1
#! /bin/sh /usr/share/dpatch/dpatch-run
2
## fedora-security-patch.dpatch by <mithrandi@elvardein.mithrandi.za.net>
4
## All lines beginning with `## DP:' are a description of the patch.
8
diff -urNad centerim-4.22.1~/src/hooks/abstracthook.cc centerim-4.22.1/src/hooks/abstracthook.cc
9
--- centerim-4.22.1~/src/hooks/abstracthook.cc 2007-06-14 00:44:04.000000000 +0200
10
+++ centerim-4.22.1/src/hooks/abstracthook.cc 2007-08-21 22:10:58.959262015 +0200
17
time_t timer_current = time(0);
19
abstracthook::abstracthook(protocolname aproto)
22
void abstracthook::log(logevent ev, ...) {
26
static map<logevent, string> lst;
33
- vsprintf(buf, lst[ev].c_str(), ap);
34
+ vsnprintf(buf, NOTIFBUF, lst[ev].c_str(), ap);
35
+ buf[NOTIFBUF-1] = '\0';
38
face.log((string) "+ [" + conf.getprotocolname(proto) + "] " + buf);
40
if(id > 24 || id < -24) {
44
+ static char buf[32];
45
sprintf(buf, "GMT %s%d:%s", id > 0 ? "-" : "+", abs(id/2), id % 2 == 0 ? "00" : "30");
48
diff -urNad centerim-4.22.1~/src/hooks/aimhook.cc centerim-4.22.1/src/hooks/aimhook.cc
49
--- centerim-4.22.1~/src/hooks/aimhook.cc 2007-08-21 22:10:58.459347743 +0200
50
+++ centerim-4.22.1/src/hooks/aimhook.cc 2007-08-21 22:10:58.959262015 +0200
53
#include "eventmanager.h"
61
fname = conf.getconfigfname("aim-profile");
63
if(access(fname.c_str(), R_OK)) {
65
- sprintf(sbuf, _("I do really enjoy the default AIM profile of centerim %s."), VERSION);
66
+ char sbuf[NOTIFBUF];
67
+ snprintf(sbuf, NOTIFBUF, _("I do really enjoy the default AIM profile of centerim %s."), VERSION);
68
+ sbuf[NOTIFBUF-1] = '\0';
72
diff -urNad centerim-4.22.1~/src/hooks/irchook.cc centerim-4.22.1/src/hooks/irchook.cc
73
--- centerim-4.22.1~/src/hooks/irchook.cc 2007-08-21 22:10:58.459347743 +0200
74
+++ centerim-4.22.1/src/hooks/irchook.cc 2007-08-21 22:10:58.959262015 +0200
81
// ----------------------------------------------------------------------------
86
void irchook::channelfatal(string room, const char *fmt, ...) {
90
vector<channelInfo>::iterator i;
93
- vsprintf(buf, fmt, ap);
94
+ vsnprintf(buf, NOTIFBUF, fmt, ap);
95
+ buf[NOTIFBUF-1] = '\0';
98
if(room.substr(0, 1) != "#")
100
void irchook::nickchanged(void *connection, void *cli, ...) {
104
+ char buf[NOTIFBUF];
107
char *oldnick = va_arg(ap, char *);
108
@@ -1219,7 +1222,8 @@
112
- sprintf(buf, _("The user has changed their nick from %s to %s"), oldnick, newnick);
113
+ snprintf(buf, NOTIFBUF, _("The user has changed their nick from %s to %s"), oldnick, newnick);
114
+ buf[NOTIFBUF-1] = '\0';
115
em.store(imnotification(c, buf));
118
@@ -1255,18 +1259,20 @@
120
void irchook::subreply(void *conn, void *cli, const char * const nick,
121
const char * const command, const char * const args) {
123
+ char buf[NOTIFBUF];
125
if(!strcmp(command, "PING")) {
126
map<string, time_t>::iterator i = irhook.pingtime.find(up(nick));
128
if(i != irhook.pingtime.end()) {
129
- sprintf(buf, _("PING reply from the user: %d second(s)"), time(0)-i->second);
130
