Synopsis: Fixes buffer overruns in xterm and Xaw library
NetBSD versions: 1.3, 1.3.1.
Thanks to: XFree86 Project.
Reported by XFree86 Project.
Index: lib/Xaw/XawIm.c
===================================================================
RCS file: /cvsroot/xsrc/xc/lib/Xaw/XawIm.c,v
retrieving revision 1.1.1.2
diff -c -r1.1.1.2 XawIm.c
*** XawIm.c 1997/06/30 12:41:01 1.1.1.2
--- XawIm.c 1998/05/06 06:51:50
***************
*** 53,58 ****
--- 53,59 ----
in this Software without prior written authorization from the X Consortium.
*/
+ /* $XFree86: xc/lib/Xaw/XawIm.c,v 1.1.1.4.2.1 1998/05/01 04:02:42 dawes Exp $ */
#include <X11/IntrinsicP.h>
#include <X11/StringDefs.h>
***************
*** 452,458 ****
} else {
for (i = 0; i < ve->im.im_list_num; i++) {
strcpy(modifiers, "@im=");
! strcat(modifiers, ve->im.im_list[i]);
if ((p = XSetLocaleModifiers(modifiers)) != NULL && *p &&
(xim = XOpenIM(XtDisplay(ve->parent), NULL, NULL, NULL)) != NULL)
break;
--- 453,459 ----
} else {
for (i = 0; i < ve->im.im_list_num; i++) {
strcpy(modifiers, "@im=");
! strncat(modifiers, ve->im.im_list[i], sizeof(modifiers) - 5/*strlen("@im=")*/);
if ((p = XSetLocaleModifiers(modifiers)) != NULL && *p &&
(xim = XOpenIM(XtDisplay(ve->parent), NULL, NULL, NULL)) != NULL)
break;
***************
*** 1354,1360 ****
strcpy(s, p);
save_s = s;
! while(1) {
list[i] = s;
ss = index(s, ',');
if (!ss) {
--- 1355,1361 ----
strcpy(s, p);
save_s = s;
! while(i < (sizeof(list) / sizeof(list[0]))) {
list[i] = s;
ss = index(s, ',');
if (!ss) {
***************
*** 1645,1654 ****
if ((vw = SearchVendorShell(inwidg)) && (ve = GetExtPart(vw)) &&
ve->im.xim && (p = GetIcTableShared(inwidg, ve)) && p->xic) {
! return(XwcLookupString(p->xic, event, buffer_return, bytes_buffer,
keysym_return, status_return));
}
! ret = XLookupString( event, tmp_buf, 64, keysym_return,
(XComposeStatus*) status_return );
for ( i = 0, tmp_p = tmp_buf, buf_p = buffer_return; i < ret; i++ ) {
*buf_p++ = _Xaw_atowc(*tmp_p++);
--- 1646,1655 ----
if ((vw = SearchVendorShell(inwidg)) && (ve = GetExtPart(vw)) &&
ve->im.xim && (p = GetIcTableShared(inwidg, ve)) && p->xic) {
! return(XwcLookupString(p->xic, event, buffer_return, bytes_buffer/sizeof(wchar_t),
keysym_return, status_return));
}
! ret = XLookupString( event, tmp_buf, sizeof(tmp_buf), keysym_return,
(XComposeStatus*) status_return );
for ( i = 0, tmp_p = tmp_buf, buf_p = buffer_return; i < ret; i++ ) {
*buf_p++ = _Xaw_atowc(*tmp_p++);
Index: programs/xterm/Tekproc.c
===================================================================
RCS file: /cvsroot/xsrc/xc/programs/xterm/Tekproc.c,v
retrieving revision 1.1.1.2
diff -c -r1.1.1.2 Tekproc.c
*** Tekproc.c 1997/06/30 14:03:06 1.1.1.2
--- Tekproc.c 1998/05/06 06:52:35
***************
*** 74,79 ****
--- 74,82 ----
#include <errno.h>
#include <setjmp.h>
#include <signal.h>
+
+ #include "xterm.h"
+
#include "Tekparse.h"
#include "data.h"
#include "error.h"
***************
*** 1724,1731 ****
--- 1727,1736 ----
#ifndef X_NOT_POSIX
+ #ifndef linux
