diff options
| author | Patrick Li <pat@FreeBSD.org> | 2001-12-20 02:24:26 +0000 |
|---|---|---|
| committer | Patrick Li <pat@FreeBSD.org> | 2001-12-20 02:24:26 +0000 |
| commit | d32c57094b34f355e47c05a95ae9d381a5712a71 (patch) | |
| tree | f5c464ee9c327e4a4b2793b001828a27f70e23b9 /sysutils/wmcube-gdk | |
| parent | aba1efa4c34d066198f092afcb510b5563eed899 (diff) | |
| download | ports-d32c57094b34f355e47c05a95ae9d381a5712a71.tar.gz ports-d32c57094b34f355e47c05a95ae9d381a5712a71.zip | |
Further fix a local exploit
Submitted by: corecode <corecode@corecode.ath.cx>
Notes
Notes:
svn path=/head/; revision=51875
Diffstat (limited to 'sysutils/wmcube-gdk')
| -rw-r--r-- | sysutils/wmcube-gdk/Makefile | 1 | ||||
| -rw-r--r-- | sysutils/wmcube-gdk/files/patch-wmcube.c | 65 |
2 files changed, 66 insertions, 0 deletions
diff --git a/sysutils/wmcube-gdk/Makefile b/sysutils/wmcube-gdk/Makefile index 6a3092c55f89..70bab75ab4ef 100644 --- a/sysutils/wmcube-gdk/Makefile +++ b/sysutils/wmcube-gdk/Makefile @@ -7,6 +7,7 @@ PORTNAME= wmcube PORTVERSION= 0.98p2 +PORTREVISION= 1 CATEGORIES= sysutils windowmaker MASTER_SITES= http://www.ne.jp/asahi/linux/timecop/software/ PKGNAMESUFFIX= -gdk diff --git a/sysutils/wmcube-gdk/files/patch-wmcube.c b/sysutils/wmcube-gdk/files/patch-wmcube.c new file mode 100644 index 000000000000..b6026aaa448b --- /dev/null +++ b/sysutils/wmcube-gdk/files/patch-wmcube.c @@ -0,0 +1,65 @@ +--- wmcube.c.orig Tue Aug 28 12:08:13 2001 ++++ wmcube.c Tue Dec 18 14:37:25 2001 +@@ -778,7 +777,7 @@ + newx -= CHAR_WIDTH; + } + +- sprintf(buf, "%02i%%", num); ++ snprintf(buf, 5, "%02i%%", num); + for (i = 0; (c = buf[i]); i++) { + if (c == '%') + copy_xpm_area(60, 0, 7, 9, newx, y); +@@ -1250,7 +1249,7 @@ + exit(0); + } + +- fscanf(fp, "%s", tmp); ++ fscanf(fp, "%63s", tmp); + + if (strcmp(tmp, "WMCUBE_COORDINATES") != 0) { + printf +@@ -1259,7 +1258,7 @@ + exit(0); + } + +- fscanf(fp, "%s", tmp); ++ fscanf(fp, "%63s", tmp); + counter = atoi(tmp); + + while ((strcmp(tmp, "WMCUBE_LINES") != 0) +@@ -1280,7 +1279,7 @@ + fclose(fp); + exit(0); + } +- fscanf(fp, "%s", tmp); ++ fscanf(fp, "%63s", tmp); + + if (feof(fp)) { + printf +@@ -1398,7 +1397,7 @@ + char cpuid[6]; + char check_cpu[6]; + +- sprintf(check_cpu, "cpu%d", which_cpu); ++ snprintf(check_cpu, 6, "cpu%d", which_cpu); + + if ((fp = fopen("/proc/stat", "rb")) == NULL) { + perror("/proc/stat required for this system"); +@@ -1409,7 +1408,7 @@ + return 0; + + for (i = -2; i < which_cpu; i++) { +- fscanf(fp, "%s", cpuid); ++ fscanf(fp, "%5s", cpuid); + } + + if (strcmp(check_cpu, cpuid) != 0) { +@@ -1431,7 +1430,7 @@ + fp = fopen("/proc/stat", "rt"); + + for (i = -2; i < which_cpu; i++) { +- fscanf(fp, "%s %d %d %d %d", cpuid, &cpu, &nice, &system, &idle); ++ fscanf(fp, "%5s %d %d %d %d", cpuid, &cpu, &nice, &system, &idle); + } + + fclose(fp); |