+ snprintf(buf, NOTIFBUF, _("PING reply from the user: %d second(s)"), time(0)-i->second);
131
+ buf[NOTIFBUF-1] = '\0';
132
em.store(imnotification(imcontact(nick, irc), buf));
135
} else if(!strcmp(command, "VERSION")) {
136
- sprintf(buf, _("The remote is using %s"), args);
137
+ snprintf(buf, NOTIFBUF, _("The remote is using %s"), args);
138
+ buf[NOTIFBUF-1] = '\0';
139
em.store(imnotification(imcontact(nick, irc), buf));
142
@@ -1379,8 +1385,9 @@
144
uname += (string) " (" + email + ")";
147
- sprintf(buf, _("%s has joined."), uname.c_str());
148
+ char buf[NOTIFBUF];
149
+ snprintf(buf, NOTIFBUF, _("%s has joined."), uname.c_str());
150
+ buf[NOTIFBUF-1] = '\0';
151
em.store(imnotification(imcontact(room, irc), buf));
154
@@ -1397,15 +1404,17 @@
155
if(conf.getourid(irc).nickname != who) {
159
+ char buf[NOTIFBUF];
161
- sprintf(buf, _("%s has left"), who); text = buf;
162
+ snprintf(buf, NOTIFBUF, _("%s has left"), who); text = buf;
163
+ buf[NOTIFBUF-1] = '\0';
167
if(strlen(reason) > 450) reason[450] = 0;
168
text2 = irhook.rushtmlconv( "wk", reason );
169
- sprintf(buf, _("reason: %s"), text2.c_str() );
170
+ snprintf(buf, NOTIFBUF, _("reason: %s"), text2.c_str());
171
+ buf[NOTIFBUF-1] = '\0';
172
text += (string) "; " + buf + ".";
175
@@ -1425,13 +1434,15 @@
177
if(conf.getourid(irc).nickname != who) {
180
+ char buf[NOTIFBUF];
182
- sprintf(buf, _("%s has been kicked by %s"), who, by); text = buf;
183
+ snprintf(buf, NOTIFBUF, _("%s has been kicked by %s"), who, by); text = buf;
184
+ buf[NOTIFBUF-1] = '\0';
188
- sprintf(buf, _("reason: %s"), reason);
189
+ snprintf(buf, NOTIFBUF, _("reason: %s"), reason);
190
+ buf[NOTIFBUF-1] = '\0';
191
text += (string) "; " + buf + ".";
194
@@ -1454,14 +1465,16 @@
199
+ char buf[NOTIFBUF];
200
text = irhook.rushtmlconv( "wk", topic );
201
- sprintf(buf, _("Channel topic now is: %s"), text.c_str());
202
+ snprintf(buf, NOTIFBUF, _("Channel topic now is: %s"), text.c_str());
203
+ buf[NOTIFBUF-1] = '\0';
208
- sprintf(buf, _("set by %s"), author);
209
+ snprintf(buf, NOTIFBUF, _("set by %s"), author);
210
+ buf[NOTIFBUF-1] = '\0';
211
text += (string) "; " + buf + ".";
214
@@ -1478,8 +1491,9 @@
219
- sprintf(buf, _("%s has been opped by %s."), who, by);
220
+ char buf[NOTIFBUF];
221
+ snprintf(buf, NOTIFBUF, _("%s has been opped by %s."), who, by);
222
+ buf[NOTIFBUF-1] = '\0';
223
em.store(imnotification(imcontact(room, irc), buf));
226
@@ -1494,8 +1508,9 @@
231
- sprintf(buf, _("%s has been deopped by %s."), who, by);
232
+ char buf[NOTIFBUF];
233
+ snprintf(buf, NOTIFBUF, _("%s has been deopped by %s."), who, by);
234
+ buf[NOTIFBUF-1] = '\0';
235
em.store(imnotification(imcontact(room, irc), buf));
238
@@ -1508,10 +1523,10 @@
239
char *by = va_arg(ap, char *);
243
- if(by) sprintf(buf, _("%s has opped us."), by);
244
- else strcpy(buf, _("you are an op here"));
246
+ char buf[NOTIFBUF];
247
+ if(by) snprintf(buf, NOTIFBUF, _("%s has opped us."), by);
248
+ else strncpy(buf, _("you are an op here"), NOTIFBUF);
249
+ buf[NOTIFBUF-1] = '\0';