#define HAS_WAITPID
#endif
+ #endif
#ifdef HAS_WAITPID
#include <sys/wait.h>
***************
*** 1743,1749 ****
int pid;
#ifndef HAS_WAITPID
int waited;
! int (*chldfunc)();
chldfunc = signal(SIGCHLD, SIG_DFL);
#endif
--- 1748,1754 ----
int pid;
#ifndef HAS_WAITPID
int waited;
! SIGNAL_T (*chldfunc) PROTO((int n));
chldfunc = signal(SIGCHLD, SIG_DFL);
#endif
Index: programs/xterm/charproc.c
===================================================================
RCS file: /cvsroot/xsrc/xc/programs/xterm/charproc.c,v
retrieving revision 1.1.1.3
diff -c -r1.1.1.3 charproc.c
*** charproc.c 1997/08/20 06:28:08 1.1.1.3
--- charproc.c 1998/05/06 06:52:35
***************
*** 3774,3780 ****
*s,
*ns,
*end,
- tmp[1024],
buf[32];
XIM xim = (XIM) NULL;
XIMStyles *xim_styles;
--- 3774,3779 ----
***************
*** 3789,3805 ****
if ((p = XSetLocaleModifiers("@im=none")) != NULL && *p)
xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL);
} else {
! strcpy(tmp, term->misc.input_method);
! for(ns=s=tmp; ns && *s;) {
while (*s && isspace(*s)) s++;
if (!*s) break;
if ((ns = end = strchr(s, ',')) == 0)
end = s + strlen(s);
while (isspace(*end)) end--;
- *end = '\0';
strcpy(buf, "@im=");
! strcat(buf, s);
if ((p = XSetLocaleModifiers(buf)) != NULL && *p
&& (xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL)) != NULL)
break;
--- 3788,3805 ----
if ((p = XSetLocaleModifiers("@im=none")) != NULL && *p)
xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL);
} else {
! for(ns=s=term->misc.input_method; ns && *s;) {
while (*s && isspace(*s)) s++;
if (!*s) break;
if ((ns = end = strchr(s, ',')) == 0)
end = s + strlen(s);
while (isspace(*end)) end--;
strcpy(buf, "@im=");
! if (end - (s + (sizeof(buf) - 5)) > 0)
! end = s + (sizeof(buf) - 5);
! strncat(buf, s, end - s);
!
if ((p = XSetLocaleModifiers(buf)) != NULL && *p
&& (xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL)) != NULL)
break;
***************
*** 3824,3831 ****
}
found = False;
! strcpy(tmp, term->misc.preedit_type);
! for(s = tmp; s && !found;) {
while (*s && isspace(*s)) s++;
if (!*s) break;
if ((ns = end = strchr(s, ',')) != 0)
--- 3824,3830 ----
}
found = False;
! for(s = term->misc.preedit_type; s && !found;) {
while (*s && isspace(*s)) s++;
if (!*s) break;
if ((ns = end = strchr(s, ',')) != 0)
***************
*** 3833,3845 ****
else
end = s + strlen(s);
while (isspace(*end)) end--;
- *end = '\0';
! if (!strcmp(s, "OverTheSpot")) {
input_style = (XIMPreeditPosition | XIMStatusArea);
! } else if (!strcmp(s, "OffTheSpot")) {
input_style = (XIMPreeditArea | XIMStatusArea);
! } else if (!strcmp(s, "Root")) {
input_style = (XIMPreeditNothing | XIMStatusNothing);
}
for (i = 0; (unsigned short)i < xim_styles->count_styles; i++)
--- 3832,3843 ----
else
end = s + strlen(s);
while (isspace(*end)) end--;
! if (!strncmp(s, "OverTheSpot", end - s)) {
input_style = (XIMPreeditPosition | XIMStatusArea);
! } else if (!strncmp(s, "OffTheSpot", end - s)) {
input_style = (XIMPreeditArea | XIMStatusArea);
! } else if (!strncmp(s, "Root", end - s)) {
