aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2001-07-24 09:57:54 +0800
committerkris <kris@FreeBSD.org>2001-07-24 09:57:54 +0800
commit9741245968a35fc13af5da11b9d43fbfacecfdf3 (patch)
treed569155980dabc27b69b8b0c5091ca329175bcee
parentb639a728ca625feb1dc630d07c1d9fe5ce12f563 (diff)
downloadfreebsd-ports-graphics-9741245968a35fc13af5da11b9d43fbfacecfdf3.tar.gz
freebsd-ports-graphics-9741245968a35fc13af5da11b9d43fbfacecfdf3.tar.zst
freebsd-ports-graphics-9741245968a35fc13af5da11b9d43fbfacecfdf3.zip
Prevent possible buffer overflow from long window titles
-rw-r--r--x11-wm/windowmaker-i18n/Makefile2
-rw-r--r--x11-wm/windowmaker-i18n/files/patch-sec175
2 files changed, 76 insertions, 1 deletions
diff --git a/x11-wm/windowmaker-i18n/Makefile b/x11-wm/windowmaker-i18n/Makefile
index 3fcd2c9ba3d..7c06da56a60 100644
--- a/x11-wm/windowmaker-i18n/Makefile
+++ b/x11-wm/windowmaker-i18n/Makefile
@@ -7,7 +7,7 @@
PORTNAME= windowmaker-i18n
PORTVERSION= 0.65.0
-# PORTREVISION=
+PORTREVISION= 1
CATEGORIES= x11-wm windowmaker
MASTER_SITES= ${MASTER_SITE_WINDOWMAKER}
MASTER_SITE_SUBDIR= beta/srcs
diff --git a/x11-wm/windowmaker-i18n/files/patch-sec1 b/x11-wm/windowmaker-i18n/files/patch-sec1
new file mode 100644
index 00000000000..14cadea6634
--- /dev/null
+++ b/x11-wm/windowmaker-i18n/files/patch-sec1
@@ -0,0 +1,75 @@
+--- src/switchmenu.c Thu Apr 19 22:22:42 2001
++++ src/switchmenu.c Mon Jul 23 14:55:39 2001
+@@ -181,6 +181,7 @@
+ WMenu *switchmenu = scr->switch_menu;
+ WMenuEntry *entry;
+ char title[MAX_MENU_TEXT_LENGTH+6];
++ int len = MAX_MENU_TEXT_LENGTH+6;
+ int i;
+ int checkVisibility = 0;
+
+@@ -203,9 +204,9 @@
+ return;
+
+ if (wwin->frame->title)
+- sprintf(title, "%s", wwin->frame->title);
++ snprintf(title, len, "%s", wwin->frame->title);
+ else
+- sprintf(title, "%s", DEF_WINDOW_TITLE);
++ snprintf(title, len, "%s", DEF_WINDOW_TITLE);
+ t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH);
+
+ if (IS_OMNIPRESENT(wwin))
+@@ -220,9 +221,9 @@
+ entry->flags.indicator = 1;
+ entry->rtext = wmalloc(MAX_WORKSPACENAME_WIDTH+8);
+ if (IS_OMNIPRESENT(wwin))
+- sprintf(entry->rtext, "[*]");
++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[*]");
+ else
+- sprintf(entry->rtext, "[%s]",
++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[%s]",
+ scr->workspaces[wwin->frame->workspace]->name);
+
+ if (wwin->flags.hidden) {
+@@ -259,9 +260,11 @@
+ wfree(entry->text);
+
+ if (wwin->frame->title)
+- sprintf(title, "%s", wwin->frame->title);
++ snprintf(title, MAX_MENU_TEXT_LENGTH, "%s",
++ wwin->frame->title);
+ else
+- sprintf(title, "%s", DEF_WINDOW_TITLE);
++ snprintf(title, MAX_MENU_TEXT_LENGTH, "%s",
++ DEF_WINDOW_TITLE);
+
+ t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH);
+ entry->text = t;
+@@ -277,10 +280,11 @@
+ int it, ion;
+
+ if (IS_OMNIPRESENT(wwin)) {
+- sprintf(entry->rtext, "[*]");
++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH,
++ "[*]");
+ } else {
+- sprintf(entry->rtext, "[%s]",
+- scr->workspaces[wwin->frame->workspace]->name);
++ snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH,
++ "[%s]", scr->workspaces[wwin->frame->workspace]->name);
+ }
+
+ rt = entry->rtext;
+@@ -361,9 +365,9 @@
+ if (wwin->frame->workspace==workspace
+ && !IS_OMNIPRESENT(wwin)) {
+ if (IS_OMNIPRESENT(wwin))
+- sprintf(menu->entries[i]->rtext, "[*]");
++ snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[*]");
+ else
+- sprintf(menu->entries[i]->rtext, "[%s]",
++ snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[%s]",
+ scr->workspaces[wwin->frame->workspace]->name);
+ menu->flags.realized = 0;
+ }