Security fix:

A remotely exploitable buffer overrun has been reported in Epic.
This issue may reportedly be exploited by a malicious server that
supplies an overly long nickname in a CTCP messages, potentially
allowing for execution of arbitrary code in the context of the
client user.
It may be also be possible for a malicious client to send such a
message, but it is likely that the server will limit the length.

ok brad@

net/epic4/Makefile

@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.50 2003/04/15 16:19:03 brad Exp $
+# $OpenBSD: Makefile,v 1.51 2003/11/13 21:11:11 margarida Exp $
 # $FreeBSD: Makefile,v 1.13 1999/03/01 16:18:30 mph Exp $
 
 COMMENT=	"(E)nhanced (P)rogrammable (I)RC-II (C)lient"
@@ -6,6 +6,7 @@ COMMENT=	"(E)nhanced (P)rogrammable (I)RC-II (C)lient"
 VERSION=	1.0.1
 HELP_DATE=	20011030
 DISTNAME=	epic4-${VERSION}
+PKGNAME=	${DISTNAME}p1
 CATEGORIES=	net
 MASTER_SITES=	http://ftp.prbh.org/pub/epic/EPIC4-PRODUCTION/
 MASTER_SITES0=	${MASTER_SITE_BACKUP}

net/epic4/patches/patch-source_ctcp_c

@@ -0,0 +1,13 @@
+$OpenBSD: patch-source_ctcp_c,v 1.1 2003/11/13 21:11:11 margarida Exp $
+--- source/ctcp.c.orig	2000-12-05 00:11:56.000000000 +0000
++++ source/ctcp.c	2003-11-13 17:30:10.000000000 +0000
+@@ -897,7 +897,8 @@ void	send_ctcp (int type, char *to, int 
+ 	int	len;
+ 
+ 	/* Make sure that the final \001 doesnt get truncated */
+-	len = IRCD_BUFFER_SIZE - (12 + strlen(to));
++	if ((len = IRCD_BUFFER_SIZE - (12 + strlen(to))) < 0)
++		return;
+ 	putbuf2 = alloca(len);
+ 
+ 	if (format)