head 1.4; access; symbols pkgsrc-2015Q3:1.3.0.64 pkgsrc-2015Q3-base:1.3 pkgsrc-2015Q2:1.3.0.62 pkgsrc-2015Q2-base:1.3 pkgsrc-2015Q1:1.3.0.60 pkgsrc-2015Q1-base:1.3 pkgsrc-2014Q4:1.3.0.58 pkgsrc-2014Q4-base:1.3 pkgsrc-2014Q3:1.3.0.56 pkgsrc-2014Q3-base:1.3 pkgsrc-2014Q2:1.3.0.54 pkgsrc-2014Q2-base:1.3 pkgsrc-2014Q1:1.3.0.52 pkgsrc-2014Q1-base:1.3 pkgsrc-2013Q4:1.3.0.50 pkgsrc-2013Q4-base:1.3 pkgsrc-2013Q3:1.3.0.48 pkgsrc-2013Q3-base:1.3 pkgsrc-2013Q2:1.3.0.46 pkgsrc-2013Q2-base:1.3 pkgsrc-2013Q1:1.3.0.44 pkgsrc-2013Q1-base:1.3 pkgsrc-2012Q4:1.3.0.42 pkgsrc-2012Q4-base:1.3 pkgsrc-2012Q3:1.3.0.40 pkgsrc-2012Q3-base:1.3 pkgsrc-2012Q2:1.3.0.38 pkgsrc-2012Q2-base:1.3 pkgsrc-2012Q1:1.3.0.36 pkgsrc-2012Q1-base:1.3 pkgsrc-2011Q4:1.3.0.34 pkgsrc-2011Q4-base:1.3 pkgsrc-2011Q3:1.3.0.32 pkgsrc-2011Q3-base:1.3 pkgsrc-2011Q2:1.3.0.30 pkgsrc-2011Q2-base:1.3 pkgsrc-2011Q1:1.3.0.28 pkgsrc-2011Q1-base:1.3 pkgsrc-2010Q4:1.3.0.26 pkgsrc-2010Q4-base:1.3 pkgsrc-2010Q3:1.3.0.24 pkgsrc-2010Q3-base:1.3 pkgsrc-2010Q2:1.3.0.22 pkgsrc-2010Q2-base:1.3 pkgsrc-2010Q1:1.3.0.20 pkgsrc-2010Q1-base:1.3 pkgsrc-2009Q4:1.3.0.18 pkgsrc-2009Q4-base:1.3 pkgsrc-2009Q3:1.3.0.16 pkgsrc-2009Q3-base:1.3 pkgsrc-2009Q2:1.3.0.14 pkgsrc-2009Q2-base:1.3 pkgsrc-2009Q1:1.3.0.12 pkgsrc-2009Q1-base:1.3 pkgsrc-2008Q4:1.3.0.10 pkgsrc-2008Q4-base:1.3 pkgsrc-2008Q3:1.3.0.8 pkgsrc-2008Q3-base:1.3 cube-native-xorg:1.3.0.6 cube-native-xorg-base:1.3 pkgsrc-2008Q2:1.3.0.4 pkgsrc-2008Q2-base:1.3 cwrapper:1.3.0.2 pkgsrc-2008Q1:1.2.0.28 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.26 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.24 pkgsrc-2007Q3-base:1.2 pkgsrc-2007Q2:1.2.0.22 pkgsrc-2007Q2-base:1.2 pkgsrc-2007Q1:1.2.0.20 pkgsrc-2007Q1-base:1.2 pkgsrc-2006Q4:1.2.0.18 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.16 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.14 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.12 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.10 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.8 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.6 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.4 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.2 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.1.0.10 pkgsrc-2004Q3-base:1.1 pkgsrc-2004Q2:1.1.0.8 pkgsrc-2004Q2-base:1.1 pkgsrc-2004Q1:1.1.0.6 pkgsrc-2004Q1-base:1.1 pkgsrc-2003Q4:1.1.0.4 pkgsrc-2003Q4-base:1.1 netbsd-1-6-1:1.1.0.2; locks; strict; comment @# @; 1.4 date 2015.09.27.19.06.23; author kamil; state dead; branches; next 1.3; commitid EiOH68EnQb3slVCy; 1.3 date 2008.07.06.05.16.50; author tonnerre; state Exp; branches; next 1.2; 1.2 date 2004.11.26.11.39.05; author adam; state dead; branches; next 1.1; 1.1 date 2003.03.29.21.20.30; author salo; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2003.03.29.21.20.30; author grant; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2003.04.06.20.58.02; author grant; state Exp; branches; next ; desc @@ 1.4 log @Upgrade to 1.2.1, reuse work from wip/bitchx (by Makoto Fujiwara) Drop all local patches for old GCC fixes and tuning the program itself. Upstream changelog ================== [Changes 1.2.1] * Prefer over (reported by ncopa). (caf) * Fix overflow in say() when handling a maximum-length client message. (caf) * Remove WANT_CHAN_NICK_SERV define and include network services commands by default. (caf) * Pass through externally-provided CPPFLAGS (reported by cpet). (caf) * Don't set the mode on new channels until synched - this speeds up joining lots of channels at connect time if one of them is new, and reduces the chance of being flooded off the server. (caf) * Correctly handle channel sync across multi-server. (caf) * Fixes and improvements for channel logging. (caf) * Use correct (MODECHAN and MODEUSER) display level for channel and user modes. (caf) * Allow %- status format to handle max-length topics (reported by oxy). (caf) * Add /FSET WOHIS_LOGGEDIN for services login info on hybrid, ratbox and ircu. (caf) * Add sanity checking of incoming nicknames. (caf) * /MV (massvoice) shouldn't send +v for already-voiced users. (caf) * Fix lag check on recent 32 bit OpenBSD / NetBSD (reported by DJ). (caf) * Fix key bindings that terminate with ^. (caf) * Fix the $timer() scripting function. (caf) * Fix the /TKB (timed kickban) command. (caf) * Rewrite termcap/terminfo detection logic in configure and include term.h in term.c for the system definition of tparm(). This fixes a crash on NetBSD x86-64 (reported by jeezy), and should also ensure that terminfo is used in preference to termcap on NetBSD. (caf) * Fix output when built against termcap. (caf) * Fix STATUS_NOTIFY so that it appears in the right window. (caf) * Improve robustness of status formats handling. (caf) * Use system setenv() in preference to compat bsd_setenv(). (caf) * Allow selection of alternate hashing methods with $crypt(). (caf) * Improve the initial seeding of the randm() fallback RNG. (caf) * Strengthen the cookie generation algorithm for /detach. (caf) * RANDOM_SOURCE now only affects the rand() scripting function. (caf) * Make RANDOM_LOCAL_PORTS actually random. (caf) * Show same message on local terminal as used in emergency exit QUIT. (caf) * Remove unused XLINK CTCP reply handler. (caf) * Ensure add_socketread() doesn't leak file descriptors. (caf) * Fix listing bans on local channels (/BANS &channel). (flashback) * Fix unbanning by number (/UNBAN #channel #number). (caf) * Improve the list_channels() function. (caf) * Use socklen_t instead of plain int where available. (flashback) * Use in preference to where it's available. (caf) * Skip malformed abots.sav entries in read_abot(), avoiding null dereferences found by Coverity. (flashback) * Ensure proper handling of % when /FSET DCC is used. (caf) * Improve robustness of CDCC save file loading. (caf) * Fix open file leak in /LASTLOG found by Coverity. (caf) * Fix file descriptor leak on SOCKS4 connection failure found by Coverity. (caf) * Fix out-of-bounds error in cryptit() found by Coverity. (flashback) * Cleanup save_formats(). (caf) * Fix off-by-one error in add_socketread() and set_socketwrite() found by Coverity. (caf) * Fix longstanding bug with ordering of rfc1459[] array. (caf) * Fix crash after /SETAR -, reported by riderplus. (caf) * Remove special handling of 484 numeric, which is no longer needed and was buggy (making BitchX think that usermode +G was set). (caf) * Add /OBITS command, shows obituaries for some BitchX friends. (caf) * Fix abuses of the RESIZE macro. Reported by nenolod. (caf) * Clears up a crash and some build warnings in the acro plugin. (caf) * Applied patches from jdhore to clean up the plugin building and installing process. (caf) * Fix building on newer Cygwin (reported by VICODAN). (caf) * Fix building plugins on FreeBSD-10 (reported by cpet). (caf) * Messages sent to channels should use lastlog level PUBLIC, not MSG. (caf) * panasync OK'd releasing tcl.c, so here it is. (caf) * Fix QUIT messages with SSL connections. (flashback) * Rename include/bitchx to include/options.h, fixes building on case-insensitive platforms. (caf) * Use AI_ADDRCONFIG flag to improve server address selection when client is built for IPv6 but we don't have an IPv6 address. (caf) * Enable SSL support by default, if OpenSSL is present at build time. (caf) * Fix leak and potential crash in lame_resolv() using IPv6. (caf, snadge) * Apply patch from snadge defining BIND_4_COMPAT on OpenBSD, to allow /nslookup to build. (caf) * Fix problem connecting to IPv4 when IPv6 enabled on FreeBSD and enable IPv6 on all supporting platforms. Thanks to brabes, snadge and packet. (caf) * Improve connect() error handling. (caf) * Remove obsolete .spec files. (caf) * configure - only create sig.inc if it's actually needed. (caf) * configure - use the right dependencies when checking for net/if.h, i arpa/inet.h and resolv.h. Reported by flashback. (caf) * Fix plugin Makefiles for out-of-tree building, reported by nyet. (caf) * Add DESTDIR support to build system, to ease rpm and deb packaging. Reported separately by nyet and VICODAN. (caf) * Fix /detach and wserv with IPv6 enabled. (caf, snadge, packet) * Make default for NICK_COMPLETION_CHAR explicit. (caf) * Reduce footprint when starting up disconnected. (caf) * Fix /nslookup command (including fixing compilation on cygwin). (caf) * Improve /detach error handling and remove bogus F_SETOWN use, reported by madsage. (caf) * Add /FSET WHOIS_SECURE for SSL connection info on ratbox, unreal and freenode. (caf) * Add /FSET CHANNEL_URL for services channel URL numeric. (caf) * Fix crash bug in $mircansi() scripting function. (caf) * Add half-op support to /topic and /untopic. (caf) * Tidy up the URL grabber, fixing a memory leak. (caf) * Cleanup the /BHELP code, fixing a potential crash. Apply updates to BitchX.help from t3gah. (caf) * [1.1s01] Sanity check color codes, fixes a potential crash. (caf) * Add /FSET USERMODE_OTHER to correctly format user mode changes where the source isn't the same as the target, reported by gauze. (caf) * Improve country() and add several new TLDs, suggested by gauze. (caf) * Apply fixes from darkfires removing non-standard use of arithmetic on void * values, to allow building on Irix. (caf) * Apply fix from darkfires to allow building with ICC. (caf) * Show correct message when a socket connection is closed cleanly. (caf) * Add /FSET WHOIS_CALLERID for +g mode notification on hybrid & ratbox. (caf) * Build script fix to allow plugins to build on x86-64. (caf) * Correct count in /CLONES (reported by t3gah), and format output nicely using an /fset. (caf) * Add definition of BIND_8_COMPAT to fix build problem on Mac OS X. (caf) * Ensure that SHOW_AWAY_ONCE doesn't hide away status in /whois output. (caf) * Fix the the -z command line option for specifying username. (flashback) * Fix up /WILN, /WILC and /WILCR. (caf) * Backport changes from epic5 to make recv_nick, sent_nick and sent_body per-server, and apply new version of do_oops from flashback. This means that /oops, "/query .", "/query ,", "/msg ." and "/msg ," are per-server, along with the $. $, and $B aliases. (caf) * Handle error return from getcwd() in /cd. (caf) * Fix alloca warnings on freebsd. (caf) * Fix memory leak in banlist.c. (caf) * Apply a fix contributed by cpet for the configure script on FreeBSD 9. (caf) * Fix a refcounting issue in the whowas list handling, which should make the listing of users that left in a netsplit right again. (caf) * Improve argument-handling in /hostname command - now supports doing /hostname 2 to switch to second vhost. (caf) * Change the display of server stats so that the averages (eg. users per channel) are correctly rounded. (caf) * Reinstate RPL_WHOISACTUALLY / RPL_WHOISHOST numerics - things seem to have stabilised in the ircd world on this. (caf) * Fixed two cases where the client was incorrectly deciding that a numeric originated from a remote server rather than the local server - this caused BitchX to falsely report channel desynch and incorrectly hide some numerics. (caf) * Fixed $servernum() scripting function, it was returning the wrong server reference in most cases. (caf) * [1.1s01] Fixed .cmsg crash reported by zimzum. (caf) * Changed the defaults for JOIN_NEW_WINDOW_TYPE and QUERY_NEW_WINDOW_TYPE so that they work out of the box. (caf) * Some cleanups in quit message handling, fixed a bug where a quit from an unexpected source could crash the client. (caf) * Cleaned up the handling of channel mode changes a little, including fixing buggy handling of certain key and limit