39 lines
1.1 KiB
Text
39 lines
1.1 KiB
Text
$NetBSD: patch-au,v 1.2 2007/07/19 00:43:40 lkundrak Exp $
|
|
|
|
Part of a fix for CVE-2007-3713.
|
|
|
|
--- src/hooks/jabberhook.cc.orig 2007-07-19 02:34:54.000000000 +0200
|
|
+++ src/hooks/jabberhook.cc
|
|
@@ -36,6 +36,8 @@
|
|
#define DEFAULT_CONFSERV "conference.jabber.org"
|
|
#define PERIOD_KEEPALIVE 30
|
|
|
|
+#define NOTIFBUF 512
|
|
+
|
|
static void jidsplit(const string &jid, string &user, string &host, string &rest) {
|
|
int pos;
|
|
user = jid;
|
|
@@ -887,11 +889,6 @@ void jabberhook::gotsearchresults(xmlnod
|
|
void jabberhook::gotloggedin() {
|
|
xmlnode x;
|
|
|
|
- x = jutil_iqnew(JPACKET__GET, NS_AGENTS);
|
|
- xmlnode_put_attrib(x, "id", "Agent List");
|
|
- jab_send(jc, x);
|
|
- xmlnode_free(x);
|
|
-
|
|
x = jutil_iqnew(JPACKET__GET, NS_ROSTER);
|
|
xmlnode_put_attrib(x, "id", "Roster");
|
|
jab_send(jc, x);
|
|
@@ -1289,8 +1286,9 @@ void jabberhook::gotversion(const imcont
|
|
if(vinfo.size() > 128)
|
|
vinfo.erase(128);
|
|
|
|
- char buf[256];
|
|
- sprintf(buf, _("The remote is using %s"), vinfo.c_str());
|
|
+ char buf[NOTIFBUF];
|
|
+ snprintf(buf, NOTIFBUF, _("The remote is using %s"), vinfo.c_str());
|
|
+ buf[NOTIFBUF-1] = '\0';
|
|
em.store(imnotification(ic, buf));
|
|
}
|
|
}
|