summaryrefslogtreecommitdiff
path: root/chat/centericq
diff options
context:
space:
mode:
authorlkundrak <lkundrak@pkgsrc.org>2007-07-19 00:43:40 +0000
committerlkundrak <lkundrak@pkgsrc.org>2007-07-19 00:43:40 +0000
commitf4a6af73932c8e2123d3afc92516abe30484d98d (patch)
treeac4fb25be3573c4aceb597570a312c5719740aa5 /chat/centericq
parentfe260efa2456c0718cc0d1ff77398d83de42008a (diff)
downloadpkgsrc-f4a6af73932c8e2123d3afc92516abe30484d98d.tar.gz
Fix horrific number of buffer overflows, CVE-2007-3713.
Bump PKGREVISION.
Diffstat (limited to 'chat/centericq')
-rw-r--r--chat/centericq/Makefile4
-rw-r--r--chat/centericq/distinfo9
-rw-r--r--chat/centericq/patches/patch-au31
-rw-r--r--chat/centericq/patches/patch-av41
-rw-r--r--chat/centericq/patches/patch-aw23
-rw-r--r--chat/centericq/patches/patch-ax194
-rw-r--r--chat/centericq/patches/patch-ay46
-rw-r--r--chat/centericq/patches/patch-az108
8 files changed, 448 insertions, 8 deletions
diff --git a/chat/centericq/Makefile b/chat/centericq/Makefile
index 5ca4d916f7b..37b3ea424a2 100644
--- a/chat/centericq/Makefile
+++ b/chat/centericq/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.66 2007/04/15 20:16:41 wiz Exp $
+# $NetBSD: Makefile,v 1.67 2007/07/19 00:43:40 lkundrak Exp $
#
DISTNAME= centericq-4.21.0
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= chat
MASTER_SITES= http://thekonst.net/download/ \
http://centericq.de/archive/source/releases/
diff --git a/chat/centericq/distinfo b/chat/centericq/distinfo
index 440b79bf7d1..74eae919f34 100644
--- a/chat/centericq/distinfo
+++ b/chat/centericq/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.22 2007/02/20 18:45:00 sborrill Exp $
+$NetBSD: distinfo,v 1.23 2007/07/19 00:43:40 lkundrak Exp $
SHA1 (centericq-4.21.0.tar.bz2) = 26b07c4bdcbe8c6888ceab98140b33007bec8554
RMD160 (centericq-4.21.0.tar.bz2) = 69207fcaf5c90b9ae4609221526b839659c5ccfc
@@ -23,4 +23,9 @@ SHA1 (patch-aq) = ce0db172171d874cd35c4b0293ea96f5a580810e
SHA1 (patch-ar) = b06ba8fad9a2dbcfacb0c81e2689cca02a38dd01
SHA1 (patch-as) = 55822a88a4fd17e57a06f0f186a6649fe3e4b092
SHA1 (patch-at) = 7dd7158371940522c7d393ea8d9194c2e4154cf8
-SHA1 (patch-au) = 6e33ed258b9762afc0f2bd0e4e726818f8811619
+SHA1 (patch-au) = 3a1bab4ffc13cc75480a6d249185a07e52bcdf6d
+SHA1 (patch-av) = bf032d4447349d3b4f75c43f58eca3e0342b9f9d
+SHA1 (patch-aw) = 20b682ce67e9d026a1253e2ce7546eea1d924282
+SHA1 (patch-ax) = a96edcc859b30fde6e6577a833005fab8d45eabf
+SHA1 (patch-ay) = 46ca8c7a9828c471aa760089f2271f21c9cf0ce6
+SHA1 (patch-az) = 4542871c64fffb311cc464bc0b25fb59ef2db3b3
diff --git a/chat/centericq/patches/patch-au b/chat/centericq/patches/patch-au
index 6bf7745e3d9..37c4bf1b39b 100644
--- a/chat/centericq/patches/patch-au
+++ b/chat/centericq/patches/patch-au
@@ -1,8 +1,19 @@
-$NetBSD: patch-au,v 1.1 2007/02/20 18:45:00 sborrill Exp $
+$NetBSD: patch-au,v 1.2 2007/07/19 00:43:40 lkundrak Exp $
---- src/hooks/jabberhook.cc.orig 2007-02-20 18:20:36.000000000 +0000
-+++ src/hooks/jabberhook.cc 2007-02-20 18:21:08.000000000 +0000
-@@ -887,11 +887,6 @@
+Part of a fix for CVE-2007-3713.
