Security update

5 files changed, 349 insertions, 1 deletions

diff --git a/net-irc/bitchx/ChangeLog b/net-irc/bitchx/ChangeLog
index 7f75a926a7dc..34c1929fb8ee 100644
--- a/net-irc/bitchx/ChangeLog
+++ b/net-irc/bitchx/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for net-irc/bitchx
 # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-irc/bitchx/ChangeLog,v 1.19 2003/03/13 22:46:13 gmsoft Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-irc/bitchx/ChangeLog,v 1.20 2003/03/15 18:25:37 aliz Exp $
+
+*bitchx-1.0.19-r5 (15 Mar 2003)
+
+  15 Mar 2003; Daniel Ahlberg <aliz@gentoo.org> :
+  Security update.
 
 *bitchx-1.0.19-r4 (20 Feb 2003)
 
diff --git a/net-irc/bitchx/bitchx-1.0.19-r5.ebuild b/net-irc/bitchx/bitchx-1.0.19-r5.ebuild
new file mode 100644
index 000000000000..30bf3cda51d0
--- /dev/null
+++ b/net-irc/bitchx/bitchx-1.0.19-r5.ebuild
@@ -0,0 +1,141 @@
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-irc/bitchx/bitchx-1.0.19-r5.ebuild,v 1.1 2003/03/15 18:25:37 aliz Exp $
+
+inherit flag-o-matic eutils
+
+IUSE="ssl esd gnome xmms ncurses ipv6 gtk cjk"
+
+MY_P=ircii-pana-${PV/.0./.0c}
+S=${WORKDIR}/BitchX
+DESCRIPTION="An IRC Client"
+SRC_URI="ftp://ftp.bitchx.com/pub/BitchX/source/${MY_P}.tar.gz
+		cjk? ( http://www.gentoo.org/~seo/distfiles/${P}-cjk.patch )"
+HOMEPAGE="http://www.bitchx.com/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~x86 ~ppc ~sparc"
+
+replace-flags -O[3-9] -O2
+
+# BitchX needs to be merged with -fPIC on alpha boxes
+# This fixes bug 10932
+[ "${ARCH}" = "alpha" ] && append-flags "-fPIC"
+
+# hppa need -fPIC too
+[ "${ARCH}" = "hppa" ] && append-flags "-fPIC"
+
+DEPEND=">=sys-libs/ncurses-5.1 
+	ssl? ( >=dev-libs/openssl-0.9.6 )
+	xmms? ( media-sound/xmms )
+	gnome? ( >=gnome-base/gnome-libs-1.4.1.2-r1 )
+	ncurses? ( sys-libs/ncurses )
+	esd? ( >=media-sound/esound-0.2.5
+		>=media-libs/audiofile-0.1.5 )
+	gtk? ( =x11-libs/gtk+-1.2*
+		>=media-libs/imlib-1.9.10-r1 )"
+
+src_unpack() {
+	unpack ${MY_P}.tar.gz
+	cd ${S}
+
+	use cjk && epatch ${FILESDIR}/${P}-cjk.patch
+
+	epatch ${FILESDIR}/${P}-security.patch || die
+	epatch ${FILESDIR}/${P}-security2.patch || die
+}
+
+src_compile() {
+	local myconf
+
+	if [ "${DEBUG}" ]
+	then
+		einfo "debugging"
+		myconf="${myconf} --enable-debug"
+	fi
+
+	use ssl \
+		&& myconf="${myconf} --with-ssl" \
+		|| myconf="${myconf} --without-ssl"
+
+	use esd && use gtk \
+		&& myconf="${myconf} --enable-sound" \
+		|| myconf="${myconf} --disable-sound"
+	
+	use gtk \
+	    || myconf="${myconf} --without-gtk"
+
+	use ipv6 \
+		&& myconf="${myconf} --enable-ipv6" \
+		|| myconf="${myconf} --disable-ipv6"
+
+	#not tested
+	#use ncurses \
+	#	&& myconf="${myconf} --without-tgetent" \
+	#	|| myconf="${myconf} --with-tgetent"
+	
+	# lamer@gentoo.org BROKEN, will not work with our socks
