Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 151368 Details for
Bug 219750
x11-terms/mrxvt < 0.5.3-r2 X11 Display Security Issue (CVE-2008-1142)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch fixing the security issue
mrxvt-0.5.3-display-security.patch (text/plain), 1.91 KB, created by
Gautam Iyer
on 2008-04-29 20:50:15 UTC
(
hide
)
Description:
Patch fixing the security issue
Filename:
MIME Type:
Creator:
Gautam Iyer
Created:
2008-04-29 20:50:15 UTC
Size:
1.91 KB
patch
obsolete
>Index: src/init.c >=================================================================== >--- src/init.c (revision 265) >+++ src/init.c (working copy) >@@ -1030,38 +1030,38 @@ > /* > * Open display, get options/resources and create the window > */ >- if (IS_NULL(rs[Rs_display_name] = getenv("DISPLAY"))) >- rs[Rs_display_name] = ":0"; >- > rxvt_get_options( r, r_argc, r_argv ); > rxvt_free( r_argv ); /* XXX memory leak? */ > > #ifdef LOCAL_X_IS_UNIX >- if( rs[Rs_display_name][0] == ':' ) >+ /* >+ * 2008-04-29 gi1242: Force UNIX sockets for security (Gentoo Bug #219750) >+ */ >+ if( IS_NULL( rs[Rs_display_name] ) ) >+ rs[Rs_display_name] = getenv( "DISPLAY" ); >+ >+ if( rs[Rs_display_name] && rs[Rs_display_name][0] == ':' ) > { >- int l = 5 + STRLEN(rs[Rs_display_name]); >+ char *val; >+ int l = 5 + STRLEN(rs[Rs_display_name]); > if (l <= 0 || l > 1024) /* possible integer overflow */ > l = 1024; >+ > val = rxvt_malloc(l); >- STRCPY(val, "unix"); >- STRNCAT(val, rs[Rs_display_name], l-5); >- val[l-1] = (char) 0; >- rxvt_msg (DBG_INFO, DBG_INIT, "Open X display %s\n", val); >- r->Xdisplay = XOpenDisplay(val); >- rxvt_free(val); >+ STRCPY( val, "unix"); >+ STRNCAT( val, rs[Rs_display_name], l-5); >+ >+ rs[Rs_display_name] = val; > } >-#endif >+#endif /* LOCAL_X_IS_UNIX */ > >- if (IS_NULL(r->Xdisplay)) >+ rxvt_msg( DBG_INFO, DBG_INIT, "Open X display %s\n", rs[Rs_display_name] ); >+ r->Xdisplay = XOpenDisplay( rs[Rs_display_name] ); >+ if( IS_NULL(r->Xdisplay) ) > { >- rxvt_msg (DBG_INFO, DBG_INIT, "Open X display %s\n", >- rs[Rs_display_name] ? rs[Rs_display_name] : "nil"); >- r->Xdisplay = XOpenDisplay( rs[Rs_display_name] ); >- if (IS_NULL(r->Xdisplay)) >- { >- rxvt_msg (DBG_ERROR, DBG_INIT, "can't open display %s", rs[Rs_display_name] ); >- exit( EXIT_FAILURE ); >- } >+ rxvt_msg( DBG_ERROR, DBG_INIT, "Error opening display %s\n", >+ rs[Rs_display_name] ); >+ exit( EXIT_FAILURE ); > } > >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=151368">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 219750
: 151368
