diff options
| author | lkundrak <lkundrak@pkgsrc.org> | 2007-05-22 16:47:04 +0000 |
|---|---|---|
| committer | lkundrak <lkundrak@pkgsrc.org> | 2007-05-22 16:47:04 +0000 |
| commit | 05a0387fdbcdc1611d59e3bfb0f0fef9cd9333fd (patch) | |
| tree | 9f9401e5e5aad16a96c671ffaa018aae43ce039e /chat/eggdrop | |
| parent | c466f410c01fc1f0086bf45253e6f0ae430f2a14 (diff) | |
| download | pkgsrc-05a0387fdbcdc1611d59e3bfb0f0fef9cd9333fd.tar.gz | |
Fix for the following:
eggdrop<=1.6.18 arbitrary-code-execution http://www.eggheads.org/bugzilla/show_bug.cgi?id=462
Diffstat (limited to 'chat/eggdrop')
| -rw-r--r-- | chat/eggdrop/Makefile | 3 | ||||
| -rw-r--r-- | chat/eggdrop/distinfo | 4 | ||||
| -rw-r--r-- | chat/eggdrop/patches/patch-al | 16 | ||||
| -rw-r--r-- | chat/eggdrop/patches/patch-am | 16 |
4 files changed, 37 insertions, 2 deletions
diff --git a/chat/eggdrop/Makefile b/chat/eggdrop/Makefile index 4754c8586d2..921cbfbdb64 100644 --- a/chat/eggdrop/Makefile +++ b/chat/eggdrop/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.25 2007/02/22 19:26:11 wiz Exp $ +# $NetBSD: Makefile,v 1.26 2007/05/22 16:47:04 lkundrak Exp $ DISTNAME= eggdrop1.6.17 PKGNAME= eggdrop-1.6.17 +PKGREVISION= 1 CATEGORIES= chat MASTER_SITES= ftp://ftp.eggheads.org/pub/eggdrop/source/1.6/ EXTRACT_SUFX= .tar.bz2 diff --git a/chat/eggdrop/distinfo b/chat/eggdrop/distinfo index f892c241ad1..233e004ff2c 100644 --- a/chat/eggdrop/distinfo +++ b/chat/eggdrop/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.10 2005/12/01 20:42:42 joerg Exp $ +$NetBSD: distinfo,v 1.11 2007/05/22 16:47:04 lkundrak Exp $ SHA1 (eggdrop1.6.17.tar.bz2) = 0e8a0b5506dde4a99f2be9f0700d6da65f54357f RMD160 (eggdrop1.6.17.tar.bz2) = 206d6d055b8efa66fde4a79c4cb3eacc4418ff01 @@ -13,3 +13,5 @@ SHA1 (patch-ag) = 61a030dc33de4f78cb19653035bebf7661f57c50 SHA1 (patch-ah) = a5360c748e16cbc3d6ae4f2968799e96007971f1 SHA1 (patch-ai) = ee0cfe95a1aa9a883fd95db0fbc0cef60deb8e3a SHA1 (patch-ak) = 92f269a3f382a9f917d7e58c2cee5bb1d500ab6d +SHA1 (patch-al) = 744ef092d0a25d4a267a968f139468361bda4f7d +SHA1 (patch-am) = 19df141bab53fb1079f76fe6d880a44778c50c68 diff --git a/chat/eggdrop/patches/patch-al b/chat/eggdrop/patches/patch-al new file mode 100644 index 00000000000..8cb99dc681a --- /dev/null +++ b/chat/eggdrop/patches/patch-al @@ -0,0 +1,16 @@ +$NetBSD: patch-al,v 1.1 2007/05/22 16:47:04 lkundrak Exp $ + +Fix for http://www.eggheads.org/bugzilla/show_bug.cgi?id=462 + +--- src/mod/irc.mod/chan.c.orig 2007-05-22 18:29:41.000000000 +0200 ++++ src/mod/irc.mod/chan.c +@@ -2204,7 +2204,8 @@ static int gotmsg(char *from, char *msg) + if (!chan) + return 0; /* Private msg to an unknown channel?? */ + fixcolon(msg); +- strcpy(uhost, from); ++ strncpy(uhost, from, UHOSTMAX); ++ uhost[UHOSTMAX] = '\0'; + nick = splitnick(&uhost); + /* Only check if flood-ctcp is active */ + if (flud_ctcp_thr && detect_avalanche(msg)) { diff --git a/chat/eggdrop/patches/patch-am b/chat/eggdrop/patches/patch-am new file mode 100644 index 00000000000..49be3600763 --- /dev/null +++ b/chat/eggdrop/patches/patch-am @@ -0,0 +1,16 @@ +$NetBSD: patch-am,v 1.1 2007/05/22 16:47:05 lkundrak Exp $ + +Fix for http://www.eggheads.org/bugzilla/show_bug.cgi?id=462 + +--- src/mod/server.mod/servmsg.c.orig 2007-05-22 18:29:49.000000000 +0200 ++++ src/mod/server.mod/servmsg.c +@@ -424,7 +424,8 @@ static int gotmsg(char *from, char *msg) + to = newsplit(&msg); + fixcolon(msg); + /* Only check if flood-ctcp is active */ +- strcpy(uhost, from); ++ strncpy(uhost, from, UHOSTMAX); ++ uhost[UHOSTMAX] = '\0'; + nick = splitnick(&uhost); + if (flud_ctcp_thr && detect_avalanche(msg)) { + if (!ignoring) { |