+	# implementations, is looking for a SOCKSConnect function that our
+	# dante packages don't have :-(
+	# use socks5 \
+	#	&& myconf="${myconf} --with-socks=5" \
+	#	|| myconf="${myconf} --without-socks"
+
+	mv ${S}/include/config.h ${S}/include/config.h.orig
+	sed -e "s/#undef LATIN1/#define LATIN1 ON/;" \
+		${S}/include/config.h.orig > \
+		${S}/include/config.h 
+
+	econf \
+		--enable-cdrom \
+		--with-plugins \
+		${myconf} || die
+
+	emake || die
+
+}
+
+src_install () {
+
+	einstall || die
+
+	rm ${D}/usr/share/man/man1/BitchX*
+	doman doc/BitchX.1
+
+	use gnome && ( \
+		exeinto /usr/bin
+		newexe ${S}/source/BitchX BitchX-1.0c19
+		dosym gtkBitchX-1.0c19 /usr/bin/gtkBitchX
+	)
+
+	dosym BitchX-1.0c19 /usr/bin/BitchX
+
+	chmod -x ${D}/usr/lib/bx/plugins/BitchX.hints
+
+	cd ${S}
+	dodoc Changelog README* IPv6-support COPYING
+	cd doc
+	insinto /usr/X11R6/include/bitmaps
+	doins BitchX.xpm
+
+	dodoc BitchX-* BitchX.bot *.doc BitchX.faq README.hooks 
+	dodoc bugs *.txt functions ideas mode tcl-ideas watch
+	dodoc *.tcl
+	dohtml *.html
+
+	docinto plugins
+	dodoc plugins
+	cd ../dll
+	insinto /usr/lib/bx/wav
+	doins wavplay/*.wav
+	cp acro/README acro/README.acro
+	dodoc acro/README.acro
+	cp arcfour/README arcfour/README.arcfour
+	dodoc arcfour/README.arcfour
+	cp blowfish/README blowfish/README.blowfish
+	dodoc blowfish/README.blowfish
+	dodoc nap/README.nap
+	cp qbx/README qbx/README.qbx
+	dodoc qbx/README.qbx
+}
diff --git a/net-irc/bitchx/files/bitchx-1.0.19-security.patch b/net-irc/bitchx/files/bitchx-1.0.19-security.patch
new file mode 100644
index 000000000000..fa7eb1217ad0
--- /dev/null
+++ b/net-irc/bitchx/files/bitchx-1.0.19-security.patch
@@ -0,0 +1,14 @@
+--- source/funny.c	2003-02-20 16:37:07.000000000 +0000
++++ source/funny.c	2003-02-20 16:39:13.000000000 +0000
+@@ -261,6 +261,11 @@
+ 	channel = Args[1];
+ 	line = Args[2];
+ 
++	if (channel == NULL || line == NULL) { 
++		bitchsay("Invalid number of arguments for %s", __FUNCTION__); 
++		return; 
++	} 
++
+ 	ptr = line;
+ 	while (*ptr)
+ 	{
diff --git a/net-irc/bitchx/files/bitchx-1.0.19-security2.patch b/net-irc/bitchx/files/bitchx-1.0.19-security2.patch
new file mode 100644
index 000000000000..e8f6f67504a3
--- /dev/null
+++ b/net-irc/bitchx/files/bitchx-1.0.19-security2.patch
@@ -0,0 +1,186 @@
+diff -ru BitchX-old/source/banlist.c BitchX/source/banlist.c
+--- BitchX-old/source/banlist.c	2002-02-28 06:22:46.000000000 +0200
++++ BitchX/source/banlist.c	2003-03-13 20:09:01.000000000 +0200
+@@ -277,30 +277,30 @@
+ 		case 7:
+ 			if (ip)
+ 			{
+-				sprintf(banstr, "*!*@%s", cluster(ip));
++				snprintf(banstr, sizeof(banstr), "*!*@%s", cluster(ip));
+ 				break;
+ 			}
+ 		case 2: /* Better 	*/
+-			sprintf(banstr, "*!*%s@%s", t1, cluster(host));
++			snprintf(banstr, sizeof(banstr), "*!*%s@%s", t1, cluster(host));
+ 			break;
+ 		case 3: /* Host 	*/
+-			sprintf(banstr, "*!*@%s", host);
++			snprintf(banstr, sizeof(banstr), "*!*@%s", host);
+ 			break;
+ 		case 4: /* Domain	*/
+-			sprintf(banstr, "*!*@*%s", strrchr(host, '.'));
++			snprintf(banstr, sizeof(banstr), "*!*@*%s", strrchr(host, '.'));
+ 			break;
+ 		case 5: /* User		*/
+-			sprintf(banstr, "*!%s@%s", t, cluster(host));
++			snprintf(banstr, sizeof(banstr), "*!%s@%s", t, cluster(host));
+ 			break;
+ 		case 6: /* Screw 	*/
+ 			malloc_sprintf(&tmpstr, "*!*%s@%s", t1, host);
+-			strcpy(banstr, screw(tmpstr));
++			strmcpy(banstr, screw(tmpstr), sizeof(banstr)-1);
+ 			new_free(&tmpstr);
+ 			break;
+ 		case 1:	/* Normal 	*/
+ 		default:
+ 		{
+-			sprintf(banstr, "%s!*%s@%s", nick, t1, host);
++			snprintf(banstr, sizeof(banstr), "%s!*%s@%s", nick, t1, host);
+ 			break;
+ 		}
+ 	}
+diff -ru BitchX-old/source/ctcp.c BitchX/source/ctcp.c
+--- BitchX-old/source/ctcp.c	2002-02-28 06:22:47.000000000 +0200
++++ BitchX/source/ctcp.c	2003-03-13 19:59:35.000000000 +0200
+@@ -1482,6 +1482,7 @@
+ 	     *putbuf2;
+ 	int len;
+ 	len = IRCD_BUFFER_SIZE - (12 + strlen(to));
++	if (len <= 2) return;
+ 	putbuf2 = alloca(len);
+ 
+ 	if (format)
+diff -ru BitchX-old/source/misc.c BitchX/source/misc.c
+--- BitchX-old/source/misc.c	2002-03-24 11:31:07.000000000 +0200
++++ BitchX/source/misc.c	2003-03-13 20:02:13.000000000 +0200
+@@ -3121,19 +3121,19 @@
+ 	{
+ 		if (*hostname == '~')
+ 			hostname++;
+-		strcpy(result, hostname);
++		strmcpy(result, hostname, sizeof(result)-1);
+ 		*strchr(result, '@') = '\0';
+ 		if (strlen(result) > 9)
+ 		{
+ 			result[8] = '*';
+ 			result[9] = '\0';
+ 		}
+-		strcat(result, "@");
++		strmcat(result, "@", sizeof(result)-1);
+ 		if (!(hostname = strchr(hostname, '@')))
+ 			return NULL;
+ 		hostname++;
+ 	}
+-	strcpy(host, hostname);
++	strmcpy(host, hostname, sizeof(host)-1);
+ 
+ 	if (*host && isdigit(*(host + strlen(host) - 1)))
+ 	{
+@@ -3154,8 +3154,8 @@
+                 for (i = 0; i < count; i++)
+                         tmp = strchr(tmp, '.') + 1;
+                 *tmp = '\0';
+-                strcat(result, host);
+-                strcat(result, "*");
++                strmcat(result, host, sizeof(result)-1);
++                strmcat(result, "*", sizeof(result)-1);
+ 	}
+ 	else
+ 	{
+@@ -3177,10 +3177,10 @@
+ 			else
+ 				return (char *) NULL;
+ 		}
+-		strcat(result, "*");
++		strmcat(result, "*", sizeof(result)-1);
+ 		if (my_stricmp(host, temphost))
+-			strcat(result, ".");
+-		strcat(result, host);
++			strmcat(result, ".", sizeof(result)-1);
++		strmcat(result, host, sizeof(result)-1);
+ 	}
+ 	return result;
+ }
+diff -ru BitchX-old/source/names.c BitchX/source/names.c
+--- BitchX-old/source/names.c	2002-03-25 22:47:30.000000000 +0200