250
em.store(imnotification(imcontact(room, irc), buf));
253
@@ -1523,8 +1538,9 @@
254
char *by = va_arg(ap, char *);
258
- sprintf(buf, _("%s has deopped us."), by);
259
+ char buf[NOTIFBUF];
260
+ snprintf(buf, NOTIFBUF, _("%s has deopped us."), by);
261
+ buf[NOTIFBUF-1] = '\0';
262
em.store(imnotification(imcontact(room, irc), buf));
265
diff -urNad centerim-4.22.1~/src/hooks/jabberhook.cc centerim-4.22.1/src/hooks/jabberhook.cc
266
--- centerim-4.22.1~/src/hooks/jabberhook.cc 2007-08-21 22:10:58.459347743 +0200
267
+++ centerim-4.22.1/src/hooks/jabberhook.cc 2007-08-21 22:10:58.959262015 +0200
269
#define DEFAULT_CONFSERV "conference.jabber.org"
270
#define PERIOD_KEEPALIVE 30
272
+#define NOTIFBUF 512
274
static void jidsplit(const string &jid, string &user, string &host, string &rest) {
277
@@ -1431,8 +1433,9 @@
278
if(vinfo.size() > 128)
282
- sprintf(buf, _("The remote is using %s"), vinfo.c_str());
283
+ char buf[NOTIFBUF];
284
+ snprintf(buf, NOTIFBUF, _("The remote is using %s"), vinfo.c_str());
285
+ buf[NOTIFBUF-1] = '\0';
286
em.store(imnotification(ic, buf));
289
diff -urNad centerim-4.22.1~/src/hooks/ljhook.cc centerim-4.22.1/src/hooks/ljhook.cc
290
--- centerim-4.22.1~/src/hooks/ljhook.cc 2007-06-14 00:44:04.000000000 +0200
291
+++ centerim-4.22.1/src/hooks/ljhook.cc 2007-08-21 22:10:58.959262015 +0200
294
#define PERIOD_FRIENDS 3600
296
+#define NOTIFBUF 512
298
ljhook::ljhook(): abstracthook(livejournal), fonline(false), sdest(0) {
299
fcapabs.insert(hookcapab::nochat);
302
map<string, string> nfriendof;
303
map<string, string>::const_iterator in;
304
vector<string>::iterator il;
306
+ char buf[NOTIFBUF];
308
for(i = 1; i <= count; i++) {
309
username = params[(string) "friendof_" + i2str(i) + "_user"];
312
bd = (string) "http://" + conf.getourid(proto).server + "/users/" + in->first;
314
- snprintf(buf, sizeof(buf), _("The user %s (%s) has added you to his/her friend list\n\nJournal address: %s"),
315
+ snprintf(buf, NOTIFBUF, _("The user %s (%s) has added you to his/her friend list\n\nJournal address: %s"),
316
in->first.c_str(), in->second.c_str(), bd.c_str());
317
+ buf[NOTIFBUF-1] = '\0';
319
em.store(imnotification(self, buf));
322
for(il = friendof.begin(); il != friendof.end(); ) {
323
if(nfriendof.find(*il) == nfriendof.end()) {
324
bd = (string) "http://" + conf.getourid(proto).server + "/users/" + *il;
325
- snprintf(buf, sizeof(buf), _("The user %s has removed you from his/her friend list\n\nJournal address: %s"),
326
+ snprintf(buf, NOTIFBUF, _("The user %s has removed you from his/her friend list\n\nJournal address: %s"),
327
il->c_str(), bd.c_str());
328
+ buf[NOTIFBUF-1] = '\0';
329
em.store(imnotification(self, buf));
331
il = friendof.begin();
332
diff -urNad centerim-4.22.1~/src/hooks/yahoohook.cc centerim-4.22.1/src/hooks/yahoohook.cc
333
--- centerim-4.22.1~/src/hooks/yahoohook.cc 2007-08-21 22:10:58.459347743 +0200
334
+++ centerim-4.22.1/src/hooks/yahoohook.cc 2007-08-21 22:10:58.959262015 +0200
336
#define PERIOD_REFRESH 60
