- Update port to 0.4.6p1 (fixes remote buffer overflow)

- Add some additional buffer checks

net-im/climm/Makefile

@@ -6,21 +6,22 @@
 #
 
 PORTNAME=	micq
-PORTVERSION=	0.4.6
+PORTVERSION=	0.4.6.1
 CATEGORIES=	net
-MASTER_SITES=   ftp://micq.chatzone.org/pub/micq/V${PORTVERSION}/
+MASTER_SITES=   http://micq.ukeer.de/source/
+DISTNAME=	${PORTNAME}-${PORTVERSION:S/1/p1/}
 EXTRACT_SUFX=	.tgz
 
 MAINTAINER=	ports@freebsd.org
 
-FORBIDDEN=	"Remote buffer overflow"
+WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION:S/.1/-p1/}/src
 
 do-install:
 		${INSTALL_PROGRAM} ${WRKSRC}/micq ${PREFIX}/bin
 .if !defined(NOPORTDOCS)
 		${MKDIR} ${PREFIX}/share/doc/micq
-		${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/micq
-		${INSTALL_DATA} ${WRKSRC}/CHANGELOG ${PREFIX}/share/doc/micq
+		${INSTALL_DATA} ${WRKSRC}/../README ${PREFIX}/share/doc/micq
+		${INSTALL_DATA} ${WRKSRC}/../CHANGELOG ${PREFIX}/share/doc/micq
 .endif
 
 .include <bsd.port.mk>

net-im/climm/distinfo

@@ -1 +1 @@
-MD5 (micq-0.4.6.tgz) = d6b0b09eaf12e722c12ac14d115e49bf
+MD5 (micq-0.4.6.p1.tgz) = 2ea6df0f96606e9c74cace21dd8d39cd

net-im/climm/files/patch-aa

@@ -1,12 +1,13 @@
---- Makefile.orig	Mon Jul  3 02:10:31 2000
-+++ Makefile	Mon Jul  3 02:12:24 2000
-@@ -5,8 +5,7 @@
- # Most options that were here and soem that weren't have been moved to config.h
- # edit that file to set up options.
- #
+--- Makefile.orig	Tue Jan 23 11:49:05 2001
++++ Makefile	Wed Jan 24 20:28:41 2001
+@@ -2,8 +2,8 @@
+ # originally by Matt D. Smith
+ # rewritten by  Rico Gloeckner <mc@verdinet.de>
+ 
 -CC = gcc
 -CFLAGS = -O4 -Wall -DUNIX 
-+CFLAGS += -Wall -DUNIX 
- CFLAGS += -DENGLISH_LANG
- #CFLAGS += -DBULGARIAN_LANG
- #CFLAGS += -DPOLISH_LANG
++CC?= gcc
++CFLAGS+= -Wall -DUNIX 
+ 
+ # uncomment the line below for debuging info
+ #CFLAGS += -g

net-im/climm/files/patch-ab

@@ -0,0 +1,11 @@
+--- mreadline.c.orig	Tue Jan 23 11:49:05 2001
++++ mreadline.c	Wed Jan 24 22:01:31 2001
+@@ -359,7 +359,7 @@
+               break;
+            }
+         }
+-	sprintf (s, "%s %s/", message_cmd,
++	snprintf (s, sizeof(s), "%s %s/", message_cmd,
+ 		tab_array[tab_pointer]);
+ 	clen = cpos = strlen (s);
+ 	R_undraw();

net-im/climm/files/patch-ac

@@ -0,0 +1,11 @@
+--- sendmsg.c.orig	Tue Jan 23 11:49:05 2001
++++ sendmsg.c	Wed Jan 24 22:02:47 2001
+@@ -977,7 +977,7 @@
+ {
+    char buf[450];
+    
+-   sprintf( buf, "%s\xFE%s", url, description );
++   snprintf( buf, sizeof(buf), "%s\xFE%s", url, description );
+    icq_sendmsg( sok, uin, buf, URL_MESS );
+ }
+ 

