- Update port to 0.4.6p1 (fixes remote buffer overflow)

- Add some additional buffer checks
author: Chris D. Faulhaber <jedgar@FreeBSD.org> 2001-01-25 03:19:53 +0000
committer: Chris D. Faulhaber <jedgar@FreeBSD.org> 2001-01-25 03:19:53 +0000
commit: 086070ab8556188fab9f146c914d269602e5caa4 (patch)
tree: cf3d923b518ab041b2e40d8ad34743ef5f64f217 /net-im/climm
parent: c0bf4310df1baf0c33478edcc0d5c683770bf22e (diff)
download: ports-086070ab8556188fab9f146c914d269602e5caa4.tar.gz
ports-086070ab8556188fab9f146c914d269602e5caa4.zip
7 files changed, 84 insertions, 16 deletions
diff --git a/net-im/climm/Makefile b/net-im/climm/Makefile
index b9840e2f6ac8..1e66b15d57bf 100644
--- a/net-im/climm/Makefile
+++ b/net-im/climm/Makefile
@@ -6,21 +6,22 @@
 #
 
 PORTNAME=	micq
-PORTVERSION=	0.4.6
+PORTVERSION=	0.4.6.1
 CATEGORIES=	net
-MASTER_SITES=   ftp://micq.chatzone.org/pub/micq/V${PORTVERSION}/
+MASTER_SITES=   http://micq.ukeer.de/source/
+DISTNAME=	${PORTNAME}-${PORTVERSION:S/1/p1/}
 EXTRACT_SUFX=	.tgz
 
 MAINTAINER=	ports@freebsd.org
 
-FORBIDDEN=	"Remote buffer overflow"
+WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION:S/.1/-p1/}/src
 
 do-install:
 		${INSTALL_PROGRAM} ${WRKSRC}/micq ${PREFIX}/bin
 .if !defined(NOPORTDOCS)
 		${MKDIR} ${PREFIX}/share/doc/micq
-		${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/micq
-		${INSTALL_DATA} ${WRKSRC}/CHANGELOG ${PREFIX}/share/doc/micq
+		${INSTALL_DATA} ${WRKSRC}/../README ${PREFIX}/share/doc/micq
+		${INSTALL_DATA} ${WRKSRC}/../CHANGELOG ${PREFIX}/share/doc/micq
 .endif
 
