diff options
| author | Kris Kennaway <kris@FreeBSD.org> | 2001-07-24 01:24:12 +0000 |
|---|---|---|
| committer | Kris Kennaway <kris@FreeBSD.org> | 2001-07-24 01:24:12 +0000 |
| commit | 3c90ea64a0bfa031662fb17a14480236dcd11661 (patch) | |
| tree | ef43b483946efa1af37a8431c477b0ea66916327 /x11-wm | |
| parent | Upgrade to version 4.1.9 (diff) | |
Prevent possibly-exploitable buffer overflows coming from long window names.
Submitted by: "Alfredo K. Kojima" <kojima@conectiva.com.br>
Notes
Notes:
svn path=/head/; revision=45418
Diffstat (limited to 'x11-wm')
| -rw-r--r-- | x11-wm/windowmaker/Makefile | 2 | ||||
| -rw-r--r-- | x11-wm/windowmaker/files/patch-sec1 | 75 |
2 files changed, 76 insertions, 1 deletions
diff --git a/x11-wm/windowmaker/Makefile b/x11-wm/windowmaker/Makefile index eeecd6c94b51..eaa1080e7669 100644 --- a/x11-wm/windowmaker/Makefile +++ b/x11-wm/windowmaker/Makefile @@ -7,7 +7,7 @@ PORTNAME= windowmaker PORTVERSION= 0.65.0 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= x11-wm windowmaker MASTER_SITES= ${MASTER_SITE_WINDOWMAKER} MASTER_SITE_SUBDIR= beta/srcs diff --git a/x11-wm/windowmaker/files/patch-sec1 b/x11-wm/windowmaker/files/patch-sec1 new file mode 100644 index 000000000000..14cadea6634f --- /dev/null +++ b/x11-wm/windowmaker/files/patch-sec1 @@ -0,0 +1,75 @@ +--- src/switchmenu.c Thu Apr 19 22:22:42 2001 ++++ src/switchmenu.c Mon Jul 23 14:55:39 2001 +@@ -181,6 +181,7 @@ + WMenu *switchmenu = scr->switch_menu; + WMenuEntry *entry; + char title[MAX_MENU_TEXT_LENGTH+6]; ++ int len = MAX_MENU_TEXT_LENGTH+6; + int i; + int checkVisibility = 0; + +@@ -203,9 +204,9 @@ + return; + + if (wwin->frame->title) +- sprintf(title, "%s", wwin->frame->title); ++ snprintf(title, len, "%s", wwin->frame->title); + else +- sprintf(title, "%s", DEF_WINDOW_TITLE); ++ snprintf(title, len, "%s", DEF_WINDOW_TITLE); + t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH); + + if (IS_OMNIPRESENT(wwin)) +@@ -220,9 +221,9 @@ + entry->flags.indicator = 1; + entry->rtext = wmalloc(MAX_WORKSPACENAME_WIDTH+8); + if (IS_OMNIPRESENT(wwin)) +- sprintf(entry->rtext, "[*]"); ++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[*]"); + else +- sprintf(entry->rtext, "[%s]", ++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[%s]", + scr->workspaces[wwin->frame->workspace]->name); + + if (wwin->flags.hidden) { +@@ -259,9 +260,11 @@ + wfree(entry->text); + + if (wwin->frame->title) +- sprintf(title, "%s", wwin->frame->title); ++ snprintf(title, MAX_MENU_TEXT_LENGTH, "%s", ++ wwin->frame->title); + else +- sprintf(title, "%s", DEF_WINDOW_TITLE); ++ snprintf(title, MAX_MENU_TEXT_LENGTH, "%s", ++ DEF_WINDOW_TITLE); + + t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH); + entry->text = t; +@@ -277,10 +280,11 @@ + int it, ion; + + if (IS_OMNIPRESENT(wwin)) { +- sprintf(entry->rtext, "[*]"); ++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, ++ "[*]"); + } else { +- sprintf(entry->rtext, "[%s]", +- scr->workspaces[wwin->frame->workspace]->name); ++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, ++ "[%s]", scr->workspaces[wwin->frame->workspace]->name); + } + + rt = entry->rtext; +@@ -361,9 +365,9 @@ + if (wwin->frame->workspace==workspace + && !IS_OMNIPRESENT(wwin)) { + if (IS_OMNIPRESENT(wwin)) +- sprintf(menu->entries[i]->rtext, "[*]"); ++ snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[*]"); + else +- sprintf(menu->entries[i]->rtext, "[%s]", ++ snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[%s]", + scr->workspaces[wwin->frame->workspace]->name); + menu->flags.realized = 0; + } |