net-im/climm/files/patch-ad

@@ -0,0 +1,20 @@
+--- util_ui.c.orig	Tue Jan 23 11:49:05 2001
++++ util_ui.c	Wed Jan 24 22:09:24 2001
+@@ -102,7 +102,7 @@
+    assert( 2048 >= strlen( str ) );
+    
+    va_start( args, str );
+-   vsprintf( buf, str, args );
++   vsnprintf( buf, sizeof(buf), str, args );
+    k = write( fd, buf, strlen( buf ) );
+    if ( k != strlen( buf ) )
+    {
+@@ -292,7 +292,7 @@
+    
+    va_start( args, str );
+ #ifndef CURSES_UI
+-   vsprintf( buf, str, args );
++   vsnprintf( buf, sizeof(buf), str, args );
+    str2 = buf;
+    while ( (void *) NULL != ( str1 = strchr( str2, '\x1b' ) ) )
+    {

net-im/climm/files/patch-ae

@@ -0,0 +1,24 @@
+--- icq_response.c.orig	Tue Jan 23 11:49:05 2001
++++ icq_response.c	Wed Jan 24 22:07:40 2001
+@@ -871,19 +871,12 @@
+       }
+       *tmp = 0;
+       char_conv ("wc",data);
+-// temporaryy fix to buffer overflow
+-// should be solved better -mc
+-//      strcpy (url_desc,data);
+-      url_desc[0] = '\0';
+-      strncat(url_desc,data,sizeof(url_data)-1);
++      strlcpy(url_desc,data,sizeof(url_data));
+ 
+       tmp++;
+       data = tmp;
+       char_conv ("wc",data);
+-// same apllies here --mc
+-//      strcpy (url_data,data);
+-      url_data[0] = '\0';
+-      strncat (url_data,data,sizeof(url_data)-1);
++      strlcpy(url_data,data,sizeof(url_data));
+ 
+ // and again
+ //      sprintf (message,"Description: %s \n                          URL: %s",url_desc,url_data);  

net-im/micq/Makefile

@@ -6,21 +6,22 @@
 #
 
 PORTNAME=	micq
-PORTVERSION=	0.4.6
+PORTVERSION=	0.4.6.1
 CATEGORIES=	net
-MASTER_SITES=   ftp://micq.chatzone.org/pub/micq/V${PORTVERSION}/
+MASTER_SITES=   http://micq.ukeer.de/source/
+DISTNAME=	${PORTNAME}-${PORTVERSION:S/1/p1/}
 EXTRACT_SUFX=	.tgz
 
 MAINTAINER=	ports@freebsd.org
 
-FORBIDDEN=	"Remote buffer overflow"
+WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION:S/.1/-p1/}/src
 
 do-install:
 		${INSTALL_PROGRAM} ${WRKSRC}/micq ${PREFIX}/bin
 .if !defined(NOPORTDOCS)
 		${MKDIR} ${PREFIX}/share/doc/micq
-		${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/micq
-		${INSTALL_DATA} ${WRKSRC}/CHANGELOG ${PREFIX}/share/doc/micq
+		${INSTALL_DATA} ${WRKSRC}/../README ${PREFIX}/share/doc/micq
+		${INSTALL_DATA} ${WRKSRC}/../CHANGELOG ${PREFIX}/share/doc/micq
 .endif
 
 .include <bsd.port.mk>

net-im/micq/distinfo

@@ -1 +1 @@
-MD5 (micq-0.4.6.tgz) = d6b0b09eaf12e722c12ac14d115e49bf
+MD5 (micq-0.4.6.p1.tgz) = 2ea6df0f96606e9c74cace21dd8d39cd

net-im/micq/files/patch-aa

@@ -1,12 +1,13 @@
---- Makefile.orig	Mon Jul  3 02:10:31 2000
-+++ Makefile	Mon Jul  3 02:12:24 2000
-@@ -5,8 +5,7 @@
- # Most options that were here and soem that weren't have been moved to config.h
- # edit that file to set up options.
- #
+--- Makefile.orig	Tue Jan 23 11:49:05 2001
++++ Makefile	Wed Jan 24 20:28:41 2001
+@@ -2,8 +2,8 @@
+ # originally by Matt D. Smith
+ # rewritten by  Rico Gloeckner <mc@verdinet.de>
+ 
 -CC = gcc
 -CFLAGS = -O4 -Wall -DUNIX 
-+CFLAGS += -Wall -DUNIX 
- CFLAGS += -DENGLISH_LANG
- #CFLAGS += -DBULGARIAN_LANG
- #CFLAGS += -DPOLISH_LANG
++CC?= gcc
++CFLAGS+= -Wall -DUNIX 
+ 
+ # uncomment the line below for debuging info
+ #CFLAGS += -g

