # PORTNAME= micq -PORTVERSION= 0.4.6 +PORTVERSION= 0.4.6.1 CATEGORIES= net -MASTER_SITES= ftp://micq.chatzone.org/pub/micq/V${PORTVERSION}/ +MASTER_SITES= http://micq.ukeer.de/source/ +DISTNAME= ${PORTNAME}-${PORTVERSION:S/1/p1/} EXTRACT_SUFX= .tgz MAINTAINER= ports@freebsd.org -FORBIDDEN= "Remote buffer overflow" +WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION:S/.1/-p1/}/src do-install: ${INSTALL_PROGRAM} ${WRKSRC}/micq ${PREFIX}/bin .if !defined(NOPORTDOCS) ${MKDIR} ${PREFIX}/share/doc/micq - ${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/micq - ${INSTALL_DATA} ${WRKSRC}/CHANGELOG ${PREFIX}/share/doc/micq + ${INSTALL_DATA} ${WRKSRC}/../README ${PREFIX}/share/doc/micq + ${INSTALL_DATA} ${WRKSRC}/../CHANGELOG ${PREFIX}/share/doc/micq .endif .include <bsd.port.mk> diff --git a/net/micq/distinfo b/net/micq/distinfo index 9804ac927819..f3782ef44773 100644 --- a/net/micq/distinfo +++ b/net/micq/distinfo @@ -1 +1 @@ -MD5 (micq-0.4.6.tgz) = d6b0b09eaf12e722c12ac14d115e49bf +MD5 (micq-0.4.6.p1.tgz) = 2ea6df0f96606e9c74cace21dd8d39cd diff --git a/net/micq/files/patch-aa b/net/micq/files/patch-aa index 777dc8b9f921..296b89535428 100644 --- a/net/micq/files/patch-aa +++ b/net/micq/files/patch-aa @@ -1,12 +1,13 @@ ---- Makefile.orig Mon Jul 3 02:10:31 2000 -+++ Makefile Mon Jul 3 02:12:24 2000 -@@ -5,8 +5,7 @@ - # Most options that were here and soem that weren't have been moved to config.h - # edit that file to set up options. - # +--- Makefile.orig Tue Jan 23 11:49:05 2001 ++++ Makefile Wed Jan 24 20:28:41 2001 +@@ -2,8 +2,8 @@ + # originally by Matt D. Smith + # rewritten by Rico Gloeckner <mc@verdinet.de> + -CC = gcc -CFLAGS = -O4 -Wall -DUNIX -+CFLAGS += -Wall -DUNIX - CFLAGS += -DENGLISH_LANG - #CFLAGS += -DBULGARIAN_LANG - #CFLAGS += -DPOLISH_LANG ++CC?= gcc ++CFLAGS+= -Wall -DUNIX + + # uncomment the line below for debuging info + #CFLAGS += -g diff --git a/net/micq/files/patch-ab b/net/micq/files/patch-ab new file mode 100644 index 000000000000..5a0048fae593 --- /dev/null +++ b/net/micq/files/patch-ab @@ -0,0 +1,11 @@ +--- mreadline.c.orig Tue Jan 23 11:49:05 2001 ++++ mreadline.c Wed Jan 24 22:01:31 2001 +@@ -359,7 +359,7 @@ + break; + } + } +- sprintf (s, "%s %s/", message_cmd, ++ snprintf (s, sizeof(s), "%s %s/", message_cmd, + tab_array[tab_pointer]); + clen = cpos = strlen (s); + R_undraw(); diff --git a/net/micq/files/patch-ac b/net/micq/files/patch-ac new file mode 100644 index 000000000000..b44d774b820c --- /dev/null +++ b/net/micq/files/patch-ac @@ -0,0 +1,11 @@ +--- sendmsg.c.orig Tue Jan 23 11:49:05 2001 ++++ sendmsg.c Wed Jan 24 22:02:47 2001 +@@ -977,7 +977,7 @@ + { + char buf[450]; + +- sprintf( buf, "%s\xFE%s", url, description ); ++ snprintf( buf, sizeof(buf), "%s\xFE%s", url, description ); + icq_sendmsg( sok, uin, buf, URL_MESS ); + } + diff --git a/net/micq/files/patch-ad b/net/micq/files/patch-ad new file mode 100644 index 000000000000..f4e5d68cd184 --- /dev/null +++ b/net/micq/files/patch-ad @@ -0,0 +1,20 @@ +--- util_ui.c.orig Tue Jan 23 11:49:05 2001 ++++ util_ui.c Wed Jan 24 22:09:24 2001 +@@ -102,7 +102,7 @@ + assert( 2048 >= strlen( str ) ); + + va_start( args, str ); +- vsprintf( buf, str, args ); ++ vsnprintf( buf, sizeof(buf), str, args ); + k = write( fd, buf, strlen( buf ) ); + if ( k != strlen( buf ) ) + { +@@ -292,7 +292,7 @@ + + va_start( args, str ); + #ifndef CURSES_UI +- vsprintf( buf, str, args ); ++ vsnprintf( buf, sizeof(buf), str, args ); + str2 = buf; + while ( (void *) NULL != ( str1 = strchr( str2, '\x1b' ) ) ) + { diff --git a/net/micq/files/patch-ae b/net/micq/files/patch-ae new file mode 100644 index 000000000000..9b877e48dc8a --- /dev/null +++ b/net/micq/files/patch-ae @@ -0,0 +1,24 @@ +--- icq_response.c.orig Tue Jan 23 11:49:05 2001 ++++ icq_response.c Wed Jan 24 22:07:40 2001 +@@ -871,19 +871,12 @@ + } + *tmp = 0; + char_conv ("wc",data); +-// temporaryy fix to buffer overflow +-// should be solved better -mc +-// strcpy (url_desc,data); +- url_desc[0] = '\0'; +- strncat(url_desc,data,sizeof(url_data)-1); ++ strlcpy(url_desc,data,sizeof(url_data)); + + tmp++; + data = tmp; + char_conv ("wc",data); +-// same apllies here --mc +-// strcpy (url_data,data); +- url_data[0] = '\0'; +- strncat (url_data,data,sizeof(url_data)-1); ++ strlcpy(url_data,data,sizeof(url_data)); + + // and again + // sprintf (message,"Description: %s \n URL: %s",url_desc,url_data); |