++++ BitchX/source/names.c	2003-03-13 20:10:26.000000000 +0200
+@@ -572,7 +572,7 @@
+ 
+    	*nmodes = 0;
+    	*nargs = 0;
+-	for (; *modes; modes++) 
++	for (; *modes && strlen(nmodes) < sizeof(nmodes)-2; modes++)
+ 	{
+ 		isbanned = isopped = isvoiced = 0;
+ 		switch (*modes) 
+@@ -742,7 +742,7 @@
+ 
+    /* modes which can be done multiple times are added here */
+ 
+-	for (tucm = ucm; tucm; tucm = tucm->next) 
++	for (tucm = ucm; tucm && strlen(nmodes) < sizeof(nmodes)-2; tucm = tucm->next)
+ 	{
+ 		if (tucm->o_ed) 
+ 		{
+diff -ru BitchX-old/source/notice.c BitchX/source/notice.c
+--- BitchX-old/source/notice.c	2002-02-28 06:22:50.000000000 +0200
++++ BitchX/source/notice.c	2003-03-13 20:07:39.000000000 +0200
+@@ -422,10 +422,10 @@
+ 	{
+ 		char *q = strchr(line, ':');
+ 		char *port = empty_string;
+-		int conn = !strncmp(line+7, "connect", 7) ? 1 : 0;
++		int conn = strlen(line) > 7 && !strncmp(line+7, "connect", 7) ? 1 : 0;
+ 		int dalnet = 0, ircnet = 0;
+ 
+-		if (*(line+18) == ':')
++		if (strlen(line) > 18 && *(line+18) == ':')
+ 			q = NULL;
+ 		else
+ 			dalnet = (q == NULL);
+@@ -462,7 +462,7 @@
+ 		    else sscanf(p, "%s was %s from %s", for_, fr, temp);
+ 
+ 		    q = p;
+-		    sprintf(q, "%s@%s", fr, temp);
++		    snprintf(q, strlen(q)+1, "%s@%s", fr, temp);
+ 		    if (!conn) 
+ 		    {
+ 			port = strstr(temp2, "reason:");
+diff -ru BitchX-old/source/server.c BitchX/source/server.c
+--- BitchX-old/source/server.c	2002-03-25 07:21:24.000000000 +0200
++++ BitchX/source/server.c	2003-03-13 20:10:00.000000000 +0200
+@@ -474,11 +474,11 @@
+ 					}
+ 					else
+ #endif
+-						junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE, server_list[i].ssl_fd);
++						junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE/2, server_list[i].ssl_fd);
+ 				}
+ 				else
+ #endif
+-					junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE, NULL);
++					junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE/2, NULL);
+ 			}
+ 			switch (junk)
+ 			{
+@@ -1741,7 +1741,7 @@
+ 			default:
+ 				if (FD_ISSET(des, &rd))
+ 				{
+-					if (!dgets(buffer, des, 0, BIG_BUFFER_SIZE, NULL))
++					if (!dgets(buffer, des, 0, BIG_BUFFER_SIZE/2, NULL))
+ 						flushing = 0;
+ 				}
+ 				break;
+@@ -1751,7 +1751,7 @@
+ 	FD_ZERO(&rd);
+ 	FD_SET(des, &rd);
+ 	if (new_select(&rd, NULL, &timeout) > 0)
+-		dgets(buffer, des, 1, BIG_BUFFER_SIZE, NULL);
++		dgets(buffer, des, 1, BIG_BUFFER_SIZE/2, NULL);
+ }
+ 
+ 
+
+
diff --git a/net-irc/bitchx/files/digest-bitchx-1.0.19-r5 b/net-irc/bitchx/files/digest-bitchx-1.0.19-r5
new file mode 100644
index 000000000000..8f5a8922eab1
--- /dev/null
+++ b/net-irc/bitchx/files/digest-bitchx-1.0.19-r5
@@ -0,0 +1,2 @@
+MD5 79431ff0880e7317049045981fac8adc ircii-pana-1.0c19.tar.gz 2533621
+MD5 10a57b14bb58910e1f373fbc1b8b2197 bitchx-1.0.19-cjk.patch 7050