net-im/micq/files/patch-ab

@@ -0,0 +1,11 @@
+--- mreadline.c.orig	Tue Jan 23 11:49:05 2001
++++ mreadline.c	Wed Jan 24 22:01:31 2001
+@@ -359,7 +359,7 @@
+               break;
+            }
+         }
+-	sprintf (s, "%s %s/", message_cmd,
++	snprintf (s, sizeof(s), "%s %s/", message_cmd,
+ 		tab_array[tab_pointer]);
+ 	clen = cpos = strlen (s);
+ 	R_undraw();

net-im/micq/files/patch-ac

@@ -0,0 +1,11 @@
+--- sendmsg.c.orig	Tue Jan 23 11:49:05 2001
++++ sendmsg.c	Wed Jan 24 22:02:47 2001
+@@ -977,7 +977,7 @@
+ {
+    char buf[450];
+    
+-   sprintf( buf, "%s\xFE%s", url, description );
++   snprintf( buf, sizeof(buf), "%s\xFE%s", url, description );
+    icq_sendmsg( sok, uin, buf, URL_MESS );
+ }
+ 

net-im/micq/files/patch-ad

@@ -0,0 +1,20 @@
+--- util_ui.c.orig	Tue Jan 23 11:49:05 2001
++++ util_ui.c	Wed Jan 24 22:09:24 2001
+@@ -102,7 +102,7 @@
+    assert( 2048 >= strlen( str ) );
+    
+    va_start( args, str );
+-   vsprintf( buf, str, args );
++   vsnprintf( buf, sizeof(buf), str, args );
+    k = write( fd, buf, strlen( buf ) );
+    if ( k != strlen( buf ) )
+    {
+@@ -292,7 +292,7 @@
+    
+    va_start( args, str );
+ #ifndef CURSES_UI
+-   vsprintf( buf, str, args );
++   vsnprintf( buf, sizeof(buf), str, args );
+    str2 = buf;
+    while ( (void *) NULL != ( str1 = strchr( str2, '\x1b' ) ) )
+    {

net-im/micq/files/patch-ae

@@ -0,0 +1,24 @@
+--- icq_response.c.orig	Tue Jan 23 11:49:05 2001
++++ icq_response.c	Wed Jan 24 22:07:40 2001
+@@ -871,19 +871,12 @@
+       }
+       *tmp = 0;
+       char_conv ("wc",data);
+-// temporaryy fix to buffer overflow
+-// should be solved better -mc
+-//      strcpy (url_desc,data);
+-      url_desc[0] = '\0';
+-      strncat(url_desc,data,sizeof(url_data)-1);
++      strlcpy(url_desc,data,sizeof(url_data));
+ 
+       tmp++;
+       data = tmp;
+       char_conv ("wc",data);
+-// same apllies here --mc
+-//      strcpy (url_data,data);
+-      url_data[0] = '\0';
+-      strncat (url_data,data,sizeof(url_data)-1);
++      strlcpy(url_data,data,sizeof(url_data));
+ 
+ // and again
+ //      sprintf (message,"Description: %s \n                          URL: %s",url_desc,url_data);  

net/micq/Makefile

@@ -6,21 +6,22 @@
 #
 
 PORTNAME=	micq
-PORTVERSION=	0.4.6
+PORTVERSION=	0.4.6.1
 CATEGORIES=	net
-MASTER_SITES=   ftp://micq.chatzone.org/pub/micq/V${PORTVERSION}/
+MASTER_SITES=   http://micq.ukeer.de/source/
+DISTNAME=	${PORTNAME}-${PORTVERSION:S/1/p1/}
 EXTRACT_SUFX=	.tgz
 
 MAINTAINER=	ports@freebsd.org
 
-FORBIDDEN=	"Remote buffer overflow"
+WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION:S/.1/-p1/}/src
 
 do-install:
 		${INSTALL_PROGRAM} ${WRKSRC}/micq ${PREFIX}/bin
 .if !defined(NOPORTDOCS)
 		${MKDIR} ${PREFIX}/share/doc/micq
-		${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/micq
-		${INSTALL_DATA} ${WRKSRC}/CHANGELOG ${PREFIX}/share/doc/micq
+		${INSTALL_DATA} ${WRKSRC}/../README ${PREFIX}/share/doc/micq
+		${INSTALL_DATA} ${WRKSRC}/../CHANGELOG ${PREFIX}/share/doc/micq
 .endif
 
