Fix buffer overflow in Socks 5 code, bump package revision.

3 files changed, 26 insertions, 3 deletions

diff --git a/chat/xchat/Makefile.common b/chat/xchat/Makefile.common
index dd928cd1c56..af8bdc2bc82 100644
--- a/chat/xchat/Makefile.common
+++ b/chat/xchat/Makefile.common
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile.common,v 1.26 2004/04/14 16:15:21 jmmv Exp $
+# $NetBSD: Makefile.common,v 1.27 2004/04/14 21:27:25 tron Exp $
 
 DISTNAME=	xchat-1.8.11
-PKGREVISION=	6
+PKGREVISION=	7
 CATEGORIES=	chat x11
 MASTER_SITES=	${HOMEPAGE}files/source/1.8/
 EXTRACT_SUFX=	.tar.bz2
diff --git a/chat/xchat/distinfo b/chat/xchat/distinfo
index 6dc0bb4c93d..ccff2821fd6 100644
--- a/chat/xchat/distinfo
+++ b/chat/xchat/distinfo
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.20 2003/01/12 21:49:07 tron Exp $
+$NetBSD: distinfo,v 1.21 2004/04/14 21:27:25 tron Exp $
 
 SHA1 (xchat-1.8.11.tar.bz2) = 331afd74bc20797c0dec1a7e32fe014efe6cdc0a
 Size (xchat-1.8.11.tar.bz2) = 850453 bytes
+SHA1 (patch-aa) = 1e9c5159fb241f79df26f8a4ce5f897faaa9052f
 SHA1 (patch-ad) = 7dec0bd4107febc923031b80b75a1a8a36b0255b
 SHA1 (patch-ae) = baee878728bb33317258e43919ccabfcf3fd2f4a
diff --git a/chat/xchat/patches/patch-aa b/chat/xchat/patches/patch-aa
new file mode 100644
index 00000000000..9ef97e40edf
--- /dev/null
+++ b/chat/xchat/patches/patch-aa
@@ -0,0 +1,22 @@
+$NetBSD: patch-aa,v 1.8 2004/04/14 21:27:25 tron Exp $
+
+--- src/common/server.c.orig	Tue Dec  3 08:06:31 2002
++++ src/common/server.c	Wed Apr 14 23:18:45 2004
+@@ -837,7 +837,7 @@
+ 	struct sock5_connect1 sc1;
+ 	unsigned char *sc2;
+ 	unsigned int packetlen, addrlen;
+-	unsigned char buf[10];
++	unsigned char buf[260];
+ 
+ 	sc1.version = 5;
+ 	sc1.nmethods = 1;
+@@ -878,7 +878,7 @@
+ 	{
+ 		if (recv (sok, buf, 1, 0) != 1)
+ 			return 1;
+-		packetlen = buf[0] + 2;
++		packetlen = buf[0] + 2;	/* can't exceed 260 */
+ 		if (recv (sok, buf, packetlen, 0) != packetlen)
+ 			return 1;
+ 	}