Synopsis: Fixes buffer overruns in xterm and Xaw library
NetBSD versions: 1.3, 1.3.1.
Thanks to: XFree86 Project.
Reported by XFree86 Project.

Index: lib/Xaw/XawIm.c
===================================================================
RCS file: /cvsroot/xsrc/xc/lib/Xaw/XawIm.c,v
retrieving revision 1.1.1.2
diff -c -r1.1.1.2 XawIm.c
*** XawIm.c     1997/06/30 12:41:01     1.1.1.2
--- XawIm.c     1998/05/06 06:51:50
***************
*** 53,58 ****
--- 53,59 ----
 in this Software without prior written authorization from the X Consortium.

 */
+ /* $XFree86: xc/lib/Xaw/XawIm.c,v 1.1.1.4.2.1 1998/05/01 04:02:42 dawes Exp $ */

 #include <X11/IntrinsicP.h>
 #include <X11/StringDefs.h>
***************
*** 452,458 ****
     } else {
       for (i = 0; i < ve->im.im_list_num; i++) {
           strcpy(modifiers, "@im=");
!           strcat(modifiers, ve->im.im_list[i]);
           if ((p = XSetLocaleModifiers(modifiers)) != NULL && *p &&
               (xim = XOpenIM(XtDisplay(ve->parent), NULL, NULL, NULL)) != NULL)
               break;
--- 453,459 ----
     } else {
       for (i = 0; i < ve->im.im_list_num; i++) {
           strcpy(modifiers, "@im=");
!           strncat(modifiers, ve->im.im_list[i], sizeof(modifiers) - 5/*strlen("@im=")*/);
           if ((p = XSetLocaleModifiers(modifiers)) != NULL && *p &&
               (xim = XOpenIM(XtDisplay(ve->parent), NULL, NULL, NULL)) != NULL)
               break;
***************
*** 1354,1360 ****
     strcpy(s, p);
     save_s = s;

!     while(1) {
       list[i] = s;
       ss = index(s, ',');
       if (!ss) {
--- 1355,1361 ----
     strcpy(s, p);
     save_s = s;

!     while(i < (sizeof(list) / sizeof(list[0]))) {
       list[i] = s;
       ss = index(s, ',');
       if (!ss) {
***************
*** 1645,1654 ****

     if ((vw = SearchVendorShell(inwidg)) && (ve = GetExtPart(vw)) &&
       ve->im.xim && (p = GetIcTableShared(inwidg, ve)) && p->xic) {
!         return(XwcLookupString(p->xic, event, buffer_return, bytes_buffer,
                                keysym_return, status_return));
     }
!     ret = XLookupString( event, tmp_buf, 64, keysym_return,
                        (XComposeStatus*) status_return );
     for ( i = 0, tmp_p = tmp_buf, buf_p = buffer_return; i < ret; i++ ) {
       *buf_p++ = _Xaw_atowc(*tmp_p++);
--- 1646,1655 ----

     if ((vw = SearchVendorShell(inwidg)) && (ve = GetExtPart(vw)) &&
       ve->im.xim && (p = GetIcTableShared(inwidg, ve)) && p->xic) {
!         return(XwcLookupString(p->xic, event, buffer_return, bytes_buffer/sizeof(wchar_t),
                                keysym_return, status_return));
     }
!     ret = XLookupString( event, tmp_buf, sizeof(tmp_buf), keysym_return,
                        (XComposeStatus*) status_return );
     for ( i = 0, tmp_p = tmp_buf, buf_p = buffer_return; i < ret; i++ ) {
       *buf_p++ = _Xaw_atowc(*tmp_p++);
Index: programs/xterm/Tekproc.c
===================================================================
RCS file: /cvsroot/xsrc/xc/programs/xterm/Tekproc.c,v
retrieving revision 1.1.1.2
diff -c -r1.1.1.2 Tekproc.c
*** Tekproc.c   1997/06/30 14:03:06     1.1.1.2
--- Tekproc.c   1998/05/06 06:52:35
***************
*** 74,79 ****
--- 74,82 ----
 #include <errno.h>
 #include <setjmp.h>
 #include <signal.h>
+
+ #include "xterm.h"
+
 #include "Tekparse.h"
 #include "data.h"
 #include "error.h"
***************
*** 1724,1731 ****
--- 1727,1736 ----


