Update to 0.90.

Partial audit for string handling. From: Andrew Dalgleish <[email protected]>
avsm · Jun 20, 2004 · 1419106 · 1419106
1 parent 2824d05
commit 1419106
Show file tree

Hide file tree

Showing 31 changed files with 1,676 additions and 27 deletions.
diff --git a/net/bitlbee/Makefile b/net/bitlbee/Makefile
@@ -1,10 +1,9 @@
-# $OpenBSD: Makefile,v 1.10 2004/02/01 07:12:39 pvalchev Exp $
+# $OpenBSD: Makefile,v 1.11 2004/06/20 16:27:49 naddy Exp $
 
-COMMENT=		"IRC proxy to connect to ICQ, AOL, MSN and Jabber"
+COMMENT=	"IRC proxy to connect to AIM, ICQ, Jabber, MSN and Yahoo"
 
-DISTNAME=		bitlbee-0.83
+DISTNAME=		bitlbee-0.90
 CATEGORIES=		net
-#PKGNAME=		${DISTNAME}p1
 
 HOMEPAGE=		http://bitlbee.org
 
@@ -18,22 +17,31 @@ PERMIT_DISTFILES_FTP=	Yes
 
 
 MASTER_SITES=		http://get.bitlbee.org/src/
-MASTER_SITES0=		http://get.bitlbee.org/fink/
-PATCHFILES=		bitlbee-0.83-1-darwin.patch:0
-PATCH_DIST_STRIP=	-p1
 
 DB_DIR?=		/var/bitlbee
 ETCDIR=			${SYSCONFDIR}/bitlbee
 EXAMPLEDIR=		${PREFIX}/share/examples/bitlbee
-DOCS=			${FILESDIR}/user-guide.html
+DOCS=			${WRKSRC}/doc/user-guide.html
 DOCDIR=			${PREFIX}/share/doc/bitlbee/
 BITLBEEUSER=		_bitlbee
 BITLBEEGROUP=		_bitlbee
 ID=			509
 SUBST_VARS=		DB_DIR ETCDIR EXAMPLEDIR DOCDIR \
 			BITLBEEUSER BITLBEEGROUP ID
 
-LIB_DEPENDS=		soup-2.0.0.0::devel/libsoup
+LIB_DEPENDS=		glib-2.0.0.0::devel/glib2
+
+# I am told gnutls does not build on all arches
+# This is only used for connecting to MSN, so I've added a no_msn FLAVOR
+FLAVORS=		no_msn
+FLAVOR?=
+
+.if ${FLAVOR:L:Mno_msn}
+CONFIGURE_ARGS+=	--msn=0
+.else
+LIB_DEPENDS+=		gnutls.8::security/gnutls
+.endif
+
 
 CONFIGURE_STYLE=	simple
 CONFIGURE_ARGS+=	--bindir=${PREFIX}/libexec \
@@ -49,6 +57,10 @@ FAKE_TARGET=		install install-etc
 
 NO_REGRESS=		Yes
 
+# Make sure we use the system snprintf
+post-extract:
+	@rm -f ${WRKSRC}/protocols/snprintf.c
+
 post-install:
 	${INSTALL_DATA_DIR} ${DOCDIR}
 	${INSTALL_DATA} ${DOCS} ${DOCDIR}

