22 lines
994 B
Plaintext
22 lines
994 B
Plaintext
$OpenBSD: patch-src_xdefaults_c,v 1.1.1.1 2010/05/03 16:35:22 dcoppa Exp $
|
|
|
|
Fix possible off-by-one buffer overflows by replacing every call of
|
|
strcpy, strcat, sprintf by respectively strlcpy, strlcat and snprintf.
|
|
-- 2010-04-16 Thomas de Grivel <billitch@gmail.com>
|
|
|
|
diff -ruN rxvt-unicode-9.07.orig/src/xdefaults.C rxvt-unicode-9.07/src/xdefaults.C
|
|
--- src/xdefaults.C.orig Sat Dec 26 11:10:34 2009
|
|
+++ src/xdefaults.C Tue Apr 27 18:13:09 2010
|
|
@@ -555,8 +555,9 @@ rxvt_term::get_options (int argc, const char *const *a
|
|
{
|
|
if (i+1 < argc)
|
|
{
|
|
- char *res = (char *)malloc (strlen (opt) + strlen (argv[++i]) + 6);
|
|
- sprintf (res, "*.%s: %s\n", opt, argv[i]);
|
|
+ size_t size = strlen (opt) + strlen (argv[++i]) + 6;
|
|
+ char *res = (char *)malloc (size);
|
|
+ snprintf (res, size, "*.%s: %s\n", opt, argv[i]);
|
|
XrmPutLineResource (&option_db, res);
|
|
free (res);
|
|
}
|