Prevent possibly-exploitable buffer overflows coming from long window names.

Submitted by: "Alfredo K. Kojima" <kojima@conectiva.com.br>
svn path=/head/; revision=45418
2025-01-03 06:04:53 +00:00 · 2001-07-24 01:24:12 +00:00 · 2001-07-24 01:24:12 +00:00 · 3c90ea64a0 · 2021-03-31 03:12:20 +00:00
commit 3c90ea64a0
parent 07bb0f1215
2 changed files with 76 additions and 1 deletions
--- a/x11-wm/windowmaker/Makefile
+++ b/x11-wm/windowmaker/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	windowmaker
 PORTVERSION=	0.65.0
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	x11-wm windowmaker
 MASTER_SITES=	${MASTER_SITE_WINDOWMAKER}
 MASTER_SITE_SUBDIR=	beta/srcs
--- a/x11-wm/windowmaker/files/patch-sec1
+++ b/x11-wm/windowmaker/files/patch-sec1
@ -0,0 +1,75 @@
+--- src/switchmenu.c	Thu Apr 19 22:22:42 2001
+++ src/switchmenu.c	Mon Jul 23 14:55:39 2001
+@@ -181,6 +181,7 @@
+     WMenu *switchmenu = scr->switch_menu;
+     WMenuEntry *entry;
+     char title[MAX_MENU_TEXT_LENGTH+6];
+    int len = MAX_MENU_TEXT_LENGTH+6;
+     int i;
+     int checkVisibility = 0;
+ 
+@@ -203,9 +204,9 @@
+ 	    return;
+ 	    
+ 	if (wwin->frame->title)
+-	  sprintf(title, "%s", wwin->frame->title);
+	  snprintf(title, len, "%s", wwin->frame->title);
+ 	else
+-	  sprintf(title, "%s", DEF_WINDOW_TITLE);
+	  snprintf(title, len, "%s", DEF_WINDOW_TITLE);
+ 	t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH);
+ 
+ 	if (IS_OMNIPRESENT(wwin))
+@@ -220,9 +221,9 @@
+ 	entry->flags.indicator = 1;
+ 	entry->rtext = wmalloc(MAX_WORKSPACENAME_WIDTH+8);
+ 	if (IS_OMNIPRESENT(wwin))
+-	    sprintf(entry->rtext, "[*]");
+	    snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[*]");
+ 	else
+-	    sprintf(entry->rtext, "[%s]", 
+	    snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH, "[%s]", 
+ 		    scr->workspaces[wwin->frame->workspace]->name);
+ 
+ 	if (wwin->flags.hidden) {
+@@ -259,9 +260,11 @@
+ 		      wfree(entry->text);
+ 		    
+ 		    if (wwin->frame->title)
+-		      sprintf(title, "%s", wwin->frame->title);
+                        snprintf(title, MAX_MENU_TEXT_LENGTH, "%s",
+                                 wwin->frame->title);
+ 		    else
+-		      sprintf(title, "%s", DEF_WINDOW_TITLE);
+                        snprintf(title, MAX_MENU_TEXT_LENGTH, "%s",
+				 DEF_WINDOW_TITLE);
+ 
+ 		    t = ShrinkString(scr->menu_entry_font, title, MAX_WINDOWLIST_WIDTH);
+ 		    entry->text = t;
+@@ -277,10 +280,11 @@
+ 			int it, ion;
+ 			
+ 			if (IS_OMNIPRESENT(wwin)) {
+-			    sprintf(entry->rtext, "[*]");
+			    snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH,
+				     "[*]");
+ 			} else {
+-			    sprintf(entry->rtext, "[%s]", 
+-				    scr->workspaces[wwin->frame->workspace]->name);
+			    snprintf(entry->rtext, MAX_WORKSPACENAME_WIDTH,
+				     "[%s]", scr->workspaces[wwin->frame->workspace]->name);
+ 			}
+ 
+ 			rt = entry->rtext;
+@@ -361,9 +365,9 @@
+ 	if (wwin->frame->workspace==workspace 
+ 	    && !IS_OMNIPRESENT(wwin)) {
+ 	    if (IS_OMNIPRESENT(wwin))
+-		sprintf(menu->entries[i]->rtext, "[*]");
+		snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[*]");
+ 	    else
+-		sprintf(menu->entries[i]->rtext, "[%s]", 
+		snprintf(menu->entries[i]->rtext, MAX_WORKSPACENAME_WIDTH,"[%s]", 
+ 			scr->workspaces[wwin->frame->workspace]->name);
+ 	    menu->flags.realized = 0;
+ 	}