+
+--- src/hooks/jabberhook.cc.orig 2007-07-19 02:34:54.000000000 +0200
++++ src/hooks/jabberhook.cc
+@@ -36,6 +36,8 @@
+ #define DEFAULT_CONFSERV "conference.jabber.org"
+ #define PERIOD_KEEPALIVE 30
+
++#define NOTIFBUF 512
++
+ static void jidsplit(const string &jid, string &user, string &host, string &rest) {
+ int pos;
+ user = jid;
+@@ -887,11 +889,6 @@ void jabberhook::gotsearchresults(xmlnod
void jabberhook::gotloggedin() {
xmlnode x;
@@ -14,3 +25,15 @@ $NetBSD: patch-au,v 1.1 2007/02/20 18:45:00 sborrill Exp $
x = jutil_iqnew(JPACKET__GET, NS_ROSTER);
xmlnode_put_attrib(x, "id", "Roster");
jab_send(jc, x);
+@@ -1289,8 +1286,9 @@ void jabberhook::gotversion(const imcont
+ if(vinfo.size() > 128)
+ vinfo.erase(128);
+
+- char buf[256];
+- sprintf(buf, _("The remote is using %s"), vinfo.c_str());
++ char buf[NOTIFBUF];
++ snprintf(buf, NOTIFBUF, _("The remote is using %s"), vinfo.c_str());
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(ic, buf));
+ }
+ }
diff --git a/chat/centericq/patches/patch-av b/chat/centericq/patches/patch-av
new file mode 100644
index 00000000000..43045cc7ab3
--- /dev/null
+++ b/chat/centericq/patches/patch-av
@@ -0,0 +1,41 @@
+$NetBSD: patch-av,v 1.1 2007/07/19 00:43:40 lkundrak Exp $
+
+--- src/hooks/abstracthook.cc.orig 2007-07-19 02:24:38.000000000 +0200
++++ src/hooks/abstracthook.cc
+@@ -40,6 +40,8 @@
+
+ #include <time.h>
+
++#define NOTIFBUF 512
++
+ time_t timer_current = time(0);
+
+ abstracthook::abstracthook(protocolname aproto)
+@@ -339,7 +341,7 @@ bool abstracthook::regattempt(unsigned i
+
+ void abstracthook::log(logevent ev, ...) {
+ va_list ap;
+- char buf[512];
++ char buf[NOTIFBUF];
+ static map<logevent, string> lst;
+
+ if(lst.empty()) {
+@@ -354,7 +356,8 @@ void abstracthook::log(logevent ev, ...)