input_style = (XIMPreeditNothing | XIMStatusNothing);
}
for (i = 0; (unsigned short)i < xim_styles->count_styles; i++)
***************
*** 4372,4378 ****
XtOverrideTranslations(w, original);
return;
}
! (void) sprintf( mapName, "%sKeymap", params[0] );
(void) strcpy( mapClass, mapName );
if (islower(mapClass[0])) mapClass[0] = toupper(mapClass[0]);
XtGetSubresources( w, (XtPointer)&keymap, mapName, mapClass,
--- 4370,4376 ----
XtOverrideTranslations(w, original);
return;
}
! (void) sprintf( mapName, "%.*sKeymap", (int)sizeof(mapName) - 10, params[0] );
(void) strcpy( mapClass, mapName );
if (islower(mapClass[0])) mapClass[0] = toupper(mapClass[0]);
XtGetSubresources( w, (XtPointer)&keymap, mapName, mapClass,
***************
*** 4790,4796 ****
* not be set before the widget's realized, so it's tested separately).
*/
if(screen->colorMode) {
! if (TextWindow(screen) != 0 && (cc != bg)) {
/* we might have a colored foreground/background later */
xgcv.font = screen->fnt_norm->fid;
mask = (GCForeground | GCBackground | GCFont);
--- 4788,4794 ----
* not be set before the widget's realized, so it's tested separately).
*/
if(screen->colorMode) {
! if (TextWindow(screen) != 0 && (cc != bg) && (cc != fg)) {
/* we might have a colored foreground/background later */
xgcv.font = screen->fnt_norm->fid;
mask = (GCForeground | GCBackground | GCFont);
Index: programs/xterm/main.c
===================================================================
RCS file: /cvsroot/xsrc/xc/programs/xterm/main.c,v
retrieving revision 1.1.1.3
diff -c -r1.1.1.3 main.c
*** main.c 1997/08/20 06:28:15 1.1.1.3
--- main.c 1998/05/06 06:52:35
***************
*** 3467,3473 ****
int i, n, ncap;
errstat err;
struct caplist *cl;
! char buf[64], numbuf[12];
struct caplist *capvnew;
int ttythread();
int xwatchdogthread();
--- 3467,3473 ----
int i, n, ncap;
errstat err;
struct caplist *cl;
! char buf[64];
struct caplist *capvnew;
int ttythread();
int xwatchdogthread();
Index: programs/xterm/misc.c
===================================================================
RCS file: /cvsroot/xsrc/xc/programs/xterm/misc.c,v
retrieving revision 1.1.1.2
diff -c -r1.1.1.2 misc.c
*** misc.c 1997/06/30 14:03:25 1.1.1.2
--- misc.c 1998/05/06 06:52:35
***************
*** 48,60 ****
#include <X11/Xmu/SysUtil.h>
#include <X11/Xmu/WinUtil.h>
#include "VTparse.h"
#include "data.h"
#include "error.h"
#include "menu.h"
- #include "xterm.h"
-
#if XtSpecificationRelease < 6
#ifndef X_GETTIMEOFDAY
#define X_GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *)0)
--- 48,60 ----
#include <X11/Xmu/SysUtil.h>
#include <X11/Xmu/WinUtil.h>
+ #include "xterm.h"
+
#include "VTparse.h"
#include "data.h"
#include "error.h"
#include "menu.h"
#if XtSpecificationRelease < 6
#ifndef X_GETTIMEOFDAY
#define X_GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *)0)
***************
*** 515,521 ****
--- 515,523 ----
#if defined(ALLOWLOGGING) || defined(DEBUG)
#ifndef X_NOT_POSIX
+ #ifndef linux
#define HAS_WAITPID
+ #endif
#endif
/*