diff --git a/net/bitlbee/distinfo b/net/bitlbee/distinfo
@@ -1,6 +1,3 @@
-MD5 (bitlbee-0.83-1-darwin.patch) = 2750a59c02fe963187c479e039edde29
-MD5 (bitlbee-0.83.tar.gz) = d379bb7e6b9e89d8af50d6e1114ee22e
-RMD160 (bitlbee-0.83-1-darwin.patch) = 348c511c31dea2d36bba5b5d3f43bfb0fbb993a5
-RMD160 (bitlbee-0.83.tar.gz) = 4e5ea7714be3fbfc6823614b46d245bd9f934eec
-SHA1 (bitlbee-0.83-1-darwin.patch) = 01f4bbaf7c5f4748828ebcc12e1d4b8ebf32afb6
-SHA1 (bitlbee-0.83.tar.gz) = f553b7b2f5dcc9d453602b99015a1573b3c63bad
+MD5 (bitlbee-0.90.tar.gz) = b6a7093651141e95b6ac78bf3eec95f3
+RMD160 (bitlbee-0.90.tar.gz) = 0c9925704935f5a63c26bc0b4eb393c45fc8b051
+SHA1 (bitlbee-0.90.tar.gz) = 18e4daf9f3efe0d3514635398e015612cb6eb924
diff --git a/net/bitlbee/patches/patch-bitlbee_c b/net/bitlbee/patches/patch-bitlbee_c
@@ -0,0 +1,141 @@
+$OpenBSD: patch-bitlbee_c,v 1.1 2004/06/20 16:27:49 naddy Exp $
+--- bitlbee.c.orig	2004-05-28 08:31:48.000000000 +1000
++++ bitlbee.c	2004-06-09 22:14:42.000000000 +1000
+@@ -314,12 +314,13 @@ int bitlbee_load( irc_t *irc, char* pass
+ 	if( irc->status == USTATUS_IDENTIFIED )
+ 		return( 1 );
+
+-	g_snprintf( s, 511, "%s%s", irc->nick, ".accounts" );
++	g_snprintf( s, sizeof(s), "%s%s", irc->nick, ".accounts" );
+   	path = g_build_path( G_DIR_SEPARATOR_S, global.conf->configdir, s, NULL );
+    	fp = fopen( path, "r" );
+    	g_free( path );
+    	if( !fp ) return( 0 );
+
++	COMPILE_TIME_ASSERT(32 < sizeof(s));
+ 	fscanf( fp, "%32[^\n]s", s );
+ 	if( setpass( irc, password, s ) < 0 )
+ 		return( -1 );
+@@ -328,6 +329,7 @@ int bitlbee_load( irc_t *irc, char* pass
+ 	   account command will not work otherwise. */
+ 	irc->status = USTATUS_IDENTIFIED;
+
++	COMPILE_TIME_ASSERT(511 < sizeof(s));
+ 	while( fscanf( fp, "%511[^\n]s", s ) > 0 )
+ 	{
+ 		fgetc( fp );
+@@ -337,12 +339,14 @@ int bitlbee_load( irc_t *irc, char* pass
+ 	}
+ 	fclose( fp );
+
+-	g_snprintf( s, 511, "%s%s",  irc->nick, ".nicks" );
++	g_snprintf( s, sizeof(s), "%s%s",  irc->nick, ".nicks" );
+ 	path = g_build_path( G_DIR_SEPARATOR_S, global.conf->configdir, s, NULL );
+ 	fp = fopen( path, "r" );
+ 	g_free( path );
+ 	if( !fp ) return( 0 );
+-	while( fscanf( fp, "%s %d %s", s, &proto, nick ) > 0 )
++	COMPILE_TIME_ASSERT(511 < sizeof(s));
++	COMPILE_TIME_ASSERT(24 < sizeof(nick));
++	while( fscanf( fp, "%511s %d %24s", s, &proto, nick ) > 0 )
+ 	{
+ 		http_decode( s );
+ 		nick_set( irc, s, proto, nick );
+@@ -351,7 +355,7 @@ int bitlbee_load( irc_t *irc, char* pass
+
+ 	if( set_getint( IRC, "auto_connect" ) )
+ 	{
+-		strcpy( s, "account on" );	/* Can't do this directly because r_c_s alters the string */
++		strlcpy( s, "account on", sizeof(s) );	/* Can't do this directly because r_c_s alters the string */
+ 		root_command_string( irc, ru, s );
+ 	}
+
+@@ -391,16 +395,16 @@ int bitlbee_save( irc_t *irc )
+ 		return( 0 );
+ 	}
+
+-	g_snprintf( s, 511, "%s%s", irc->nick, ".nicks~" );
++	g_snprintf( s, sizeof(s), "%s%s", irc->nick, ".nicks~" );
+ 	path = g_build_path(G_DIR_SEPARATOR_S, global.conf->configdir, s, NULL);
+ 	fp = fopen( path, "w" );
