Code Patches

***LINE***



Jun 2nd, 2002:
Affected versions: 1.3.4
Severity: Major

 A bug was found that could crash the talker on certain linux machines, and possibly other OSes.
The bug has to do with .smail.

Fix:
Download 1.3.5 OR
Apply this patch by putting the downloaded file in the srcfiles directory, and typing:
patch -p1 < ncohafmuta-1.3.4-smail-patch.txt
A recompile is required after the patch is done.


Aug 25th, 1999:
Affected versions: All up to and including 1.2.2a-pl3
Severity: Minor

 A bug was found that could crash the talker on linux machines, and possibly other OSes.
The bug has to do with the use of the .wlog command with an excessively long input string. The severity is minor because of the restriction of .wlog with inpstr to trusted users/wizards.

Fix:
SEARCH once in the code for "warning(int user, char *inpstr)"
15 or so lines down there will be a line that says:
sscanf(inpstr,"%s ",other_user2);
Add the following code UNDER that line:
other_user2[80]=0;

Jul 12th, 1999:
Affected versions: All up to and including 1.2.2a-pl1
Severity: Minor

 A bug was found that could crash the talker on linux machines, and possibly other OSes.
The bug has to do with the use of the .site command with an input string of . or .. The severity is minor because of the restriction of .site to trusted users/wizards.

Fix:
SEARCH once in the code for "in from %s"
5 or so lines up there will be a line that says:
if (!found) {
Add the following code UNDER that line:
/* plug security hole */
if (check_fname(inpstr,user))
{
write_str(user,"Illegal name.");
return;
}

Jul 12th, 1999:
Affected versions: from 1.2.1 up to and including 1.2.2a-pl1
Severity: Major

 A bug was found that could crash the talker on linux, and possibly other OSes.
The bug has to do with the use of any multi- command (tell, semote, etc..) The bug is triggered by issuing a multi- command with a , (comma) as the last character of the input string. This produces a blank username in the multi-user array and causes the talker to try and read the datafile of said blank username

Fix:
SEARCH once in the code for "int read_user"
10 or so lines down there will be a line that says:
buff1[0]=0;
Add the following line of code UNDER that line:
if (!strlen(name)) return 0;
SEARCH once in the code for "int read_to_user"
10 or so lines down there will be a line that says:
buff1[0]=0;
Add the following line of code UNDER that line:
if (!strlen(name)) return 0;



Go back to the main page.