diff options
Diffstat (limited to 'chat/bitchx/patches/patch-al')
| -rw-r--r-- | chat/bitchx/patches/patch-al | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/chat/bitchx/patches/patch-al b/chat/bitchx/patches/patch-al new file mode 100644 index 00000000000..8ba20a1a19f --- /dev/null +++ b/chat/bitchx/patches/patch-al @@ -0,0 +1,54 @@ +$NetBSD: patch-al,v 1.1 2003/03/29 21:20:30 salo Exp $ + +Fixes potential remote buffer overflows. See the following url for more +details: http://securityfocus.com/archive/1/315057 + +Patch by caf@guarana.org. + +--- source/numbers.c.orig 2002-02-28 05:22:50.000000000 +0100 ++++ source/numbers.c 2003-03-29 21:56:55.000000000 +0100 +@@ -354,26 +354,29 @@ + + set_display_target(chan, LOG_CURRENT); + PasteArgs(ArgList, 0); +- strcpy(buffer, ArgList[0]); ++ strlcpy(buffer, ArgList[0], sizeof buffer); + switch(-current_numeric) + { + case 437: +- strcat(buffer, " (Channel is temporarily unavailable)"); ++ strlcat(buffer, ++ " (Channel is temporarily unavailable)", ++ sizeof buffer); + break; + case 471: +- strcat(buffer, " (Channel is full)"); ++ strlcat(buffer, " (Channel is full)", sizeof buffer); + break; + case 473: +- strcat(buffer, " (You must be invited)"); ++ strlcat(buffer, " (You must be invited)", ++ sizeof buffer); + break; + case 474: +- strcat(buffer, " (You are banned)"); ++ strlcat(buffer, " (You are banned)", sizeof buffer); + break; + case 475: +- strcat(buffer, " (Bad channel key)"); ++ strlcat(buffer, " (Bad channel key)", sizeof buffer); + break; + case 476: +- strcat(buffer, " (Bad channel mask)"); ++ strlcat(buffer, " (Bad channel mask)", sizeof buffer); + break; + default: + return; +@@ -385,7 +388,6 @@ + reset_display_target(); + } + +- + int handle_server_stats(char *from, char **ArgList, int comm) + { + static int norm = 0, |