+ 	if( !fp ) return( 0 );
+ 	while( n )
+ 	{
+-		strcpy( s, n->handle );
+-		s[169] = 0; /* Prevent any overflow (169 ~ 512 / 3) */
+-		http_encode( s );
+-		g_snprintf( s + strlen( s ), 510 - strlen( s ), " %d %s", n->proto, n->nick );
++		strlcpy( s, n->handle, sizeof(s) );
++		s[sizeof(s)/3] = 0; /* Prevent any overflow when expanding to %02X */
++		http_encode( s, sizeof(s) );
++		g_snprintf( s + strlen( s ), sizeof(s)-strlen( s ), " %d %s", n->proto, n->nick );
+ 		if( fprintf( fp, "%s\n", s ) != strlen( s ) + 1 )
+ 		{
+ 			irc_usermsg( irc, "fprintf() wrote too little. Disk full?" );
+@@ -412,7 +416,7 @@ int bitlbee_save( irc_t *irc )
+ 	}
+ 	fclose( fp );
+
+-	g_snprintf( s, 512, "%s%s", irc->nick, ".nicks" );
++	g_snprintf( s, sizeof(s), "%s%s", irc->nick, ".nicks" );
+ 	old_path = g_build_path(G_DIR_SEPARATOR_S, global.conf->configdir, s, NULL);
+ 	if( unlink( old_path ) != 0 )
+ 	{
+@@ -435,7 +439,7 @@ int bitlbee_save( irc_t *irc )
+ 	g_free( old_path );
+
+
+-	g_snprintf( s, 511, "%s%s", irc->nick, ".accounts~" );
++	g_snprintf( s, sizeof(s), "%s%s", irc->nick, ".accounts~" );
+ 	path = g_build_path(G_DIR_SEPARATOR_S, global.conf->configdir, s, NULL);
+ 	fp = fopen( path, "w" );
+ 	if( !fp ) return( 0 );
+@@ -509,7 +513,7 @@ int bitlbee_save( irc_t *irc )
+ 	}
+ 	fclose( fp );
+
+- 	g_snprintf( s, 512, "%s%s", irc->nick, ".accounts" );
++ 	g_snprintf( s, sizeof(s), "%s%s", irc->nick, ".accounts" );
+  	old_path = g_build_path(G_DIR_SEPARATOR_S, global.conf->configdir, s, NULL);
+  	if( unlink( old_path ) != 0 )
+ 	{
+@@ -600,8 +604,9 @@ void http_decode( char *s )
+ {
+ 	char *t;
+ 	int i, j, k;
++	size_t s_len = strlen(s) + 1;
+
+-	t = bitlbee_alloc( strlen( s ) + 1 );
++	t = bitlbee_alloc(s_len);
+
+ 	for( i = j = 0; s[i]; i ++, j ++ )
+ 	{
+@@ -625,24 +630,24 @@ void http_decode( char *s )
+ 	}
+ 	t[j] = 0;
+
+-	strcpy( s, t );
++	strlcpy( s, t, s_len );
+ 	g_free( t );
+ }
+
+ /* Warning: This one explodes the string. Worst-cases can make the string 3x its original size! */
+ /* This fuction is safe, but make sure you call it safely as well! */
+-void http_encode( char *s )
++void http_encode( char *s, size_t s_len )
+ {
+ 	char *t;
+ 	int i, j;
+
+ 	t = g_strdup( s );
+
+-	for( i = j = 0; t[i]; i ++, j ++ )
++	for( i = j = 0; t[i] && j < s_len -1; i ++, j ++ )
+ 	{
+ 		if( t[i] <= ' ' || ((unsigned char *)t)[i] >= 128 || t[i] == '%' )
+ 		{
+-			sprintf( s + j, "%%%02X", t[i] );
++			g_snprintf( s + j, s_len - j, "%%%02X", t[i] );
+ 			j += 2;
+ 		}
+ 		else
diff --git a/net/bitlbee/patches/patch-bitlbee_h b/net/bitlbee/patches/patch-bitlbee_h
@@ -1,8 +1,8 @@
-$OpenBSD: patch-bitlbee_h,v 1.2 2003/10/16 15:00:17 naddy Exp $
+$OpenBSD: patch-bitlbee_h,v 1.3 2004/06/20 16:27:49 naddy Exp $
 Use a more usefull name for the server
---- bitlbee.h.orig	2003-10-15 14:42:47.000000000 +0200
-+++ bitlbee.h	2003-10-15 15:56:58.000000000 +0200
-@@ -51,7 +51,7 @@
+--- bitlbee.h.orig	2004-05-19 05:36:42.000000000 +1000
++++ bitlbee.h	2004-06-09 22:13:56.000000000 +1000
+@@ -79,7 +79,7 @@
 
