Fix for the following:

eggdrop<=1.6.18         arbitrary-code-execution        http://www.eggheads.org/bugzilla/show_bug.cgi?id=462

2 files changed, 32 insertions, 0 deletions

diff --git a/chat/eggdrop/patches/patch-al b/chat/eggdrop/patches/patch-al
new file mode 100644
index 00000000000..8cb99dc681a
--- /dev/null
+++ b/chat/eggdrop/patches/patch-al
@@ -0,0 +1,16 @@
+$NetBSD: patch-al,v 1.1 2007/05/22 16:47:04 lkundrak Exp $
+
+Fix for http://www.eggheads.org/bugzilla/show_bug.cgi?id=462
+
+--- src/mod/irc.mod/chan.c.orig	2007-05-22 18:29:41.000000000 +0200
++++ src/mod/irc.mod/chan.c
+@@ -2204,7 +2204,8 @@ static int gotmsg(char *from, char *msg)
+   if (!chan)
+     return 0;                   /* Private msg to an unknown channel?? */
+   fixcolon(msg);
+-  strcpy(uhost, from);
++  strncpy(uhost, from, UHOSTMAX);
++  uhost[UHOSTMAX] = '\0';
+   nick = splitnick(&uhost);
+   /* Only check if flood-ctcp is active */
+   if (flud_ctcp_thr && detect_avalanche(msg)) {
diff --git a/chat/eggdrop/patches/patch-am b/chat/eggdrop/patches/patch-am
new file mode 100644
index 00000000000..49be3600763
--- /dev/null
+++ b/chat/eggdrop/patches/patch-am
@@ -0,0 +1,16 @@
+$NetBSD: patch-am,v 1.1 2007/05/22 16:47:05 lkundrak Exp $
+
+Fix for http://www.eggheads.org/bugzilla/show_bug.cgi?id=462
+
+--- src/mod/server.mod/servmsg.c.orig	2007-05-22 18:29:49.000000000 +0200
++++ src/mod/server.mod/servmsg.c
+@@ -424,7 +424,8 @@ static int gotmsg(char *from, char *msg)
+   to = newsplit(&msg);
+   fixcolon(msg);
+   /* Only check if flood-ctcp is active */
+-  strcpy(uhost, from);
++  strncpy(uhost, from, UHOSTMAX);
++  uhost[UHOSTMAX] = '\0';
+   nick = splitnick(&uhost);
+   if (flud_ctcp_thr && detect_avalanche(msg)) {
+     if (!ignoring) {