diff options
Diffstat (limited to 'net-irc')
-rw-r--r-- | net-irc/weechat/files/2.7-CVE-2020-8955.patch | 46 | ||||
-rw-r--r-- | net-irc/weechat/weechat-2.7-r2.ebuild (renamed from net-irc/weechat/weechat-2.7-r1.ebuild) | 2 |
2 files changed, 48 insertions, 0 deletions
diff --git a/net-irc/weechat/files/2.7-CVE-2020-8955.patch b/net-irc/weechat/files/2.7-CVE-2020-8955.patch new file mode 100644 index 000000000000..0bad821f9130 --- /dev/null +++ b/net-irc/weechat/files/2.7-CVE-2020-8955.patch @@ -0,0 +1,46 @@ +From 6f4f147d8e86adf9ad34a8ffd7e7f1f23a7e74da Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= <flashcode@flashtux.org> +Date: Sat, 8 Feb 2020 20:24:50 +0100 +Subject: [PATCH] irc: fix crash when receiving a malformed message 324 + (channel mode) + +Thanks to Stuart Nevans Locke for reporting the issue. +--- + ChangeLog.adoc | 1 + + src/plugins/irc/irc-mode.c | 21 ++++++++++++--------- + 2 files changed, 13 insertions(+), 9 deletions(-) + +diff --git a/src/plugins/irc/irc-mode.c b/src/plugins/irc/irc-mode.c +index 2237a344b..e79f0deb7 100644 +--- a/src/plugins/irc/irc-mode.c ++++ b/src/plugins/irc/irc-mode.c +@@ -224,17 +224,20 @@ irc_mode_channel_update (struct t_irc_server *server, + current_arg++; + if (pos[0] == chanmode) + { +- chanmode_found = 1; +- if (set_flag == '+') ++ if (!chanmode_found) + { +- str_mode[0] = pos[0]; +- str_mode[1] = '\0'; +- strcat (new_modes, str_mode); +- if (argument) ++ chanmode_found = 1; ++ if (set_flag == '+') + { +- if (new_args[0]) +- strcat (new_args, " "); +- strcat (new_args, argument); ++ str_mode[0] = pos[0]; ++ str_mode[1] = '\0'; ++ strcat (new_modes, str_mode); ++ if (argument) ++ { ++ if (new_args[0]) ++ strcat (new_args, " "); ++ strcat (new_args, argument); ++ } + } + } + } diff --git a/net-irc/weechat/weechat-2.7-r1.ebuild b/net-irc/weechat/weechat-2.7-r2.ebuild index 37b7a1e45182..82a7c3922fbf 100644 --- a/net-irc/weechat/weechat-2.7-r1.ebuild +++ b/net-irc/weechat/weechat-2.7-r2.ebuild @@ -62,6 +62,8 @@ DOCS="AUTHORS.adoc ChangeLog.adoc Contributing.adoc ReleaseNotes.adoc README.ado # tests need to be fixed to not use system plugins if weechat is already installed RESTRICT="test" +PATCHES=( "${FILESDIR}/${PV}-CVE-2020-8955.patch" ) + pkg_setup() { use python && python-single-r1_pkg_setup } |