diff options
author | kris <kris@FreeBSD.org> | 2001-07-24 09:24:12 +0800 |
---|---|---|
committer | kris <kris@FreeBSD.org> | 2001-07-24 09:24:12 +0800 |
commit | d600855e47c2f5737e3b6371331d070de13b0a67 (patch) | |
tree | f9f5f58b3f76899e7eb33ec089247ca5950a6a48 | |
parent | 6eef4bc0855e992f8f978531607f1d4d8323caa7 (diff) | |
download | freebsd-ports-gnome-d600855e47c2f5737e3b6371331d070de13b0a67.tar.gz freebsd-ports-gnome-d600855e47c2f5737e3b6371331d070de13b0a67.tar.zst freebsd-ports-gnome-d600855e47c2f5737e3b6371331d070de13b0a67.zip |
Prevent possibly-exploitable buffer overflows coming from long window names.
Submitted by: "Alfredo K. Kojima" <kojima@conectiva.com.br>
-rw-r--r-- | x11-wm/windowmaker/Makefile | 2 | ||||
-rw-r--r-- | x11-wm/windowmaker/files/patch-sec1 | 75 |
2 files changed, 76 insertions, 1 deletions
diff --git a/x11-wm/windowmaker/Makefile b/x11-wm/windowmaker/Makefile index eeecd6c94b51..eaa1080e7669 100644 --- a/x11-wm/windowmaker/Makefile +++ b/x11-wm/windowmaker/Makefile @@ -7,7 +7,7 @@ PORTNAME= windowmaker PORTVERSION= 0.65.0 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= x11-wm windowmaker MASTER_SITES= ${MASTER_SITE_WINDOWMAKER} MASTER_SITE_SUBDIR= beta/srcs diff --git a/x11-wm/windowmaker/files/patch-sec1 b/x11-wm/windowmaker/files/patch-sec1 new file mode 100644 index 000000000000..14cadea6634f --- /dev/null +++ b/x11-wm/windowmaker/files/patch-sec1 @@ -0,0 +1,75 @@ +--- src/switchmenu.c Thu Apr 19 22:22:42 2001 ++++ src/switchmenu.c Mon Jul 23 14:55:39 2001 +@@ -181,6 +181,7 @@ + WMenu *switchmenu = scr->switch_menu; + WMenuEntry *entry; + char title[MAX_MENU_TEXT_LENGTH+6]; ++ int len = MAX_MENU_TEXT_LENGTH+6; + int i; + int checkVisibility = 0; + +@@ -203,9 +204,9 @@ + return; + + if (wwin->frame->title) +- sprintf(title, "%s", wwin->frame->title); ++ snprintf(title, len, "%s", wwin->frame->title); + else +- sprintf(title, "%s", DEF_WINDOW_TITLE); ++ snprintf(title, len, "%s", DEF_WINDOW_TITLE); + t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH); + + if (IS_OMNIPRESENT(wwin)) +@@ -220,9 +221,9 @@ + entry->flags.indicator = 1; + entry->rtext = wmalloc(MAX_WORKSPACENAME_WIDTH+8); + if (IS_OMNIPRESENT(wwin)) +- sprintf(entry->rtext, "[*]"); ++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[*]"); + else +- sprintf(entry->rtext, "[%s]", ++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[%s]", + scr->workspaces[wwin->frame->workspace]->name); + + if (wwin->flags.hidden) { +@@ -259,9 +260,11 @@ + wfree(entry->text); + + if (wwin->frame->title) +- sprintf(title, "%s", wwin->frame->title); ++ snprintf(title, MAX_MENU_TEXT_LENGTH, "%s", ++ wwin->frame->title); + else +- sprintf(title, "%s", DEF_WINDOW_TITLE); ++ snprintf(title, MAX_MENU_TEXT_LENGTH, "%s", ++ DEF_WINDOW_TITLE); + + t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH); + entry->text = t; +@@ -277,10 +280,11 @@ + int it, ion; + + if (IS_OMNIPRESENT(wwin)) { +- sprintf(entry->rtext, "[*]"); ++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, ++ "[*]"); + } else { +- sprintf(entry->rtext, "[%s]", +- scr->workspaces[wwin->frame->workspace]->name); ++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, ++ "[%s]", scr->workspaces[wwin->frame->workspace]->name); + } + + rt = entry->rtext; +@@ -361,9 +365,9 @@ + if (wwin->frame->workspace==workspace + && !IS_OMNIPRESENT(wwin)) { + if (IS_OMNIPRESENT(wwin)) +- sprintf(menu->entries[i]->rtext, "[*]"); ++ snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[*]"); + else +- sprintf(menu->entries[i]->rtext, "[%s]", ++ snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[%s]", + scr->workspaces[wwin->frame->workspace]->name); + menu->flags.realized = 0; + } |