 #ifndef X_NOT_POSIX
+ #ifndef linux
 #define HAS_WAITPID
 #endif
+ #endif

 #ifdef HAS_WAITPID
 #include <sys/wait.h>
***************
*** 1743,1749 ****
       int pid;
 #ifndef HAS_WAITPID
       int waited;
!       int (*chldfunc)();

       chldfunc = signal(SIGCHLD, SIG_DFL);
 #endif
--- 1748,1754 ----
       int pid;
 #ifndef HAS_WAITPID
       int waited;
!       SIGNAL_T (*chldfunc) PROTO((int n));

       chldfunc = signal(SIGCHLD, SIG_DFL);
 #endif
Index: programs/xterm/charproc.c
===================================================================
RCS file: /cvsroot/xsrc/xc/programs/xterm/charproc.c,v
retrieving revision 1.1.1.3
diff -c -r1.1.1.3 charproc.c
*** charproc.c  1997/08/20 06:28:08     1.1.1.3
--- charproc.c  1998/05/06 06:52:35
***************
*** 3774,3780 ****
              *s,
              *ns,
              *end,
-               tmp[1024],
               buf[32];
     XIM               xim = (XIM) NULL;
     XIMStyles  *xim_styles;
--- 3774,3779 ----
***************
*** 3789,3805 ****
       if ((p = XSetLocaleModifiers("@im=none")) != NULL && *p)
           xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL);
     } else {
!       strcpy(tmp, term->misc.input_method);
!       for(ns=s=tmp; ns && *s;) {
           while (*s && isspace(*s)) s++;
           if (!*s) break;
           if ((ns = end = strchr(s, ',')) == 0)
               end = s + strlen(s);
           while (isspace(*end)) end--;
-           *end = '\0';

           strcpy(buf, "@im=");
!           strcat(buf, s);
           if ((p = XSetLocaleModifiers(buf)) != NULL && *p
               && (xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL)) != NULL)
               break;
--- 3788,3805 ----
       if ((p = XSetLocaleModifiers("@im=none")) != NULL && *p)
           xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL);
     } else {
!       for(ns=s=term->misc.input_method; ns && *s;) {
           while (*s && isspace(*s)) s++;
           if (!*s) break;
           if ((ns = end = strchr(s, ',')) == 0)
               end = s + strlen(s);
           while (isspace(*end)) end--;

           strcpy(buf, "@im=");
!           if (end - (s + (sizeof(buf) - 5)) > 0)
!               end = s + (sizeof(buf) - 5);
!           strncat(buf, s, end - s);
!
           if ((p = XSetLocaleModifiers(buf)) != NULL && *p
               && (xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL)) != NULL)
               break;
***************
*** 3824,3831 ****
     }

     found = False;
!     strcpy(tmp, term->misc.preedit_type);
!     for(s = tmp; s && !found;) {
       while (*s && isspace(*s)) s++;
       if (!*s) break;
       if ((ns = end = strchr(s, ',')) != 0)
--- 3824,3830 ----
     }

     found = False;
!     for(s = term->misc.preedit_type; s && !found;) {
       while (*s && isspace(*s)) s++;
       if (!*s) break;
       if ((ns = end = strchr(s, ',')) != 0)
***************
*** 3833,3845 ****
       else
           end = s + strlen(s);
       while (isspace(*end)) end--;
-       *end = '\0';

!       if (!strcmp(s, "OverTheSpot")) {
           input_style = (XIMPreeditPosition | XIMStatusArea);
!       } else if (!strcmp(s, "OffTheSpot")) {
           input_style = (XIMPreeditArea | XIMStatusArea);
!       } else if (!strcmp(s, "Root")) {
           input_style = (XIMPreeditNothing | XIMStatusNothing);
       }
       for (i = 0; (unsigned short)i < xim_styles->count_styles; i++)
--- 3832,3843 ----
       else
           end = s + strlen(s);
       while (isspace(*end)) end--;

