Bug#715870: [Mayhem] Bug report on esekeyd: esekeyd crashes with exit status 139
Control: tags -1 + patch
The problem seem to be non-robust parsing of input data. The following
patch change the handling to return an error and exit.
diff --git a/src/esekeyd.c b/src/esekeyd.c
index e9cc06b..572dcc4 100644
--- a/src/esekeyd.c
+++ b/src/esekeyd.c
@@ -174,6 +174,10 @@ int main (int argc, char *argv[])
keys = (struct esekey *) realloc (keys, (keycount +1) * sizeof (struct esekey));
separator = strchr(buff, ':');
+ if (NULL == separator) {
+ printf("error locating key separator info\n");
+ return -1;
+ }
keys[keycount].command = (char *) malloc (read - (separator - buff));
memcpy (keys[keycount].command, separator + 1, read - (separator - buff));
separator[0] = '\0';
I do not know the program enough to come up with a sensible error
message, so take that part with a grain of salt. :)
CC to upstream, see <URL: https://bugs.debian.org/715870 > for the original report.
--
Happy hacking
Petter Reinholdtsen
Reply to: