head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.4
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.2
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2012Q2:1.1.0.44
	pkgsrc-2012Q2-base:1.1
	pkgsrc-2012Q1:1.1.0.42
	pkgsrc-2012Q1-base:1.1
	pkgsrc-2011Q4:1.1.0.40
	pkgsrc-2011Q4-base:1.1
	pkgsrc-2011Q3:1.1.0.38
	pkgsrc-2011Q3-base:1.1
	pkgsrc-2011Q2:1.1.0.36
	pkgsrc-2011Q2-base:1.1
	pkgsrc-2011Q1:1.1.0.34
	pkgsrc-2011Q1-base:1.1
	pkgsrc-2010Q4:1.1.0.32
	pkgsrc-2010Q4-base:1.1
	pkgsrc-2010Q3:1.1.0.30
	pkgsrc-2010Q3-base:1.1
	pkgsrc-2010Q2:1.1.0.28
	pkgsrc-2010Q2-base:1.1
	pkgsrc-2010Q1:1.1.0.26
	pkgsrc-2010Q1-base:1.1
	pkgsrc-2009Q4:1.1.0.24
	pkgsrc-2009Q4-base:1.1
	pkgsrc-2009Q3:1.1.0.22
	pkgsrc-2009Q3-base:1.1
	pkgsrc-2009Q2:1.1.0.20
	pkgsrc-2009Q2-base:1.1
	pkgsrc-2009Q1:1.1.0.18
	pkgsrc-2009Q1-base:1.1
	pkgsrc-2008Q4:1.1.0.16
	pkgsrc-2008Q4-base:1.1
	pkgsrc-2008Q3:1.1.0.14
	pkgsrc-2008Q3-base:1.1
	cube-native-xorg:1.1.0.12
	cube-native-xorg-base:1.1
	pkgsrc-2008Q2:1.1.0.10
	pkgsrc-2008Q2-base:1.1
	cwrapper:1.1.0.8
	pkgsrc-2008Q1:1.1.0.6
	pkgsrc-2008Q1-base:1.1
	pkgsrc-2007Q4:1.1.0.4
	pkgsrc-2007Q4-base:1.1
	pkgsrc-2007Q3:1.1.0.2
	pkgsrc-2007Q3-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2012.07.14.22.12.42;	author dholland;	state dead;
branches;
next	1.1;

1.1
date	2007.07.19.00.43.42;	author lkundrak;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Remove chat/centericq as promised. This has not been buildable for
years due to C++ standards drift and has been superseded by centerim.
@
text
@$NetBSD: patch-ax,v 1.1 2007/07/19 00:43:42 lkundrak Exp $

Part of a fix for CVE-2007-3713.

--- src/hooks/irchook.cc.orig	2007-07-19 02:24:38.000000000 +0200
+++ src/hooks/irchook.cc
@@@@ -35,6 +35,8 @@@@
 
 #include <iterator>
 
+#define NOTIFBUF 512
+
 // ----------------------------------------------------------------------------
 
 irchook irhook;
@@@@ -609,11 +611,12 @@@@ void irchook::rawcommand(const string &c
 
 void irchook::channelfatal(string room, const char *fmt, ...) {
     va_list ap;
-    char buf[1024];
+    char buf[NOTIFBUF];
     vector<channelInfo>::iterator i;
 
     va_start(ap, fmt);
-    vsprintf(buf, fmt, ap);
+    vsnprintf(buf, NOTIFBUF, fmt, ap);
+    buf[NOTIFBUF-1] = '\0';
     va_end(ap);
 
     if(room.substr(0, 1) != "#")
@@@@ -1196,7 +1199,7 @@@@ void irchook::errorhandler(void *connect
 void irchook::nickchanged(void *connection, void *cli, ...) {
     va_list ap;
     icqcontact *c;
-    char buf[100];
+    char buf[NOTIFBUF];
 
     va_start(ap, cli);
     char *oldnick = va_arg(ap, char *);
@@@@ -1218,7 +1221,8 @@@@ void irchook::nickchanged(void *connecti
 
 	    }
 
-	    sprintf(buf, _("The user has changed their nick from %s to %s"), oldnick, newnick);
+	    snprintf(buf, NOTIFBUF, _("The user has changed their nick from %s to %s"), oldnick, newnick);
+	    buf[NOTIFBUF-1] = '\0';
 	    em.store(imnotification(c, buf));
 	}
     }
@@@@ -1254,18 +1258,20 @@@@ const char * const command, const char *
 
 void irchook::subreply(void *conn, void *cli, const char * const nick,
 const char * const command, const char * const args) {
-    char buf[512];
+    char buf[NOTIFBUF];
 
     if(!strcmp(command, "PING")) {
 	map<string, time_t>::iterator i = irhook.pingtime.find(up(nick));
 
 	if(i != irhook.pingtime.end()) {
-	    sprintf(buf, _("PING reply from the user: %d second(s)"), time(0)-i->second);
+	    snprintf(buf, NOTIFBUF, _("PING reply from the user: %d second(s)"), time(0)-i->second);
+	    buf[NOTIFBUF-1] = '\0';
 	    em.store(imnotification(imcontact(nick, irc), buf));
 	}
 
     } else if(!strcmp(command, "VERSION")) {
-	sprintf(buf, _("The remote is using %s"), args);
+	snprintf(buf, NOTIFBUF, _("The remote is using %s"), args);
+	buf[NOTIFBUF-1] = '\0';
 	em.store(imnotification(imcontact(nick, irc), buf));
 
     }
@@@@ -1378,8 +1384,9 @@@@ void irchook::chatuserjoined(void *conn,
 	if(strlen(email))
 	    uname += (string) " (" + email + ")";
 
-	char buf[512];
-	sprintf(buf, _("%s has joined."), uname.c_str());
+	char buf[NOTIFBUF];
+	snprintf(buf, NOTIFBUF, _("%s has joined."), uname.c_str());
+	buf[NOTIFBUF-1] = '\0';
 	em.store(imnotification(imcontact(room, irc), buf));
     }
 }
@@@@ -1395,14 +1402,16 @@@@ void irchook::chatuserleft(void *conn, v
 
     if(conf.getourid(irc).nickname != who) {
 	string text;
-	char buf[512];
+	char buf[NOTIFBUF];
 
-	sprintf(buf, _("%s has left"), who); text = buf;
+	snprintf(buf, NOTIFBUF, _("%s has left"), who); text = buf;
+        buf[NOTIFBUF-1] = '\0';
 
 	if(reason)
 	if(strlen(reason)) {
 	    if(strlen(reason) > 450) reason[450] = 0;
-	    sprintf(buf, _("reason: %s"), reason);
+	    snprintf(buf, NOTIFBUF, _("reason: %s"), reason);
+	    buf[NOTIFBUF-1] = '\0';
 	    text += (string) "; " + buf + ".";
 	}
 
@@@@ -1422,13 +1431,15 @@@@ void irchook::chatuserkicked(void *conn,
 
     if(conf.getourid(irc).nickname != who) {
 	string text;
-	char buf[512];
+	char buf[NOTIFBUF];
 
-	sprintf(buf, _("%s has been kicked by %s"), who, by); text = buf;
+	snprintf(buf, NOTIFBUF, _("%s has been kicked by %s"), who, by); text = buf;
+	buf[NOTIFBUF-1] = '\0';
 
 	if(reason)
 	if(strlen(reason)) {
-	    sprintf(buf, _("reason: %s"), reason);
+	    snprintf(buf, NOTIFBUF, _("reason: %s"), reason);
+	    buf[NOTIFBUF-1] = '\0';
 	    text += (string) "; " + buf + ".";
 	}
 
@@@@ -1451,13 +1462,15 @@@@ void irchook::chatgottopic(void *conn, v
 	return;
 
     string text;
-    char buf[1024];
-    sprintf(buf, _("Channel topic now is: %s"), topic);
+    char buf[NOTIFBUF];
+    snprintf(buf, NOTIFBUF, _("Channel topic now is: %s"), topic);
+    buf[NOTIFBUF-1] = '\0';
     text = buf;
 
     if(author)
     if(strlen(author)) {
-	sprintf(buf, _("set by %s"), author);
+	snprintf(buf, NOTIFBUF, _("set by %s"), author);
+	buf[NOTIFBUF-1] = '\0';
 	text += (string) "; " + buf + ".";
     }
 
@@@@ -1474,8 +1487,9 @@@@ void irchook::chatuseropped(void *conn, 
     va_end(ap);
 
     if(by) {
-	char buf[512];
-	sprintf(buf, _("%s has been opped by %s."), who, by);
+	char buf[NOTIFBUF];
+	snprintf(buf, NOTIFBUF, _("%s has been opped by %s."), who, by);
+	buf[NOTIFBUF-1] = '\0';
 	em.store(imnotification(imcontact(room, irc), buf));
     }
 }
@@@@ -1490,8 +1504,9 @@@@ void irchook::chatuserdeopped(void *conn
     va_end(ap);
 
     if(by) {
-	char buf[512];
-	sprintf(buf, _("%s has been deopped by %s."), who, by);
+	char buf[NOTIFBUF];
+	snprintf(buf, NOTIFBUF, _("%s has been deopped by %s."), who, by);
+	buf[NOTIFBUF-1] = '\0';
 	em.store(imnotification(imcontact(room, irc), buf));
     }
 }
@@@@ -1504,10 +1519,10 @@@@ void irchook::chatopped(void *conn, void
     char *by = va_arg(ap, char *);
     va_end(ap);
 
-    char buf[512];
-    if(by) sprintf(buf, _("%s has opped us."), by);
-	else strcpy(buf, _("you are an op here"));
-
+    char buf[NOTIFBUF];
+    if(by) snprintf(buf, NOTIFBUF, _("%s has opped us."), by);
+	else strncpy(buf, _("you are an op here"), NOTIFBUF);
+    buf[NOTIFBUF-1] = '\0';
     em.store(imnotification(imcontact(room, irc), buf));
 }
 
@@@@ -1519,8 +1534,9 @@@@ void irchook::chatdeopped(void *conn, vo
     char *by = va_arg(ap, char *);
     va_end(ap);
 
-    char buf[512];
-    sprintf(buf, _("%s has deopped us."), by);
+    char buf[NOTIFBUF];
+    snprintf(buf, NOTIFBUF, _("%s has deopped us."), by);
+    buf[NOTIFBUF-1] = '\0';
     em.store(imnotification(imcontact(room, irc), buf));
 }
 
@


1.1
log
@Fix horrific number of buffer overflows, CVE-2007-3713.
Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
@