!       if (!strncmp(s, "OverTheSpot", end - s)) {
           input_style = (XIMPreeditPosition | XIMStatusArea);
!       } else if (!strncmp(s, "OffTheSpot", end - s)) {
           input_style = (XIMPreeditArea | XIMStatusArea);
!       } else if (!strncmp(s, "Root", end - s)) {
           input_style = (XIMPreeditNothing | XIMStatusNothing);
       }
       for (i = 0; (unsigned short)i < xim_styles->count_styles; i++)
***************
*** 4372,4378 ****
       XtOverrideTranslations(w, original);
       return;
     }
!     (void) sprintf( mapName, "%sKeymap", params[0] );
     (void) strcpy( mapClass, mapName );
     if (islower(mapClass[0])) mapClass[0] = toupper(mapClass[0]);
     XtGetSubresources( w, (XtPointer)&keymap, mapName, mapClass,
--- 4370,4376 ----
       XtOverrideTranslations(w, original);
       return;
     }
!     (void) sprintf( mapName, "%.*sKeymap", (int)sizeof(mapName) - 10, params[0] );
     (void) strcpy( mapClass, mapName );
     if (islower(mapClass[0])) mapClass[0] = toupper(mapClass[0]);
     XtGetSubresources( w, (XtPointer)&keymap, mapName, mapClass,
***************
*** 4790,4796 ****
      * not be set before the widget's realized, so it's tested separately).
      */
     if(screen->colorMode) {
!       if (TextWindow(screen) != 0 && (cc != bg)) {
           /* we might have a colored foreground/background later */
           xgcv.font = screen->fnt_norm->fid;
           mask = (GCForeground | GCBackground | GCFont);
--- 4788,4794 ----
      * not be set before the widget's realized, so it's tested separately).
      */
     if(screen->colorMode) {
!       if (TextWindow(screen) != 0 && (cc != bg) && (cc != fg)) {
           /* we might have a colored foreground/background later */
           xgcv.font = screen->fnt_norm->fid;
           mask = (GCForeground | GCBackground | GCFont);
Index: programs/xterm/main.c
===================================================================
RCS file: /cvsroot/xsrc/xc/programs/xterm/main.c,v
retrieving revision 1.1.1.3
diff -c -r1.1.1.3 main.c
*** main.c      1997/08/20 06:28:15     1.1.1.3
--- main.c      1998/05/06 06:52:35
***************
*** 3467,3473 ****
     int i, n, ncap;
     errstat err;
     struct caplist *cl;
!     char buf[64], numbuf[12];
     struct caplist *capvnew;
     int ttythread();
     int xwatchdogthread();
--- 3467,3473 ----
     int i, n, ncap;
     errstat err;
     struct caplist *cl;
!     char buf[64];
     struct caplist *capvnew;
     int ttythread();
     int xwatchdogthread();
Index: programs/xterm/misc.c
===================================================================
RCS file: /cvsroot/xsrc/xc/programs/xterm/misc.c,v
retrieving revision 1.1.1.2
diff -c -r1.1.1.2 misc.c
*** misc.c      1997/06/30 14:03:25     1.1.1.2
--- misc.c      1998/05/06 06:52:35
***************
*** 48,60 ****
 #include <X11/Xmu/SysUtil.h>
 #include <X11/Xmu/WinUtil.h>

 #include "VTparse.h"
 #include "data.h"
 #include "error.h"
 #include "menu.h"

- #include "xterm.h"
-
 #if XtSpecificationRelease < 6
 #ifndef X_GETTIMEOFDAY
 #define X_GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *)0)
--- 48,60 ----
 #include <X11/Xmu/SysUtil.h>
 #include <X11/Xmu/WinUtil.h>

+ #include "xterm.h"
+
 #include "VTparse.h"
 #include "data.h"
 #include "error.h"
 #include "menu.h"

 #if XtSpecificationRelease < 6
 #ifndef X_GETTIMEOFDAY
 #define X_GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *)0)
***************
*** 515,521 ****
--- 515,523 ----
 #if defined(ALLOWLOGGING) || defined(DEBUG)

 #ifndef X_NOT_POSIX
+ #ifndef linux
 #define HAS_WAITPID
+ #endif
 #endif

 /*

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.