mode changes. (caf) * Fix bug where you got disconnected if the server sent a 464 numeric (bad password) that the client wasn't expecting. (caf) * Add /HOP and /DEHOP commands for halfop. (caf) * Removed "scan" plugin, this functionality is now covered by /SCAN -stat. (caf) * Change NICKSORT_OP to NICKSORT_STAT (sorts nicks by channel status - chanop first, then halops, voices and others). Added /SCAN -stat to sort nicks using NICKSORT_OP. Removed NICKSORT_VOICE - it was broken anyway. (caf) * Add halfop nick prefix to default status line, and change the voice prefix so it appears whether or not you're opped. (caf) * Add halfop support to $channel() scripting function. (caf) * Rework /SCAN and /NAMES formatting. This removes the /FSETs NAMES_BOTCOLOR, NAMES_FRIENDCOLOR, NAMES_NICKCOLOR, NAMES_OPCOLOR, NAMES_SHITCOLOR and NAMES_VOICECOLOR and replaces them with new /FSETs. (caf) * Add $ishalfop( = 2.7 - fixes compiling on S390 platform. (caf) * [1.1s01] Improve buffer handling in convert_output_format_raw (CVE-2007-4584). (caf) * [1.1s01] Handle negative numerics correctly (CVE-2007-3360). (caf) @ text @$NetBSD: patch-ag,v 1.3 2008/07/06 05:16:50 tonnerre Exp $ --- source/parse.c.orig 2008-07-06 06:24:53.000000000 +0200 +++ source/parse.c @@@@ -1413,10 +1413,11 @@@@ static void p_mode(char *from, char **Ar char *channel; char *line; int flag; + size_t linelen; ChannelList *chan = NULL; ChannelList *chan2 = get_server_channels(from_server); - char buffer[BIG_BUFFER_SIZE+1]; + char *buffer; char *smode; #ifdef COMPRESS_MODES char *tmpbuf = NULL; @@@@ -1432,7 +1433,13 @@@@ static void p_mode(char *from, char **Ar set_display_target(channel, LOG_CRAP); if (channel && line) { - strcpy(buffer, line); + buffer = malloc(linelen = strlen(line)); + if (!buffer) + { + perror("malloc"); + return; + } + strncpy(buffer, line, linelen); if (get_int_var(MODE_STRIPPER_VAR)) strip_modes(from,channel,line); if (is_channel(channel)) @@@@ -1486,6 +1493,7 @@@@ static void p_mode(char *from, char **Ar do_logchannel(LOG_MODE_USER, chan, "%s %s %s", from, channel, line); } update_all_status(current_window, NULL, 0); + free(buffer); } #ifdef GUI gui_update_nicklist(channel); @ 1.3 log @Add patches for two longstanding security issues in bitchx: - CVE-2007-5839: e_hostname uses mktempnam in an unsafe manner. - CVE-2007-4584: p_mode classic buffer overflow using a static string. @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @Changes 1.1: * Fixed bug with using [$8] in expressions (Reported by BlackJac) (Patch from |Rain|) (BugID: 64) (powuh) * Fixed bug in /set show_end_of_msgs. When OFF prevented hooking of some end_of_msg numerics. (Reported by BlackJac) (Patch from |Rain|) (BugID: 51) (powuh) * Fixed incorrect ordering of operations in screen.c which caused an off-by-one access at the end ofthe buffer. (Patch from |Rain|) (BugID: 48) (powuh) * Fixed ischanvoice() to be compatiable with epic. Maintained reverse functionality as not to break existing scripts. (Patch from |Rain|) (BugID: 20) (powuh) * Fixed segfault with convert_output_format not honoring MAX_RECURSE. (Patch from |Rain|) (powuh) * Fixed possble rouge server exploit: If a rogue server sends us a ctcp request from an extremely large nickname (over about 512 bytes), we may attempt to alloca() a negative value, which under gcc will return a invalid pointer the contents of which will then be overwritten. (Reported by O_6) (Patch from |Rain|) (powuh) * Fixed segfault with channel mode parsing. (Patch from O_6) (powuh) * Removed auto_resume script, it's not needed any more (caf). * Fixed string copying snafu in gtkbitchx.c (reported by Huey) (caf). * Added STATUS_USER20 to STATUS_USER39 (patch from BlackJac) (caf). @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.1 2003/03/29 21:20:30 salo Exp $ d3 7 a9 15 Fixes potential remote buffer overflows. See the following url for more details: http://securityfocus.com/archive/1/315057 Patch by caf@@guarana.org. --- source/banlist.c.orig 2002-02-28 05:22:46.000000000 +0100 +++ source/banlist.c 2003-03-29 21:30:20.000000000 +0100 @@@@ -264,9 +264,9 @@@@ char * ban_it(char *nick, char *user, char *host, char *ip) { static char banstr[BIG_BUFFER_SIZE/4+1]; -char *tmpstr = NULL; char *t = user; char *t1 = user; +char *tmp; d11 24 a34 49 *banstr = 0; while (strlen(t1)>9) @@@@ -277,33 +277,40 @@@@ case 7: if (ip) { - sprintf(banstr, "*!