summaryrefslogtreecommitdiff
path: root/chat/bitchx/patches/patch-ah
diff options
context:
space:
mode:
authortonnerre <tonnerre@pkgsrc.org>2008-07-06 05:16:50 +0000
committertonnerre <tonnerre@pkgsrc.org>2008-07-06 05:16:50 +0000
commitefc5b753309f3cc20336184c6cd5d3fb10c53a3c (patch)
tree0e574ee59a2ed46f9a715918b10b1ee768dc1a43 /chat/bitchx/patches/patch-ah
parent9f491f3153e47d5abb26271a6a9b06501396836a (diff)
downloadpkgsrc-efc5b753309f3cc20336184c6cd5d3fb10c53a3c.tar.gz
Add patches for two longstanding security issues in bitchx:
- CVE-2007-5839: e_hostname uses mktempnam in an unsafe manner. - CVE-2007-4584: p_mode classic buffer overflow using a static string.
Diffstat (limited to 'chat/bitchx/patches/patch-ah')
-rw-r--r--chat/bitchx/patches/patch-ah59
1 files changed, 59 insertions, 0 deletions
diff --git a/chat/bitchx/patches/patch-ah b/chat/bitchx/patches/patch-ah
new file mode 100644
index 00000000000..0ccc33901ab
--- /dev/null
+++ b/chat/bitchx/patches/patch-ah
@@ -0,0 +1,59 @@
+$NetBSD: patch-ah,v 1.3 2008/07/06 05:16:50 tonnerre Exp $
+
+--- source/commands.c.orig 2003-06-11 09:00:41.000000000 +0200
++++ source/commands.c
+@@ -2617,7 +2617,6 @@ BUILT_IN_COMMAND(e_hostname)
+ #if !defined(__linux__) && !defined(BSD) && !defined(__EMX__)
+ bitchsay("Local Host Name is [%s]", (LocalHostName)? LocalHostName: hostname);
+ #elif defined(old_hostname)
+- char filename[81];
+ char comm[200];
+ FILE *fptr;
+ char *p = NULL, *q;
+@@ -2632,34 +2631,29 @@ BUILT_IN_COMMAND(e_hostname)
+ #endif
+ #endif
+
+- tmpnam(filename);
+ #if defined(_BSDI_VERSION) && _BSDI_VERSION < 199701
+ if (!(p = path_search("netstat", "/sbin:/usr/sbin:/bin:/usr/bin")))
+ {
+ yell("No Netstat to be found");
+ return;
+ }
+- sprintf(comm, "%s -in >%s", p, filename);
++ sprintf(comm, "%s -in", p);
+ #elif defined(__EMX__)
+- sprintf(comm, "netstat -a > %s", filename);
++ sprintf(comm, "netstat -a");
+ #else
+ if (!(p = path_search("ifconfig", "/sbin:/usr/sbin:/bin:/usr/bin")))
+ {
+ yell("Can't find ifconfig");
+ return;
+ }
+- sprintf(comm, "%s -a >%s", p, filename);
++ sprintf(comm, "%s -a", p);
+ #endif
+- system(comm);
+
+ #ifdef __EMXPM__
+ pm_seticon(last_input_screen);
+ #endif
+- if ((fptr = fopen(filename, "r")) == NULL)
+- {
+- unlink(filename);
++ if ((fptr = popen(comm, "r")) == NULL)
+ return;
+- }
+ #if defined(_BSDI_VERSION) && _BSDI_VERSION < 199701
+ fgets(comm, 200, fptr);
+ fgets(comm, 200, fptr);
+@@ -2777,7 +2771,6 @@ BUILT_IN_COMMAND(e_hostname)
+ }
+ }
+ fclose(fptr);
+- unlink(filename);
+ for (new = virtuals, i = 1; virtuals; i++)
+ {
+ new = virtuals;