aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2001-07-24 09:24:12 +0800
committerkris <kris@FreeBSD.org>2001-07-24 09:24:12 +0800
commitd600855e47c2f5737e3b6371331d070de13b0a67 (patch)
treef9f5f58b3f76899e7eb33ec089247ca5950a6a48
parent6eef4bc0855e992f8f978531607f1d4d8323caa7 (diff)
downloadfreebsd-ports-gnome-d600855e47c2f5737e3b6371331d070de13b0a67.tar.gz
freebsd-ports-gnome-d600855e47c2f5737e3b6371331d070de13b0a67.tar.zst
freebsd-ports-gnome-d600855e47c2f5737e3b6371331d070de13b0a67.zip
Prevent possibly-exploitable buffer overflows coming from long window names.
Submitted by: "Alfredo K. Kojima" <kojima@conectiva.com.br>
-rw-r--r--x11-wm/windowmaker/Makefile2
-rw-r--r--x11-wm/windowmaker/files/patch-sec175
2 files changed, 76 insertions, 1 deletions
diff --git a/x11-wm/windowmaker/Makefile b/x11-wm/windowmaker/Makefile
index eeecd6c94b51..eaa1080e7669 100644
--- a/x11-wm/windowmaker/Makefile
+++ b/x11-wm/windowmaker/Makefile
@@ -7,7 +7,7 @@
PORTNAME= windowmaker
PORTVERSION= 0.65.0
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= x11-wm windowmaker
MASTER_SITES= ${MASTER_SITE_WINDOWMAKER}
MASTER_SITE_SUBDIR= beta/srcs
diff --git a/x11-wm/windowmaker/files/patch-sec1 b/x11-wm/windowmaker/files/patch-sec1
new file mode 100644
index 000000000000..14cadea6634f
--- /dev/null
+++ b/x11-wm/windowmaker/files/patch-sec1
@@ -0,0 +1,75 @@
+--- src/switchmenu.c Thu Apr 19 22:22:42 2001
++++ src/switchmenu.c Mon Jul 23 14:55:39 2001
+@@ -181,6 +181,7 @@
+ WMenu *switchmenu = scr->switch_menu;
+ WMenuEntry *entry;
+ char title[MAX_MENU_TEXT_LENGTH+6];
++ int len = MAX_MENU_TEXT_LENGTH+6;
+ int i;
+ int checkVisibility = 0;
+
+@@ -203,9 +204,9 @@
+ return;
+
+ if (wwin->frame->title)
+- sprintf(title, "%s", wwin->frame->title);
++ snprintf(title, len, "%s", wwin->frame->title);
+ else
+- sprintf(title, "%s", DEF_WINDOW_TITLE);
++ snprintf(title, len, "%s", DEF_WINDOW_TITLE);
+ t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH);
+
+ if (IS_OMNIPRESENT(wwin))
+@@ -220,9 +221,9 @@
+ entry->flags.indicator = 1;
+ entry->rtext = wmalloc(MAX_WORKSPACENAME_WIDTH+8);
+ if (IS_OMNIPRESENT(wwin))
+- sprintf(entry->rtext, "[*]");
++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[*]");
+ else
+- sprintf(entry->rtext, "[%s]",
++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[%s]",
+ scr->workspaces[wwin->frame->workspace]->name);
+
+ if (wwin->flags.hidden) {
+@@ -259,9 +260,11 @@
+ wfree(entry->text);
+
+ if (wwin->frame->title)
+- sprintf(title, "%s", wwin->frame->title);
++ snprintf(title, MAX_MENU_TEXT_LENGTH, "%s",
++ wwin->frame->title);
+ else
+- sprintf(title, "%s", DEF_WINDOW_TITLE);
++ snprintf(title, MAX_MENU_TEXT_LENGTH, "%s",
++ DEF_WINDOW_TITLE);
+
+ t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH);
+ entry->text = t;
+@@ -277,10 +280,11 @@
+ int it, ion;
+
+ if (IS_OMNIPRESENT(wwin)) {
+- sprintf(entry->rtext, "[*]");
++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH,
++ "[*]");
+ } else {
+- sprintf(entry->rtext, "[%s]",
+- scr->workspaces[wwin->frame->workspace]->name);
++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH,
++ "[%s]", scr->workspaces[wwin->frame->workspace]->name);
+ }
+
+ rt = entry->rtext;
+@@ -361,9 +365,9 @@
+ if (wwin->frame->workspace==workspace
+ && !IS_OMNIPRESENT(wwin)) {
+ if (IS_OMNIPRESENT(wwin))
+- sprintf(menu->entries[i]->rtext, "[*]");
++ snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[*]");
+ else
+- sprintf(menu->entries[i]->rtext, "[%s]",
++ snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[%s]",
+ scr->workspaces[wwin->frame->workspace]->name);
+ menu->flags.realized = 0;
+ }