*@@%s", cluster(ip)); + snprintf(banstr, sizeof banstr, "*!*@@%s", + cluster(ip)); break; } case 2: /* Better */ - sprintf(banstr, "*!*%s@@%s", t1, cluster(host)); + snprintf(banstr, sizeof banstr, "*!*%s@@%s", t1, + cluster(host)); break; case 3: /* Host */ - sprintf(banstr, "*!*@@%s", host); + snprintf(banstr, sizeof banstr, "*!*@@%s", host); break; case 4: /* Domain */ - sprintf(banstr, "*!*@@*%s", strrchr(host, '.')); + tmp = strrchr(host, '.'); + if (tmp) + snprintf(banstr, sizeof banstr, "*!*@@*%s", + tmp); + else + snprintf(banstr, sizeof banstr, "*!*@@%s", + host); break; case 5: /* User */ - sprintf(banstr, "*!%s@@%s", t, cluster(host)); + snprintf(banstr, sizeof banstr, "*!%s@@%s", t, + cluster(host)); break; case 6: /* Screw */ - malloc_sprintf(&tmpstr, "*!*%s@@%s", t1, host); - strcpy(banstr, screw(tmpstr)); - new_free(&tmpstr); + snprintf(banstr, sizeof banstr, "*!*%s@@%s", t1, host); + screw(banstr); break; case 1: /* Normal */ default: - { - sprintf(banstr, "%s!*%s@@%s", nick, t1, host); + snprintf(banstr, sizeof banstr, "%s!*%s@@%s", nick, t1, + host); break; d36 5 a40 4 - } return banstr; } @ 1.1 log @Bump PKGREVISION: fix several potential buffer overflows found by Timo Sirainen , see the following url for more details: http://securityfocus.com/archive/1/315057 Patch from bugtraq by . @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ag was added on branch netbsd-1-6-1 on 2003-04-06 20:58:02 +0000 @ text @d1 72 @ 1.1.2.2 log @Add new file (requested by salo in ticket #1239): Bump PKGREVISION: fix several potential buffer overflows found by Timo Sirainen @ text @a0 72 $NetBSD: patch-ag,v 1.1.2.1 2003/04/06 20:58:02 grant Exp $ Fixes potential remote buffer overflows. See the following url for more details: http://securityfocus.com/archive/1/315057 Patch by caf@@guarana.org. --- source/banlist.c.orig 2002-02-28 05:22:46.000000000 +0100 +++ source/banlist.c 2003-03-29 21:30:20.000000000 +0100 @@@@ -264,9 +264,9 @@@@ char * ban_it(char *nick, char *user, char *host, char *ip) { static char banstr[BIG_BUFFER_SIZE/4+1]; -char *tmpstr = NULL; char *t = user; char *t1 = user; +char *tmp; *banstr = 0; while (strlen(t1)>9) @@@@ -277,33 +277,40 @@@@ case 7: if (ip) { - sprintf(banstr, "*!*@@%s", cluster(ip)); + snprintf(banstr, sizeof banstr, "*!*@@%s", + cluster(ip)); break; } case 2: /* Better */ - sprintf(banstr, "*!*%s@@%s", t1, cluster(host)); + snprintf(banstr, sizeof banstr, "*!*%s@@%s", t1, + cluster(host)); break; case 3: /* Host */ - sprintf(banstr, "*!*@@%s", host); + snprintf(banstr, sizeof banstr, "*!*@@%s", host); break; case 4: /* Domain */ - sprintf(banstr, "*!*@@*%s", strrchr(host, '.')); + tmp = strrchr(host, '.'); + if (tmp) + snprintf(banstr, sizeof banstr, "*!*@@*%s", + tmp); + else + snprintf(banstr, sizeof banstr, "*!*@@%s", + host); break; case 5: /* User */ - sprintf(banstr, "*!%s@@%s", t, cluster(host)); + snprintf(banstr, sizeof banstr, "*!%s@@%s", t, + cluster(host)); break; case 6: /* Screw */ - malloc_sprintf(&tmpstr, "*!*%s@@%s", t1, host); - strcpy(banstr, screw(tmpstr)); - new_free(&tmpstr); + snprintf(banstr, sizeof banstr, "*!*%s@@%s", t1, host); + screw(banstr); break; case 1: /* Normal */ default: - { - sprintf(banstr, "%s!*%s@@%s", nick, t1, host); + snprintf(banstr, sizeof banstr, "%s!*%s@@%s", nick, t1, + host); break; } - } return banstr; } @