  #define _( x ) x
 
@@ -11,3 +11,24 @@ Use a more usefull name for the server
  #define ROOT_CHAN "#bitlbee"
  #define ROOT_FN "User manager"
 
+@@ -131,7 +131,7 @@ int root_command( irc_t *irc, char *comm
+ int bitlbee_load( irc_t *irc, char *password );
+ int bitlbee_save( irc_t *irc );
+ double gettime( void );
+-G_MODULE_EXPORT void http_encode( char *s );
++G_MODULE_EXPORT void http_encode( char *s, size_t s_len );
+ G_MODULE_EXPORT void http_decode( char *s );
+
+ void *bitlbee_alloc(size_t size);
+@@ -143,4 +143,11 @@ extern irc_t *IRC;
+ extern global_t global;
+ extern GList *connection_list;
+
++#define COMPILE_TIME_ASSERT(ex) do {\
++typedef char COMPILE_TIME_ASSERTION_FAILURE[(ex) ? 1 : -1];\
++} while(0)
++
++#define FILE_SCOPED_COMPILE_TIME_ASSERT(ex) \
++extern char COMPILE_TIME_ASSERTION_FAILURE[(ex) ? 1 : -1];
++
+ #endif
diff --git a/net/bitlbee/patches/patch-commands_c b/net/bitlbee/patches/patch-commands_c
@@ -0,0 +1,107 @@
+$OpenBSD: patch-commands_c,v 1.1 2004/06/20 16:27:49 naddy Exp $
+--- commands.c.orig	2004-05-12 21:36:25.000000000 +1000
++++ commands.c	2004-06-08 19:59:37.000000000 +1000
+@@ -63,8 +63,8 @@ int cmd_help( irc_t *irc, char **cmd )
+ 	memset( param, 0, sizeof(param) );
+ 	for ( i = 1; (cmd[i] != NULL && ( strlen(param) < (sizeof(param)-1) ) ); i++ ) {
+ 		if ( i != 1 )	// prepend space except for the first parameter
+-			strcat(param, " ");
+-		strncat( param, cmd[i], sizeof(param) - strlen(param) - 1 );
++			strlcat(param, " ", sizeof(param));
++		strlcat( param, cmd[i], sizeof(param));
+ 	}
+
+ 	s = help_get( &(global.help), param );
+@@ -111,6 +111,7 @@ int cmd_register( irc_t *irc, char **cmd
+ {
+ 	int checkie;
+ 	char *path, *file;
++	size_t file_len;
+
+ 	if( global.conf->authmode == AUTHMODE_REGISTERED )
+ 	{
+@@ -118,17 +119,18 @@ int cmd_register( irc_t *irc, char **cmd
+ 		return( 0 );
+ 	}
+
+-	file = (char *) bitlbee_alloc( strlen( irc->nick ) + strlen( ".accounts" ) + 1 );
++	file_len = strlen( irc->nick ) + strlen( ".accounts" ) + 1;
++	file = (char *) bitlbee_alloc( file_len );
+
+-	strcpy( file, irc->nick );
+-	strcat( file, ".accounts" );
++	strlcpy( file, irc->nick,   file_len );
++	strlcat( file, ".accounts", file_len );
+ 	path = g_build_path( G_DIR_SEPARATOR_S, global.conf->configdir, file, NULL );
+
+ 	checkie = g_file_test( path, G_FILE_TEST_EXISTS ) ? 0 : -1 ;
+ 	g_free( path );
+
+-	strcpy( file, irc->nick );
+-	strcat( file, ".nicks" );
++	strlcpy( file, irc->nick, file_len );
++	strlcat( file, ".nicks",  file_len );
+ 	path = g_build_path( G_DIR_SEPARATOR_S, global.conf->configdir, file, NULL );
+
+ 	checkie += g_file_test( path, G_FILE_TEST_EXISTS ) ? 0 : -1;
+@@ -154,11 +156,13 @@ int cmd_drop( irc_t *irc, char **cmd )
+ {
+ 	char *path, *file, s[512];
+ 	FILE *fp;
++	size_t file_len;
+
+-	file = (char *) bitlbee_alloc( strlen( irc->nick ) + strlen( ".accounts" ) + 1 );
