diff options
| author | Patrick Li <pat@FreeBSD.org> | 2001-12-20 02:24:26 +0000 | 
|---|---|---|
| committer | Patrick Li <pat@FreeBSD.org> | 2001-12-20 02:24:26 +0000 | 
| commit | d32c57094b34f355e47c05a95ae9d381a5712a71 (patch) | |
| tree | f5c464ee9c327e4a4b2793b001828a27f70e23b9 | |
| parent | A minor correction to the English (diff) | |
Further fix a local exploit
Submitted by:	corecode <corecode@corecode.ath.cx>
| -rw-r--r-- | sysutils/wmcube-gdk/Makefile | 1 | ||||
| -rw-r--r-- | sysutils/wmcube-gdk/files/patch-wmcube.c | 65 | 
2 files changed, 66 insertions, 0 deletions
| diff --git a/sysutils/wmcube-gdk/Makefile b/sysutils/wmcube-gdk/Makefile index 6a3092c55f89..70bab75ab4ef 100644 --- a/sysutils/wmcube-gdk/Makefile +++ b/sysutils/wmcube-gdk/Makefile @@ -7,6 +7,7 @@  PORTNAME=	wmcube  PORTVERSION=	0.98p2 +PORTREVISION=	1  CATEGORIES=	sysutils windowmaker  MASTER_SITES=	http://www.ne.jp/asahi/linux/timecop/software/  PKGNAMESUFFIX=	-gdk diff --git a/sysutils/wmcube-gdk/files/patch-wmcube.c b/sysutils/wmcube-gdk/files/patch-wmcube.c new file mode 100644 index 000000000000..b6026aaa448b --- /dev/null +++ b/sysutils/wmcube-gdk/files/patch-wmcube.c @@ -0,0 +1,65 @@ +--- wmcube.c.orig	Tue Aug 28 12:08:13 2001 ++++ wmcube.c	Tue Dec 18 14:37:25 2001 +@@ -778,7 +777,7 @@ + 	newx -= CHAR_WIDTH; +     } +  +-    sprintf(buf, "%02i%%", num); ++    snprintf(buf, 5, "%02i%%", num); +     for (i = 0; (c = buf[i]); i++) { + 	if (c == '%') + 	    copy_xpm_area(60, 0, 7, 9, newx, y); +@@ -1250,7 +1249,7 @@ + 	exit(0); +     } +  +-    fscanf(fp, "%s", tmp); ++    fscanf(fp, "%63s", tmp); +  +     if (strcmp(tmp, "WMCUBE_COORDINATES") != 0) { + 	printf +@@ -1259,7 +1258,7 @@ + 	exit(0); +     } +  +-    fscanf(fp, "%s", tmp); ++    fscanf(fp, "%63s", tmp); +     counter = atoi(tmp); +  +     while ((strcmp(tmp, "WMCUBE_LINES") != 0) +@@ -1280,7 +1279,7 @@ + 	    fclose(fp); + 	    exit(0); + 	} +-	fscanf(fp, "%s", tmp); ++	fscanf(fp, "%63s", tmp); +  + 	if (feof(fp)) { + 	    printf +@@ -1398,7 +1397,7 @@ +     char cpuid[6]; +     char check_cpu[6]; +  +-    sprintf(check_cpu, "cpu%d", which_cpu); ++    snprintf(check_cpu, 6, "cpu%d", which_cpu); +  +     if ((fp = fopen("/proc/stat", "rb")) == NULL) { + 	perror("/proc/stat required for this system"); +@@ -1409,7 +1408,7 @@ + 	return 0; +  +     for (i = -2; i < which_cpu; i++) { +-	fscanf(fp, "%s", cpuid); ++	fscanf(fp, "%5s", cpuid); +     } +  +     if (strcmp(check_cpu, cpuid) != 0) { +@@ -1431,7 +1430,7 @@ +     fp = fopen("/proc/stat", "rt"); +  +     for (i = -2; i < which_cpu; i++) { +-	fscanf(fp, "%s %d %d %d %d", cpuid, &cpu, &nice, &system, &idle); ++	fscanf(fp, "%5s %d %d %d %d", cpuid, &cpu, &nice, &system, &idle); +     } +  +     fclose(fp); | 
