aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorjedgar <jedgar@FreeBSD.org>2001-01-25 11:19:53 +0800
committerjedgar <jedgar@FreeBSD.org>2001-01-25 11:19:53 +0800
commit9e022f1b0a6d26b54e9f77c182446fd37bd3df4f (patch)
tree7985bce401329d4a79f51b6343f368a43fd3d3dd /net
parent6e46f1c8ac23ea89091fc72a74a66054ea48e847 (diff)
downloadfreebsd-ports-gnome-9e022f1b0a6d26b54e9f77c182446fd37bd3df4f.tar.gz
freebsd-ports-gnome-9e022f1b0a6d26b54e9f77c182446fd37bd3df4f.tar.zst
freebsd-ports-gnome-9e022f1b0a6d26b54e9f77c182446fd37bd3df4f.zip
- Update port to 0.4.6p1 (fixes remote buffer overflow)
- Add some additional buffer checks
Diffstat (limited to 'net')
-rw-r--r--net/micq/Makefile11
-rw-r--r--net/micq/distinfo2
-rw-r--r--net/micq/files/patch-aa21
-rw-r--r--net/micq/files/patch-ab11
-rw-r--r--net/micq/files/patch-ac11
-rw-r--r--net/micq/files/patch-ad20
-rw-r--r--net/micq/files/patch-ae24
7 files changed, 84 insertions, 16 deletions
diff --git a/net/micq/Makefile b/net/micq/Makefile
index b9840e2f6ac8..1e66b15d57bf 100644
--- a/net/micq/Makefile
+++ b/net/micq/Makefile
@@ -6,21 +6,22 @@
#
PORTNAME= micq
-PORTVERSION= 0.4.6
+PORTVERSION= 0.4.6.1
CATEGORIES= net
-MASTER_SITES= ftp://micq.chatzone.org/pub/micq/V${PORTVERSION}/
+MASTER_SITES= http://micq.ukeer.de/source/
+DISTNAME= ${PORTNAME}-${PORTVERSION:S/1/p1/}
EXTRACT_SUFX= .tgz
MAINTAINER= ports@freebsd.org
-FORBIDDEN= "Remote buffer overflow"
+WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION:S/.1/-p1/}/src
do-install:
${INSTALL_PROGRAM} ${WRKSRC}/micq ${PREFIX}/bin
.if !defined(NOPORTDOCS)
${MKDIR} ${PREFIX}/share/doc/micq
- ${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/micq
- ${INSTALL_DATA} ${WRKSRC}/CHANGELOG ${PREFIX}/share/doc/micq
+ ${INSTALL_DATA} ${WRKSRC}/../README ${PREFIX}/share/doc/micq
+ ${INSTALL_DATA} ${WRKSRC}/../CHANGELOG ${PREFIX}/share/doc/micq
.endif
.include <bsd.port.mk>
diff --git a/net/micq/distinfo b/net/micq/distinfo
index 9804ac927819..f3782ef44773 100644
--- a/net/micq/distinfo
+++ b/net/micq/distinfo
@@ -1 +1 @@
-MD5 (micq-0.4.6.tgz) = d6b0b09eaf12e722c12ac14d115e49bf
+MD5 (micq-0.4.6.p1.tgz) = 2ea6df0f96606e9c74cace21dd8d39cd
diff --git a/net/micq/files/patch-aa b/net/micq/files/patch-aa
index 777dc8b9f921..296b89535428 100644
--- a/net/micq/files/patch-aa
+++ b/net/micq/files/patch-aa
@@ -1,12 +1,13 @@
---- Makefile.orig Mon Jul 3 02:10:31 2000
-+++ Makefile Mon Jul 3 02:12:24 2000
-@@ -5,8 +5,7 @@
- # Most options that were here and soem that weren't have been moved to config.h
- # edit that file to set up options.
