From 9b49aa668df269096fe8a5f993ebb575e1f29035 Mon Sep 17 00:00:00 2001
From: robert <robert@openbsd.org>
Date: Fri, 15 Oct 2004 16:51:16 +0000
Subject: [PATCH] SECURITY: upgrade to 2.8.9; BNC contains an input validation
 flaw which might allow a remote attacker to issue arbitrary IRC related
 commands.

---
 net/bnc/Makefile                  |  5 +++--
 net/bnc/distinfo                  |  6 +++---
 net/bnc/patches/patch-Makefile.in | 28 +++++++++++-----------------
 net/bnc/patches/patch-send_c      | 30 ------------------------------
 net/bnc/patches/patch-server_c    | 21 +++++++++++++++++++++
 5 files changed, 38 insertions(+), 52 deletions(-)
 delete mode 100644 net/bnc/patches/patch-send_c
 create mode 100644 net/bnc/patches/patch-server_c

diff --git a/net/bnc/Makefile b/net/bnc/Makefile
index 688c62a9070..f59048ba6bb 100644
--- a/net/bnc/Makefile
+++ b/net/bnc/Makefile
@@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.5 2004/04/18 06:41:11 robert Exp $
+# $OpenBSD: Makefile,v 1.6 2004/10/15 16:51:16 robert Exp $
 
 COMMENT=	"simple IRC relay proxy with support for virtual hosting"
 
 DISTNAME=	${PKGNAME:S,-,,}
-PKGNAME=	bnc-2.8.6
+PKGNAME=	bnc-2.8.9
 CATEGORIES=	net
 MASTER_SITES=	${HOMEPAGE}files/
 
@@ -23,6 +23,7 @@ post-patch:
 		${WRKSRC}/bncsetup > ${WRKSRC}/bncsetup.new
 	@mv ${WRKSRC}/bncsetup.new ${WRKSRC}/bncsetup
 
+ALL_TARGET=	ALL
 NO_REGRESS=	Yes
 
 do-install:
diff --git a/net/bnc/distinfo b/net/bnc/distinfo
index 547baa1b7c1..4035782b23e 100644
--- a/net/bnc/distinfo
+++ b/net/bnc/distinfo
@@ -1,3 +1,3 @@
-MD5 (bnc2.8.6.tar.gz) = c3800ec09f62abf9881b84770fa79362
-RMD160 (bnc2.8.6.tar.gz) = e8d0598a22d1c2b324fc087fc9a373398bc4db2d
-SHA1 (bnc2.8.6.tar.gz) = 19544b83c4e8d558d56621b5001590432de2b4d0
+MD5 (bnc2.8.9.tar.gz) = 4cabd254443c803fc759b1f062e7bedb
+RMD160 (bnc2.8.9.tar.gz) = 7d3b516bf94858e3d717a8c35c89c8de0fcca823
+SHA1 (bnc2.8.9.tar.gz) = 2dc928f10f3679fa3cececa6ad1966b8a8c8fa07
diff --git a/net/bnc/patches/patch-Makefile.in b/net/bnc/patches/patch-Makefile.in
index dcf4b13daa7..372efe76b9a 100644
--- a/net/bnc/patches/patch-Makefile.in
+++ b/net/bnc/patches/patch-Makefile.in
@@ -1,18 +1,12 @@
-$OpenBSD: patch-Makefile.in,v 1.2 2004/04/04 14:19:02 brad Exp $
---- Makefile.in.orig	Thu Apr  1 11:42:53 2004
-+++ Makefile.in	Thu Apr  1 11:43:40 2004
-@@ -1,11 +1,11 @@
- LIBS = @LIBS@
--OPTS = -O3
-+OPTS = @CFLAGS@
- COPT = -Wall
- OOPT =
- STRIP = strip
--CC = gcc
-+CC = @CC@
+$OpenBSD: patch-Makefile.in,v 1.3 2004/10/15 16:51:17 robert Exp $
+--- Makefile.in.orig	Fri Aug 30 15:18:15 2002
++++ Makefile.in	Fri Oct 15 18:28:38 2004
+@@ -1,6 +1,6 @@
+ LIBS=@LIBS@
+-CFLAGS=-O3 -Wall
+-OFLAGS=-O3
++CFLAGS=@CFLAGS@
++OFLAGS=@CFLAGS@
+ CC=@CC@
  
--ALL: bnc mkpasswd
-+all: bnc mkpasswd
- 
- mkpasswd:mkpasswd.c
- 	${CC} ${OPTS} ${COPT} ${LIBS} -o mkpasswd mkpasswd.c
+ ALL: bnc mkpasswd
diff --git a/net/bnc/patches/patch-send_c b/net/bnc/patches/patch-send_c
deleted file mode 100644
index 1de8fc8af0a..00000000000
--- a/net/bnc/patches/patch-send_c
+++ /dev/null
@@ -1,30 +0,0 @@
-$OpenBSD: patch-send_c,v 1.1 2004/04/16 20:27:04 pvalchev Exp $
---- send.c.orig	2004-04-16 14:20:51.000000000 -0600
-+++ send.c	2004-04-16 14:20:53.000000000 -0600
-@@ -175,7 +175,7 @@ reschar:
- 				sign = '\0';
- 				src = buf;
- 				eos = src + 1;
--				*src = va_arg(ap, char);
-+				*src = va_arg(ap, int);	/* char promoted */
- 				goto writeout;
- 			case 's':
- 				src = va_arg(ap, char *);
-@@ -211,7 +211,7 @@ reschar:
- 				goto nosign;
- nosign:
- 				ulval = flags & flaglongint ? va_arg(ap, long)
--				: flags & flagshortint ? (long)(short)va_arg(ap,short)
-+				: flags & flagshortint ? (long)(short)va_arg(ap,int)
- 				: (long)va_arg(ap,int) ;
- 				
- 				goto number;
-@@ -225,7 +225,7 @@ nosign:
- 			case 'd':
- 			case 'i':
- 				ulval = flags & flaglongint ? va_arg(ap, long)
--				: flags & flagshortint ? (long)(short)va_arg(ap,short)
-+				: flags & flagshortint ? (long)(short)va_arg(ap,int)
- 				: (long)va_arg(ap,int) ;
- 				
- 				if((long)ulval < 0)
diff --git a/net/bnc/patches/patch-server_c b/net/bnc/patches/patch-server_c
new file mode 100644
index 00000000000..beae98c13f1
--- /dev/null
+++ b/net/bnc/patches/patch-server_c
@@ -0,0 +1,21 @@
+$OpenBSD: patch-server_c,v 1.1 2004/10/15 16:51:17 robert Exp $
+--- server.c.orig	Fri Oct 15 18:34:12 2004
++++ server.c	Fri Oct 15 18:36:30 2004
+@@ -343,7 +343,7 @@
+ 	
+ 	while(sbuf_getlength(&cptr->sendq) > 0)
+ 	{
+-		msg = sbuf_pagemap(&cptr->sendq, &length);
++		msg = sbuf_pagemap(&cptr->sendq, (size_t *)&length);
+ 		if(msg == NULL)
+ 			break; /*XXX*/
+ 		if(length <= 0)
+@@ -977,7 +977,7 @@
+ 	
+ 	while(sbuf_getlength(sendq) > 0)
+ 	{
+-		msg = sbuf_pagemap(sendq, &length);
++		msg = sbuf_pagemap(sendq, (size_t *)&length);
+ 		if(msg == NULL)
+ 			break; /*XXX*/
+ 		if(length <= 0)