diff options
Diffstat (limited to 'x11-wm')
-rw-r--r-- | x11-wm/spectrwm/Makefile | 3 | ||||
-rw-r--r-- | x11-wm/spectrwm/files/ea3e6da-oob-fix.patch | 30 |
2 files changed, 33 insertions, 0 deletions
diff --git a/x11-wm/spectrwm/Makefile b/x11-wm/spectrwm/Makefile index 25208cb97f3c..ebe1e6baa482 100644 --- a/x11-wm/spectrwm/Makefile +++ b/x11-wm/spectrwm/Makefile @@ -4,6 +4,7 @@ PORTNAME= spectrwm DISTVERSIONPREFIX= SPECTRWM_ DISTVERSION= 3_1_0 +PORTREVISION= 1 CATEGORIES= x11-wm MAINTAINER= zeising@FreeBSD.org @@ -36,6 +37,8 @@ CONFEXAMPLES= spectrwm_cz.conf \ SCRIPTEXAMPLES= baraction.sh \ screenshot.sh +EXTRA_PATCHES= ${FILESDIR}/ea3e6da-oob-fix.patch + post-patch: @${REINPLACE_CMD} -e 's|/etc/|${PREFIX}/etc/|g' ${WRKSRC}/spectrwm.* diff --git a/x11-wm/spectrwm/files/ea3e6da-oob-fix.patch b/x11-wm/spectrwm/files/ea3e6da-oob-fix.patch new file mode 100644 index 000000000000..3c539ffae7af --- /dev/null +++ b/x11-wm/spectrwm/files/ea3e6da-oob-fix.patch @@ -0,0 +1,30 @@ +From ea3e6da62247572e92c4ba00f70eab73f6254adf Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann <tobias@stoeckmann.org> +Date: Sat, 14 Oct 2017 10:22:31 +0200 +Subject: [PATCH] Fix OOB while reading bar input. + +If the status bar script returns NUL as the first character through +stdin, spectrwm is prone to an out of boundary access. Depending on +the memory layout of the machine, it could turn into an OOB write. + +The fix is simple: If the string is empty, do not further check for +newline character. + +Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> +--- + spectrwm.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/spectrwm.c b/spectrwm.c +index 9d3ec23..9b0ad2c 100644 +--- spectrwm.c ++++ spectrwm.c +@@ -2761,7 +2761,7 @@ bar_extra_update(void) + while (fgets(b, sizeof(b), stdin) != NULL) { + if (bar_enabled) { + len = strlen(b); +- if (b[len - 1] == '\n') { ++ if (len > 0 && b[len - 1] == '\n') { + /* Remove newline. */ + b[--len] = '\0'; + |