+ }
+
+ va_start(ap, ev);
+- vsprintf(buf, lst[ev].c_str(), ap);
++ vsnprintf(buf, NOTIFBUF, lst[ev].c_str(), ap);
++ buf[NOTIFBUF-1] = '\0';
+ va_end(ap);
+
+ face.log((string) "+ [" + conf.getprotocolname(proto) + "] " + buf);
+@@ -751,7 +754,7 @@ string abstracthook::getTimezoneIDtoStri
+ if(id > 24 || id < -24) {
+ return "Unspecified";
+ } else {
+- char buf[32];
++ static char buf[32];
+ sprintf(buf, "GMT %s%d:%s", id > 0 ? "-" : "+", abs(id/2), id % 2 == 0 ? "00" : "30");
+ return buf;
+ }
diff --git a/chat/centericq/patches/patch-aw b/chat/centericq/patches/patch-aw
new file mode 100644
index 00000000000..bd53677ca06
--- /dev/null
+++ b/chat/centericq/patches/patch-aw
@@ -0,0 +1,23 @@
+$NetBSD: patch-aw,v 1.1 2007/07/19 00:43:42 lkundrak Exp $
+
+--- src/hooks/aimhook.cc.orig 2007-07-19 02:24:38.000000000 +0200
++++ src/hooks/aimhook.cc
+@@ -32,6 +32,8 @@
+ #include "imlogger.h"
+ #include "eventmanager.h"
+
++#define NOTIFBUF 512
++
+ aimhook ahook;
+
+ aimhook::aimhook()
+@@ -293,7 +295,8 @@ void aimhook::loadprofile() {
+
+ if(access(fname.c_str(), R_OK)) {
+ char sbuf[512];
+- sprintf(sbuf, _("I do really enjoy the default AIM profile of centericq %s."), VERSION);
++ snprintf(sbuf, 512, _("I do really enjoy the default AIM profile of centericq %s."), VERSION);
++ sbuf[511] = '\0';
+ profile.info = sbuf;
+ saveprofile();
+ }
diff --git a/chat/centericq/patches/patch-ax b/chat/centericq/patches/patch-ax
new file mode 100644
index 00000000000..bc91353ccc8
--- /dev/null
+++ b/chat/centericq/patches/patch-ax
@@ -0,0 +1,194 @@
+$NetBSD: patch-ax,v 1.1 2007/07/19 00:43:42 lkundrak Exp $
+
+Part of a fix for CVE-2007-3713.
+
+--- src/hooks/irchook.cc.orig 2007-07-19 02:24:38.000000000 +0200
++++ src/hooks/irchook.cc
+@@ -35,6 +35,8 @@
+
+ #include <iterator>
+
++#define NOTIFBUF 512
++
+ // ----------------------------------------------------------------------------
+
+ irchook irhook;
+@@ -609,11 +611,12 @@ void irchook::rawcommand(const string &c
+
+ void irchook::channelfatal(string room, const char *fmt, ...) {
+ va_list ap;
+- char buf[1024];
++ char buf[NOTIFBUF];
+ vector<channelInfo>::iterator i;
+
+ va_start(ap, fmt);
+- vsprintf(buf, fmt, ap);
++ vsnprintf(buf, NOTIFBUF, fmt, ap);
++ buf[NOTIFBUF-1] = '\0';
+ va_end(ap);
+
+ if(room.substr(0, 1) != "#")
+@@ -1196,7 +1199,7 @@ void irchook::errorhandler(void *connect
+ void irchook::nickchanged(void *connection, void *cli, ...) {
+ va_list ap;
+ icqcontact *c;
+- char buf[100];
++ char buf[NOTIFBUF];
+
+ va_start(ap, cli);
+ char *oldnick = va_arg(ap, char *);
+@@ -1218,7 +1221,8 @@ void irchook::nickchanged(void *connecti
+
+ }
+
+- sprintf(buf, _("The user has changed their nick from %s to %s"), oldnick, newnick);
++ snprintf(buf, NOTIFBUF, _("The user has changed their nick from %s to %s"), oldnick, newnick);
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(c, buf));
+ }
+ }
+@@ -1254,18 +1258,20 @@ const char * const command, const char *
+
+ void irchook::subreply(void *conn, void *cli, const char * const nick,
+ const char * const command, const char * const args) {
+- char buf[512];
++ char buf[NOTIFBUF];
+
+ if(!strcmp(command, "PING")) {
+ map<string, time_t>::iterator i = irhook.pingtime.find(up(nick));
+
+ if(i != irhook.pingtime.end()) {
+- sprintf(buf, _("PING reply from the user: %d second(s)"), time(0)-i->second);
++ snprintf(buf, NOTIFBUF, _("PING reply from the user: %d second(s)"), time(0)-i->second);
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(imcontact(nick, irc), buf));
+ }
+
+ } else if(!strcmp(command, "VERSION")) {
+- sprintf(buf, _("The remote is using %s"), args);
++ snprintf(buf, NOTIFBUF, _("The remote is using %s"), args);
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(imcontact(nick, irc), buf));
+
+ }
