[pkgsrc/pkgsrc-2004Q1]: pkgsrc/chat/xchat Pull up a security fix to the pkgsr...

[agc <agc%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/a0d5730bcf38
branches:  pkgsrc-2004Q1
changeset: 471401:a0d5730bcf38
user:      agc <agc%pkgsrc.org@localhost>
date:      Tue Apr 27 08:45:22 2004 +0000

description:
Pull up a security fix to the pkgsrc-2004Q1 branch.

Requested by xtraeme in ticket pkgsrc-22.

"Fix XChat's Socks-5 proxy code, see
http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html.
Bump PKGREVISION."

diffstat:

 chat/xchat/distinfo         |   3 ++-
 chat/xchat/patches/patch-aa |  24 ++++++++++++++++++++++++
 2 files changed, 26 insertions(+), 1 deletions(-)

diffs (40 lines):

diff -r 71ced5f5b7e0 -r a0d5730bcf38 chat/xchat/distinfo
--- a/chat/xchat/distinfo       Tue Apr 27 08:30:49 2004 +0000
+++ b/chat/xchat/distinfo       Tue Apr 27 08:45:22 2004 +0000
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.20 2003/01/12 21:49:07 tron Exp $
+$NetBSD: distinfo,v 1.20.6.1 2004/04/27 08:45:22 agc Exp $
 
 SHA1 (xchat-1.8.11.tar.bz2) = 331afd74bc20797c0dec1a7e32fe014efe6cdc0a
 Size (xchat-1.8.11.tar.bz2) = 850453 bytes
+SHA1 (patch-aa) = 98e1efa4e83bcfb76dafeb96176d760738e8021b
 SHA1 (patch-ad) = 7dec0bd4107febc923031b80b75a1a8a36b0255b
 SHA1 (patch-ae) = baee878728bb33317258e43919ccabfcf3fd2f4a
diff -r 71ced5f5b7e0 -r a0d5730bcf38 chat/xchat/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/xchat/patches/patch-aa       Tue Apr 27 08:45:22 2004 +0000
@@ -0,0 +1,24 @@
+# Fix broken Socks5 traversal in xchat <= 2.0.8
+
+http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html
+
+--- src/common/server.c        2004-03-16 15:33:47.000000000 +1100
++++ src/common/server.c        2004-04-05 15:33:15.000000000 +1000
+@@ -1054,7 +1054,7 @@
+       struct sock5_connect1 sc1;
+       unsigned char *sc2;
+       unsigned int packetlen, addrlen;
+-      unsigned char buf[10];
++      unsigned char buf[260];
+ 
+       sc1.version = 5;
+       sc1.nmethods = 1;
+@@ -1095,7 +1095,7 @@
+       {
+               if (recv (sok, buf, 1, 0) != 1)
+                       return 1;
+-              packetlen = buf[0] + 2;
++              packetlen = buf[0] + 2; /* can't exceed 260 */
+               if (recv (sok, buf, packetlen, 0) != packetlen)
+                       return 1;
+       }