- #
+--- Makefile.orig Tue Jan 23 11:49:05 2001
++++ Makefile Wed Jan 24 20:28:41 2001
+@@ -2,8 +2,8 @@
+ # originally by Matt D. Smith
+ # rewritten by Rico Gloeckner <mc@verdinet.de>
+
-CC = gcc
-CFLAGS = -O4 -Wall -DUNIX
-+CFLAGS += -Wall -DUNIX
- CFLAGS += -DENGLISH_LANG
- #CFLAGS += -DBULGARIAN_LANG
- #CFLAGS += -DPOLISH_LANG
++CC?= gcc
++CFLAGS+= -Wall -DUNIX
+
+ # uncomment the line below for debuging info
+ #CFLAGS += -g
diff --git a/net/micq/files/patch-ab b/net/micq/files/patch-ab
new file mode 100644
index 000000000000..5a0048fae593
--- /dev/null
+++ b/net/micq/files/patch-ab
@@ -0,0 +1,11 @@
+--- mreadline.c.orig Tue Jan 23 11:49:05 2001
++++ mreadline.c Wed Jan 24 22:01:31 2001
+@@ -359,7 +359,7 @@
+ break;
+ }
+ }
+- sprintf (s, "%s %s/", message_cmd,
++ snprintf (s, sizeof(s), "%s %s/", message_cmd,
+ tab_array[tab_pointer]);
+ clen = cpos = strlen (s);
+ R_undraw();
diff --git a/net/micq/files/patch-ac b/net/micq/files/patch-ac
new file mode 100644
index 000000000000..b44d774b820c
--- /dev/null
+++ b/net/micq/files/patch-ac
@@ -0,0 +1,11 @@
+--- sendmsg.c.orig Tue Jan 23 11:49:05 2001
++++ sendmsg.c Wed Jan 24 22:02:47 2001
+@@ -977,7 +977,7 @@
+ {
+ char buf[450];
+
+- sprintf( buf, "%s\xFE%s", url, description );
++ snprintf( buf, sizeof(buf), "%s\xFE%s", url, description );
+ icq_sendmsg( sok, uin, buf, URL_MESS );
+ }
+
diff --git a/net/micq/files/patch-ad b/net/micq/files/patch-ad
new file mode 100644
index 000000000000..f4e5d68cd184
--- /dev/null
+++ b/net/micq/files/patch-ad
@@ -0,0 +1,20 @@
+--- util_ui.c.orig Tue Jan 23 11:49:05 2001
++++ util_ui.c Wed Jan 24 22:09:24 2001
+@@ -102,7 +102,7 @@
+ assert( 2048 >= strlen( str ) );
+
+ va_start( args, str );
+- vsprintf( buf, str, args );
++ vsnprintf( buf, sizeof(buf), str, args );
+ k = write( fd, buf, strlen( buf ) );
+ if ( k != strlen( buf ) )
+ {
+@@ -292,7 +292,7 @@
+
+ va_start( args, str );
+ #ifndef CURSES_UI
+- vsprintf( buf, str, args );
++ vsnprintf( buf, sizeof(buf), str, args );
+ str2 = buf;
+ while ( (void *) NULL != ( str1 = strchr( str2, '\x1b' ) ) )
+ {
diff --git a/net/micq/files/patch-ae b/net/micq/files/patch-ae
new file mode 100644
index 000000000000..9b877e48dc8a
--- /dev/null
+++ b/net/micq/files/patch-ae
@@ -0,0 +1,24 @@
+--- icq_response.c.orig Tue Jan 23 11:49:05 2001
++++ icq_response.c Wed Jan 24 22:07:40 2001
+@@ -871,19 +871,12 @@
+ }
+ *tmp = 0;
+ char_conv ("wc",data);
+-// temporaryy fix to buffer overflow
+-// should be solved better -mc
+-// strcpy (url_desc,data);
+- url_desc[0] = '\0';
+- strncat(url_desc,data,sizeof(url_data)-1);
++ strlcpy(url_desc,data,sizeof(url_data));
+
+ tmp++;
+ data = tmp;
+ char_conv ("wc",data);
+-// same apllies here --mc
+-// strcpy (url_data,data);
+- url_data[0] = '\0';
+- strncat (url_data,data,sizeof(url_data)-1);
++ strlcpy(url_data,data,sizeof(url_data));
+
+ // and again
+ // sprintf (message,"Description: %s \n URL: %s",url_desc,url_data);