From 23b7eed846db4524ab160a3fd974a013dc95745b Mon Sep 17 00:00:00 2001
From: tonnerre <tonnerre@pkgsrc.org>
Date: Sun, 13 Jul 2008 13:15:29 +0000
Subject: Add a fix for a buffer overflow reading ir commands in balsa.

---
 mail/balsa/Makefile         |  4 ++--
 mail/balsa/distinfo         |  4 ++--
 mail/balsa/patches/patch-ag | 13 +++++++++++--
 3 files changed, 15 insertions(+), 6 deletions(-)

(limited to 'mail/balsa')

diff --git a/mail/balsa/Makefile b/mail/balsa/Makefile
index ab108b8ec0b..5e405bb5c7d 100644
--- a/mail/balsa/Makefile
+++ b/mail/balsa/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.61 2008/06/12 02:14:33 joerg Exp $
+# $NetBSD: Makefile,v 1.62 2008/07/13 13:15:29 tonnerre Exp $
 
 DISTNAME=	balsa-2.3.10
-PKGREVISION=	13
+PKGREVISION=	14
 CATEGORIES=	mail gnome
 MASTER_SITES=	http://balsa.gnome.org/
 EXTRACT_SUFX=	.tar.bz2
diff --git a/mail/balsa/distinfo b/mail/balsa/distinfo
index 743a2c9260f..59623a0a167 100644
--- a/mail/balsa/distinfo
+++ b/mail/balsa/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2007/09/20 20:50:50 wiz Exp $
+$NetBSD: distinfo,v 1.13 2008/07/13 13:15:29 tonnerre Exp $
 
 SHA1 (balsa-2.3.10.tar.bz2) = 74315661721a7b222403988b2af8fbc690c1ddc4
 RMD160 (balsa-2.3.10.tar.bz2) = 2fba2b3ae62e0fa3c3d8092f559f8ab7a488c22c
@@ -8,7 +8,7 @@ SHA1 (patch-ab) = 47083f65d404e64ee238bc3e4f3e25008f5f82c8
 SHA1 (patch-ac) = 808f4546204fbc4a23007291637e4b4ca4175db1
 SHA1 (patch-ae) = fcd0ab1c062018b42469b033a98b4575ee2851f3
 SHA1 (patch-af) = 53e77f5f5df0e05f503713f7be163589c2381f07
-SHA1 (patch-ag) = 47036c9108405f25e862ea6402220a70bd0a0cc9
+SHA1 (patch-ag) = af887dee466e2b0904522e0896cc13bf58fb9d2c
 SHA1 (patch-ah) = 9a17ea3c3f302acf4380c7868ab8c769d9acfc39
 SHA1 (patch-ai) = 44e704eefd63873900609d7c7186469b4b5214d1
 SHA1 (patch-aj) = 4d068d3aa551c11edcc2c7fdc189ebab98a69953
diff --git a/mail/balsa/patches/patch-ag b/mail/balsa/patches/patch-ag
index ec4726d0612..f8d42dbdc47 100644
--- a/mail/balsa/patches/patch-ag
+++ b/mail/balsa/patches/patch-ag
@@ -1,6 +1,6 @@
-$NetBSD: patch-ag,v 1.1 2007/09/20 20:50:53 wiz Exp $
+$NetBSD: patch-ag,v 1.2 2008/07/13 13:15:29 tonnerre Exp $
 
---- libbalsa/imap/imap-handle.c.orig	2005-06-11 10:23:54.000000000 +0200
+--- libbalsa/imap/imap-handle.c.orig	2005-12-03 14:18:37.000000000 +0100
 +++ libbalsa/imap/imap-handle.c
 @@ -20,9 +20,13 @@
  
@@ -16,3 +16,12 @@ $NetBSD: patch-ag,v 1.1 2007/09/20 20:50:53 wiz Exp $
  #include <netdb.h>
  #include <glib.h>
  #include <glib-object.h>
+@@ -2992,7 +2996,7 @@ ir_fetch_seq(ImapMboxHandle *h, unsigned
+   if(seqno<1 || seqno > h->exists) return IMR_PROTOCOL;
+   if(sio_getc(h->sio) != '(') return IMR_PROTOCOL;
+   do {
+-    for(i=0; (c = sio_getc(h->sio)) != -1; i++) {
++    for(i=0; ((c = sio_getc(h->sio)) != -1) && (i < LONG_STRING - 1); i++) {
+       c = toupper(c);
+       if( !( (c >='A' && c<='Z') || (c >='0' && c<='9') || c == '.') ) break;
+       atom[i] = c;
-- 
cgit v1.2.3