337
#define PERIOD_CLOSE 6
339
+#define NOTIFBUF 512
341
int yahoohook::yfd::connection_tags = 0;
343
char pager_host[255], pager_port[255], filetransfer_host[255],
345
icqconf::imaccount acc = conf.getourid(yahoo);
346
string confname = (string) "#" + room, inviter, text;
347
vector<string>::iterator ic;
349
+ char buf[NOTIFBUF];
352
imcontact cont(confname, yahoo);
353
@@ -864,10 +866,11 @@
357
- sprintf(buf, _("The user %s has invited you to the %s conference, the topic there is: %s"),
358
+ snprintf(buf, NOTIFBUF, _("The user %s has invited you to the %s conference, the topic there is: %s"),
359
yhook.rusconv("wk", inviter).c_str(),
360
yhook.rusconv("wk", room).c_str(),
361
yhook.rusconv("wk", msg).c_str());
362
+ buf[NOTIFBUF-1] = '\0';
364
text = (string) buf + "\n\n" + _("Current conference members are: ");
365
yhook.confmembers[room].push_back(inviter);
366
@@ -896,20 +899,22 @@
368
void yahoohook::conf_userdecline(int id, char *who, char *room, char *msg) {
369
icqcontact *c = clist.get(imcontact((string) "#" + room, yahoo));
371
+ char buf[NOTIFBUF];
374
- sprintf(buf, _("The user %s has declined your invitation to join the conference"), who);
375
+ snprintf(buf, NOTIFBUF, _("The user %s has declined your invitation to join the conference"), who);
376
+ buf[NOTIFBUF-1] = '\0';
377
em.store(imnotification(c, buf));
381
void yahoohook::conf_userjoin(int id, char *who, char *room) {
382
icqcontact *c = clist.get(imcontact((string) "#" + room, yahoo));
384
+ char buf[NOTIFBUF];
387
- sprintf(buf, _("The user %s has joined the conference"), who);
388
+ snprintf(buf, NOTIFBUF, _("The user %s has joined the conference"), who);
389
+ buf[NOTIFBUF-1] = '\0';
391
if(find(yhook.confmembers[room].begin(), yhook.confmembers[room].end(), who) == yhook.confmembers[room].end())
392
yhook.confmembers[room].push_back(who);
393
@@ -920,11 +925,12 @@
395
void yahoohook::conf_userleave(int id, char *who, char *room) {
396
icqcontact *c = clist.get(imcontact((string) "#" + room, yahoo));
398
+ char buf[NOTIFBUF];
399
vector<string>::iterator im;
402
- sprintf(buf, _("The user %s has left the conference"), who);
403
+ snprintf(buf, NOTIFBUF, _("The user %s has left the conference"), who);
404
+ buf[NOTIFBUF-1] = '\0';
405
em.store(imnotification(c, buf));
407
im = find(yhook.confmembers[room].begin(), yhook.confmembers[room].end(), who);
408
@@ -989,10 +995,11 @@
411
void yahoohook::mail_notify(int id, char *from, char *subj, int cnt) {
413
+ char buf[NOTIFBUF];
416
- sprintf(buf, _("+ [yahoo] e-mail from %s, %s"), from, subj);
417
+ snprintf(buf, NOTIFBUF, _("+ [yahoo] e-mail from %s, %s"), from, subj);
418
+ buf[NOTIFBUF-1] = '\0';
420
clist.get(contactroot)->playsound(imevent::email);
422
@@ -1146,11 +1153,12 @@
424
int yahoohook::ylog(char *fmt, ...) {
425
if(conf.getdebug()) {
427
+ char buf[NOTIFBUF];
431
- vsprintf(buf, fmt, ap);
432
+ vsnprintf(buf, NOTIFBUF, fmt, ap);
433
+ buf[NOTIFBUF-1] = '\0';
added
removed
debian/patches/fedora-security-patch.dpatch