+@@ -1378,8 +1384,9 @@ void irchook::chatuserjoined(void *conn,
+ if(strlen(email))
+ uname += (string) " (" + email + ")";
+
+- char buf[512];
+- sprintf(buf, _("%s has joined."), uname.c_str());
++ char buf[NOTIFBUF];
++ snprintf(buf, NOTIFBUF, _("%s has joined."), uname.c_str());
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(imcontact(room, irc), buf));
+ }
+ }
+@@ -1395,14 +1402,16 @@ void irchook::chatuserleft(void *conn, v
+
+ if(conf.getourid(irc).nickname != who) {
+ string text;
+- char buf[512];
++ char buf[NOTIFBUF];
+
+- sprintf(buf, _("%s has left"), who); text = buf;
++ snprintf(buf, NOTIFBUF, _("%s has left"), who); text = buf;
++ buf[NOTIFBUF-1] = '\0';
+
+ if(reason)
+ if(strlen(reason)) {
+ if(strlen(reason) > 450) reason[450] = 0;
+- sprintf(buf, _("reason: %s"), reason);
++ snprintf(buf, NOTIFBUF, _("reason: %s"), reason);
++ buf[NOTIFBUF-1] = '\0';
+ text += (string) "; " + buf + ".";
+ }
+
+@@ -1422,13 +1431,15 @@ void irchook::chatuserkicked(void *conn,
+
+ if(conf.getourid(irc).nickname != who) {
+ string text;
+- char buf[512];
++ char buf[NOTIFBUF];
+
+- sprintf(buf, _("%s has been kicked by %s"), who, by); text = buf;
++ snprintf(buf, NOTIFBUF, _("%s has been kicked by %s"), who, by); text = buf;
++ buf[NOTIFBUF-1] = '\0';
+
+ if(reason)
+ if(strlen(reason)) {
+- sprintf(buf, _("reason: %s"), reason);
++ snprintf(buf, NOTIFBUF, _("reason: %s"), reason);
++ buf[NOTIFBUF-1] = '\0';
+ text += (string) "; " + buf + ".";
+ }
+
+@@ -1451,13 +1462,15 @@ void irchook::chatgottopic(void *conn, v
+ return;
+
+ string text;
+- char buf[1024];
+- sprintf(buf, _("Channel topic now is: %s"), topic);
++ char buf[NOTIFBUF];
++ snprintf(buf, NOTIFBUF, _("Channel topic now is: %s"), topic);
++ buf[NOTIFBUF-1] = '\0';
+ text = buf;
+
+ if(author)
+ if(strlen(author)) {
+- sprintf(buf, _("set by %s"), author);
++ snprintf(buf, NOTIFBUF, _("set by %s"), author);
++ buf[NOTIFBUF-1] = '\0';
+ text += (string) "; " + buf + ".";
+ }
+
+@@ -1474,8 +1487,9 @@ void irchook::chatuseropped(void *conn,
+ va_end(ap);
+
+ if(by) {
+- char buf[512];
+- sprintf(buf, _("%s has been opped by %s."), who, by);
++ char buf[NOTIFBUF];
++ snprintf(buf, NOTIFBUF, _("%s has been opped by %s."), who, by);
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(imcontact(room, irc), buf));
+ }
+ }
+@@ -1490,8 +1504,9 @@ void irchook::chatuserdeopped(void *conn
+ va_end(ap);
+
+ if(by) {
+- char buf[512];
+- sprintf(buf, _("%s has been deopped by %s."), who, by);
++ char buf[NOTIFBUF];
++ snprintf(buf, NOTIFBUF, _("%s has been deopped by %s."), who, by);
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(imcontact(room, irc), buf));
+ }
+ }
+@@ -1504,10 +1519,10 @@ void irchook::chatopped(void *conn, void
+ char *by = va_arg(ap, char *);
+ va_end(ap);
+
+- char buf[512];
+- if(by) sprintf(buf, _("%s has opped us."), by);
+- else strcpy(buf, _("you are an op here"));
+-
++ char buf[NOTIFBUF];
++ if(by) snprintf(buf, NOTIFBUF, _("%s has opped us."), by);
++ else strncpy(buf, _("you are an op here"), NOTIFBUF);
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(imcontact(room, irc), buf));
+ }
+
+@@ -1519,8 +1534,9 @@ void irchook::chatdeopped(void *conn, vo
+ char *by = va_arg(ap, char *);
+ va_end(ap);
+
+- char buf[512];
+- sprintf(buf, _("%s has deopped us."), by);
++ char buf[NOTIFBUF];
++ snprintf(buf, NOTIFBUF, _("%s has deopped us."), by);
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(imcontact(room, irc), buf));
+ }
+
diff --git a/chat/centericq/patches/patch-ay b/chat/centericq/patches/patch-ay
new file mode 100644
index 00000000000..89cbfca290f
--- /dev/null
+++ b/chat/centericq/patches/patch-ay
@@ -0,0 +1,46 @@
+$NetBSD: patch-ay,v 1.1 2007/07/19 00:43:43 lkundrak Exp $
+
+Part of a fix for CVE-2007-3713.