 .include <bsd.port.mk>

net/micq/distinfo

@@ -1 +1 @@
-MD5 (micq-0.4.6.tgz) = d6b0b09eaf12e722c12ac14d115e49bf
+MD5 (micq-0.4.6.p1.tgz) = 2ea6df0f96606e9c74cace21dd8d39cd

net/micq/files/patch-aa

@@ -1,12 +1,13 @@
---- Makefile.orig	Mon Jul  3 02:10:31 2000
-+++ Makefile	Mon Jul  3 02:12:24 2000
-@@ -5,8 +5,7 @@
- # Most options that were here and soem that weren't have been moved to config.h
- # edit that file to set up options.
- #
+--- Makefile.orig	Tue Jan 23 11:49:05 2001
++++ Makefile	Wed Jan 24 20:28:41 2001
+@@ -2,8 +2,8 @@
+ # originally by Matt D. Smith
+ # rewritten by  Rico Gloeckner <mc@verdinet.de>
+ 
 -CC = gcc
 -CFLAGS = -O4 -Wall -DUNIX 
-+CFLAGS += -Wall -DUNIX 
- CFLAGS += -DENGLISH_LANG
- #CFLAGS += -DBULGARIAN_LANG
- #CFLAGS += -DPOLISH_LANG
++CC?= gcc
++CFLAGS+= -Wall -DUNIX 
+ 
+ # uncomment the line below for debuging info
+ #CFLAGS += -g

net/micq/files/patch-ab

@@ -0,0 +1,11 @@
+--- mreadline.c.orig	Tue Jan 23 11:49:05 2001
++++ mreadline.c	Wed Jan 24 22:01:31 2001
+@@ -359,7 +359,7 @@
+               break;
+            }
+         }
+-	sprintf (s, "%s %s/", message_cmd,
++	snprintf (s, sizeof(s), "%s %s/", message_cmd,
+ 		tab_array[tab_pointer]);
+ 	clen = cpos = strlen (s);
+ 	R_undraw();

net/micq/files/patch-ac

@@ -0,0 +1,11 @@
+--- sendmsg.c.orig	Tue Jan 23 11:49:05 2001
++++ sendmsg.c	Wed Jan 24 22:02:47 2001
+@@ -977,7 +977,7 @@
+ {
+    char buf[450];
+    
+-   sprintf( buf, "%s\xFE%s", url, description );
++   snprintf( buf, sizeof(buf), "%s\xFE%s", url, description );
+    icq_sendmsg( sok, uin, buf, URL_MESS );
+ }
+ 

net/micq/files/patch-ad

@@ -0,0 +1,20 @@
+--- util_ui.c.orig	Tue Jan 23 11:49:05 2001
++++ util_ui.c	Wed Jan 24 22:09:24 2001
+@@ -102,7 +102,7 @@
+    assert( 2048 >= strlen( str ) );
+    
+    va_start( args, str );
+-   vsprintf( buf, str, args );
++   vsnprintf( buf, sizeof(buf), str, args );
+    k = write( fd, buf, strlen( buf ) );
+    if ( k != strlen( buf ) )
+    {
+@@ -292,7 +292,7 @@
+    
+    va_start( args, str );
+ #ifndef CURSES_UI
+-   vsprintf( buf, str, args );
++   vsnprintf( buf, sizeof(buf), str, args );
+    str2 = buf;
+    while ( (void *) NULL != ( str1 = strchr( str2, '\x1b' ) ) )
+    {

net/micq/files/patch-ae

@@ -0,0 +1,24 @@
+--- icq_response.c.orig	Tue Jan 23 11:49:05 2001
++++ icq_response.c	Wed Jan 24 22:07:40 2001
+@@ -871,19 +871,12 @@
+       }
+       *tmp = 0;
+       char_conv ("wc",data);
+-// temporaryy fix to buffer overflow
+-// should be solved better -mc
+-//      strcpy (url_desc,data);
+-      url_desc[0] = '\0';
+-      strncat(url_desc,data,sizeof(url_data)-1);
++      strlcpy(url_desc,data,sizeof(url_data));
+ 
+       tmp++;
+       data = tmp;
+       char_conv ("wc",data);
+-// same apllies here --mc
+-//      strcpy (url_data,data);
+-      url_data[0] = '\0';
+-      strncat (url_data,data,sizeof(url_data)-1);
++      strlcpy(url_data,data,sizeof(url_data));
+ 
+ // and again
+ //      sprintf (message,"Description: %s \n                          URL: %s",url_desc,url_data);