++	file_len = strlen( irc->nick ) + strlen( ".accounts" ) + 1;
++	file = (char *) bitlbee_alloc( file_len );
+
+-	strcpy( file, irc->nick );
+-	strcat( file, ".accounts" );
++	strlcpy( file, irc->nick,   file_len );
++	strlcat( file, ".accounts", file_len );
+ 	path = g_build_path( G_DIR_SEPARATOR_S, global.conf->configdir, file, NULL );
+
+ 	fp = fopen( path, "r" );
+@@ -170,6 +174,7 @@ int cmd_drop( irc_t *irc, char **cmd )
+ 		return( 0 );
+ 	}
+
++	COMPILE_TIME_ASSERT(32 < sizeof(s));
+ 	fscanf( fp, "%32[^\n]s", s );
+ 	fclose( fp );
+ 	if( setpass( irc, cmd[1], s ) < 0 )
+@@ -183,8 +188,8 @@ int cmd_drop( irc_t *irc, char **cmd )
+ 	unlink( path );
+ 	g_free( path );
+
+-	strcpy( file, irc->nick );
+-	strcat( file, ".nicks" );
++	strlcpy( file, irc->nick, file_len );
++	strlcat( file, ".nicks",  file_len );
+ 	path = g_build_path( G_DIR_SEPARATOR_S, global.conf->configdir, file, NULL );
+
+ 	unlink( path );
+@@ -676,21 +681,21 @@ int cmd_blist( irc_t *irc, char **cmd )
+
+ 	if( online == 1 ) for( u = irc->users; u; u = u->next ) if( u->gc && u->online && !u->away )
+ 	{
+-		g_snprintf( s, 63, "%s@%s (%s)", u->user, u->host, proto_name[u->gc->user->protocol] );
++		g_snprintf( s, sizeof(s), "%s@%s (%s)", u->user, u->host, proto_name[u->gc->user->protocol] );
+ 		irc_usermsg( irc, "%-16.16s  %-40.40s  %s", u->nick, s, "Online" );
+ 		n_online ++;
+ 	}
+
+ 	if( away == 1 ) for( u = irc->users; u; u = u->next ) if( u->gc && u->online && u->away )
+ 	{
+-		g_snprintf( s, 63, "%s@%s (%s)", u->user, u->host, proto_name[u->gc->user->protocol] );
++		g_snprintf( s, sizeof(s), "%s@%s (%s)", u->user, u->host, proto_name[u->gc->user->protocol] );
+ 		irc_usermsg( irc, "%-16.16s  %-40.40s  %s", u->nick, s, u->away );
+ 		n_away ++;
+ 	}
+
+ 	if( offline == 1 ) for( u = irc->users; u; u = u->next ) if( u->gc && !u->online )
+ 	{
+-		g_snprintf( s, 63, "%s@%s (%s)", u->user, u->host, proto_name[u->gc->user->protocol] );
++		g_snprintf( s, sizeof(s), "%s@%s (%s)", u->user, u->host, proto_name[u->gc->user->protocol] );
+ 		irc_usermsg( irc, "%-16.16s  %-40.40s  %s", u->nick, s, "Offline" );
+ 		n_offline ++;
+ 	}
diff --git a/net/bitlbee/patches/patch-conf_c b/net/bitlbee/patches/patch-conf_c
@@ -0,0 +1,16 @@
+$OpenBSD: patch-conf_c,v 1.1 2004/06/20 16:27:49 naddy Exp $
+--- conf.c.orig	2004-04-05 06:50:52.000000000 +1000
++++ conf.c	2004-06-09 21:17:00.000000000 +1000
+@@ -131,9 +131,10 @@ conf_t *conf_load( int argc, char *argv[
+
+ 	if( conf->configdir[strlen(conf->configdir)-1] != '/' )
+ 	{
+-		char *s = bitlbee_alloc( strlen( conf->configdir ) + 2 );
++		size_t s_len = strlen( conf->configdir ) + 2 ;
++		char *s = bitlbee_alloc( s_len );
+
+-		sprintf( s, "%s/", conf->configdir );
++		g_snprintf( s, s_len, "%s/", conf->configdir );
+ 		g_free( conf->configdir );
+ 		conf->configdir = s;
+ 	}