+
+--- src/hooks/ljhook.cc.orig 2005-01-07 02:27:04.000000000 +0100
++++ src/hooks/ljhook.cc
+@@ -37,6 +37,8 @@ ljhook lhook;
+
+ #define PERIOD_FRIENDS 3600
+
++#define NOTIFBUF 512
++
+ ljhook::ljhook(): abstracthook(livejournal), fonline(false), sdest(0) {
+ fcapabs.insert(hookcapab::nochat);
+ }
+@@ -654,7 +656,7 @@ void ljhook::messageack_cb(MessageEvent
+ map<string, string> nfriendof;
+ map<string, string>::const_iterator in;
+ vector<string>::iterator il;
+- char buf[512];
++ char buf[NOTIFBUF];
+
+ for(i = 1; i <= count; i++) {
+ username = params[(string) "friendof_" + i2str(i) + "_user"];
+@@ -669,8 +671,9 @@ void ljhook::messageack_cb(MessageEvent
+ if(!foempty) {
+ bd = (string) "http://" + conf.getourid(proto).server + "/users/" + in->first;
+
+- sprintf(buf, _("The user %s (%s) has added you to his/her friend list\n\nJournal address: %s"),
++ snprintf(buf, NOTIFBUF, _("The user %s (%s) has added you to his/her friend list\n\nJournal address: %s"),
+ in->first.c_str(), in->second.c_str(), bd.c_str());
++ buf[NOTIFBUF-1] = '\0';
+
+ em.store(imnotification(self, buf));
+ }
+@@ -679,8 +682,9 @@ void ljhook::messageack_cb(MessageEvent
+ for(il = friendof.begin(); il != friendof.end(); ) {
+ if(nfriendof.find(*il) == nfriendof.end()) {
+ bd = (string) "http://" + conf.getourid(proto).server + "/users/" + *il;
+- sprintf(buf, _("The user %s has removed you from his/her friend list\n\nJournal address: %s"),
++ snprintf(buf, NOTIFBUF, _("The user %s has removed you from his/her friend list\n\nJournal address: %s"),
+ il->c_str(), bd.c_str());
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(self, buf));
+ friendof.erase(il);
+ il = friendof.begin();
diff --git a/chat/centericq/patches/patch-az b/chat/centericq/patches/patch-az
new file mode 100644
index 00000000000..c17a7fa1491
--- /dev/null
+++ b/chat/centericq/patches/patch-az
@@ -0,0 +1,108 @@
+$NetBSD: patch-az,v 1.1 2007/07/19 00:43:43 lkundrak Exp $
+
+Part of a fix for CVE-2007-3713.