 .include <bsd.port.mk>
diff --git a/net-im/climm/distinfo b/net-im/climm/distinfo
index 9804ac927819..f3782ef44773 100644
--- a/net-im/climm/distinfo
+++ b/net-im/climm/distinfo
@@ -1 +1 @@
-MD5 (micq-0.4.6.tgz) = d6b0b09eaf12e722c12ac14d115e49bf
+MD5 (micq-0.4.6.p1.tgz) = 2ea6df0f96606e9c74cace21dd8d39cd
diff --git a/net-im/climm/files/patch-aa b/net-im/climm/files/patch-aa
index 777dc8b9f921..296b89535428 100644
--- a/net-im/climm/files/patch-aa
+++ b/net-im/climm/files/patch-aa
@@ -1,12 +1,13 @@
---- Makefile.orig	Mon Jul  3 02:10:31 2000
-+++ Makefile	Mon Jul  3 02:12:24 2000
-@@ -5,8 +5,7 @@
- # Most options that were here and soem that weren't have been moved to config.h
- # edit that file to set up options.
- #
+--- Makefile.orig	Tue Jan 23 11:49:05 2001
++++ Makefile	Wed Jan 24 20:28:41 2001
+@@ -2,8 +2,8 @@
+ # originally by Matt D. Smith
+ # rewritten by  Rico Gloeckner <mc@verdinet.de>
+ 
 -CC = gcc
 -CFLAGS = -O4 -Wall -DUNIX 
-+CFLAGS += -Wall -DUNIX 
- CFLAGS += -DENGLISH_LANG
- #CFLAGS += -DBULGARIAN_LANG
- #CFLAGS += -DPOLISH_LANG
++CC?= gcc
++CFLAGS+= -Wall -DUNIX 
+ 
+ # uncomment the line below for debuging info
+ #CFLAGS += -g
diff --git a/net-im/climm/files/patch-ab b/net-im/climm/files/patch-ab
new file mode 100644
index 000000000000..5a0048fae593
--- /dev/null
+++ b/net-im/climm/files/patch-ab
@@ -0,0 +1,11 @@
+--- mreadline.c.orig	Tue Jan 23 11:49:05 2001
++++ mreadline.c	Wed Jan 24 22:01:31 2001
+@@ -359,7 +359,7 @@
+               break;
+            }
+         }
+-	sprintf (s, "%s %s/", message_cmd,
++	snprintf (s, sizeof(s), "%s %s/", message_cmd,
+ 		tab_array[tab_pointer]);
+ 	clen = cpos = strlen (s);
+ 	R_undraw();
diff --git a/net-im/climm/files/patch-ac b/net-im/climm/files/patch-ac
new file mode 100644
index 000000000000..b44d774b820c
--- /dev/null
+++ b/net-im/climm/files/patch-ac
@@ -0,0 +1,11 @@
+--- sendmsg.c.orig	Tue Jan 23 11:49:05 2001
++++ sendmsg.c	Wed Jan 24 22:02:47 2001
+@@ -977,7 +977,7 @@
+ {
+    char buf[450];
+    
+-   sprintf( buf, "%s\xFE%s", url, description );
++   snprintf( buf, sizeof(buf), "%s\xFE%s", url, description );
+    icq_sendmsg( sok, uin, buf, URL_MESS );
+ }
+ 
diff --git a/net-im/climm/files/patch-ad b/net-im/climm/files/patch-ad
new file mode 100644
index 000000000000..f4e5d68cd184
--- /dev/null
+++ b/net-im/climm/files/patch-ad
@@ -0,0 +1,20 @@
+--- util_ui.c.orig	Tue Jan 23 11:49:05 2001
++++ util_ui.c	Wed Jan 24 22:09:24 2001
+@@ -102,7 +102,7 @@
+    assert( 2048 >= strlen( str ) );
+    
+    va_start( args, str );
+-   vsprintf( buf, str, args );
++   vsnprintf( buf, sizeof(buf), str, args );
+    k = write( fd, buf, strlen( buf ) );
+    if ( k != strlen( buf ) )
+    {
+@@ -292,7 +292,7 @@
+    
+    va_start( args, str );
+ #ifndef CURSES_UI
+-   vsprintf( buf, str, args );
++   vsnprintf( buf, sizeof(buf), str, args );
+    str2 = buf;
+    while ( (void *) NULL != ( str1 = strchr( str2, '\x1b' ) ) )
+    {
diff --git a/net-im/climm/files/patch-ae b/net-im/climm/files/patch-ae
new file mode 100644
index 000000000000..9b877e48dc8a
--- /dev/null
+++ b/net-im/climm/files/patch-ae
@@ -0,0 +1,24 @@
+--- icq_response.c.orig	Tue Jan 23 11:49:05 2001
++++ icq_response.c	Wed Jan 24 22:07:40 2001
+@@ -871,19 +871,12 @@
+       }
+       *tmp = 0;
+       char_conv ("wc",data);
+-// temporaryy fix to buffer overflow
+-// should be solved better -mc
+-//      strcpy (url_desc,data);
+-      url_desc[0] = '\0';
+-      strncat(url_desc,data,sizeof(url_data)-1);
++      strlcpy(url_desc,data,sizeof(url_data));
+ 
+       tmp++;
+       data = tmp;
+       char_conv ("wc",data);
+-// same apllies here --mc
+-//      strcpy (url_data,data);
+-      url_data[0] = '\0';
+-      strncat (url_data,data,sizeof(url_data)-1);
++      strlcpy(url_data,data,sizeof(url_data));
+ 
+ // and again
+ //      sprintf (message,"Description: %s \n                          URL: %s",url_desc,url_data);
author	Chris D. Faulhaber <jedgar@FreeBSD.org>	2001-01-25 03:19:53 +0000
committer	Chris D. Faulhaber <jedgar@FreeBSD.org>	2001-01-25 03:19:53 +0000
commit	086070ab8556188fab9f146c914d269602e5caa4 (patch)
tree	cf3d923b518ab041b2e40d8ad34743ef5f64f217 /net-im/climm
parent	c0bf4310df1baf0c33478edcc0d5c683770bf22e (diff)
download	ports-086070ab8556188fab9f146c914d269602e5caa4.tar.gz ports-086070ab8556188fab9f146c914d269602e5caa4.zip