+
+--- src/hooks/yahoohook.cc.orig 2007-07-19 02:24:38.000000000 +0200
++++ src/hooks/yahoohook.cc
+@@ -47,6 +47,8 @@
+ #define PERIOD_REFRESH 60
+ #define PERIOD_CLOSE 6
+
++#define NOTIFBUF 512
++
+ int yahoohook::yfd::connection_tags = 0;
+
+ char pager_host[255], pager_port[255], filetransfer_host[255],
+@@ -844,7 +846,7 @@ void yahoohook::got_conf_invite(int id,
+ icqconf::imaccount acc = conf.getourid(yahoo);
+ string confname = (string) "#" + room, inviter, text;
+ vector<string>::iterator ic;
+- char buf[1024];
++ char buf[NOTIFBUF];
+ int i;
+
+ imcontact cont(confname, yahoo);
+@@ -856,10 +858,11 @@ void yahoohook::got_conf_invite(int id,
+ inviter.erase(i);
+ }
+
+- sprintf(buf, _("The user %s has invited you to the %s conference, the topic there is: %s"),
++ snprintf(buf, NOTIFBUF, _("The user %s has invited you to the %s conference, the topic there is: %s"),
+ yhook.rusconv("wk", inviter).c_str(),
+ yhook.rusconv("wk", room).c_str(),
+ yhook.rusconv("wk", msg).c_str());
++ buf[NOTIFBUF-1] = '\0';
+
+ text = (string) buf + "\n\n" + _("Current conference members are: ");
+ yhook.confmembers[room].push_back(inviter);
+@@ -888,20 +891,22 @@ void yahoohook::got_conf_invite(int id,
+
+ void yahoohook::conf_userdecline(int id, char *who, char *room, char *msg) {
+ icqcontact *c = clist.get(imcontact((string) "#" + room, yahoo));
+- char buf[512];
++ char buf[NOTIFBUF];
+
+ if(c) {
+- sprintf(buf, _("The user %s has declined your invitation to join the conference"), who);
++ snprintf(buf, NOTIFBUF, _("The user %s has declined your invitation to join the conference"), who);
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(c, buf));
+ }
+ }
+
+ void yahoohook::conf_userjoin(int id, char *who, char *room) {
+ icqcontact *c = clist.get(imcontact((string) "#" + room, yahoo));
+- char buf[512];
++ char buf[NOTIFBUF];
+
+ if(c) {
+- sprintf(buf, _("The user %s has joined the conference"), who);
++ snprintf(buf, NOTIFBUF, _("The user %s has joined the conference"), who);
++ buf[NOTIFBUF-1] = '\0';
+
+ if(find(yhook.confmembers[room].begin(), yhook.confmembers[room].end(), who) == yhook.confmembers[room].end())
+ yhook.confmembers[room].push_back(who);
+@@ -912,11 +917,12 @@ void yahoohook::conf_userjoin(int id, ch
+
+ void yahoohook::conf_userleave(int id, char *who, char *room) {
+ icqcontact *c = clist.get(imcontact((string) "#" + room, yahoo));
+- char buf[512];
++ char buf[NOTIFBUF];
+ vector<string>::iterator im;
+
+ if(c) {
+- sprintf(buf, _("The user %s has left the conference"), who);
++ snprintf(buf, NOTIFBUF, _("The user %s has left the conference"), who);
++ buf[NOTIFBUF-1] = '\0';
+ em.store(imnotification(c, buf));
+
+ im = find(yhook.confmembers[room].begin(), yhook.confmembers[room].end(), who);
+@@ -981,10 +987,11 @@ void yahoohook::game_notify(int id, char
+ }
+
+ void yahoohook::mail_notify(int id, char *from, char *subj, int cnt) {
+- char buf[1024];
++ char buf[NOTIFBUF];
+
+ if(from && subj) {
+- sprintf(buf, _("+ [yahoo] e-mail from %s, %s"), from, subj);
++ snprintf(buf, NOTIFBUF, _("+ [yahoo] e-mail from %s, %s"), from, subj);
++ buf[NOTIFBUF-1] = '\0';
+ face.log(buf);
+ clist.get(contactroot)->playsound(imevent::email);
+ }
+@@ -1138,11 +1145,12 @@ void yahoohook::webcam_data_request(int
+
+ int yahoohook::ylog(char *fmt, ...) {
+ if(conf.getdebug()) {
+- char buf[512];
++ char buf[NOTIFBUF];
+ va_list ap;
+
+ va_start(ap, fmt);
+- vsprintf(buf, fmt, ap);
++ vsnprintf(buf, NOTIFBUF, fmt, ap);
++ buf[NOTIFBUF-1] = '\0';
+ va_end(ap);
+
+ face.log(buf);