Please accept dwm-tools
Hi,
slock in dwm-tools does have a potential buffer overflow. Upload for sid
is already done, the one for testing is ready too. Please allow me to
upload it, debdiff is attached.
--
Address: Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email: daniel.baumann@panthera-systems.net
Internet: http://people.panthera-systems.net/~daniel-baumann/
diff -u dwm-tools-2/debian/changelog dwm-tools-2/debian/changelog
--- dwm-tools-2/debian/changelog
+++ dwm-tools-2/debian/changelog
@@ -1,3 +1,9 @@
+dwm-tools (2-3) testing; urgency=high
+
+ * Applied 98-slock-bo.patch from slock 0.4 to fix potential buffer overflow.
+
+ -- Daniel Baumann <daniel@debian.org> Sat, 13 Jan 2007 15:46:00 +0100
+
dwm-tools (2-2) testing; urgency=medium
* Applied 99-utf.patch from dmenu 1.6 to fix utf support (Closes: #402816).
diff -u dwm-tools-2/debian/patches/00list dwm-tools-2/debian/patches/00list
--- dwm-tools-2/debian/patches/00list
+++ dwm-tools-2/debian/patches/00list
@@ -1 +1,2 @@
+98-slock-bo
99-dmenu-utf
only in patch2:
unchanged:
--- dwm-tools-2.orig/debian/patches/98-slock-bo.dpatch
+++ dwm-tools-2/debian/patches/98-slock-bo.dpatch
@@ -0,0 +1,28 @@
+#!/bin/sh /usr/share/dpatch/dpatch-run
+## 98-slock-bo.dpatch by Anselm R. Garbe <garbeam@gmail.com>
+##
+## DP: Fixes potential buffer overflow (taken from slock 0.4).
+
+@DPATCH@
+
+diff -Naur dwm-tools-2.orig/slock-0.3/slock.c dwm-tools-2/slock-0.3/slock.c
+--- dwm-tools-2.orig/slock-0.3/slock.c 2006-11-03 10:35:35.000000000 +0000
++++ dwm-tools-2/slock-0.3/slock.c 2007-01-13 13:10:33.000000000 +0000
+@@ -102,7 +102,7 @@
+ while(running && !XNextEvent(dpy, &ev))
+ if(ev.type == KeyPress) {
+ buf[0] = 0;
+- num = XLookupString(&ev.xkey, buf, sizeof(buf), &ksym, 0);
++ num = XLookupString(&ev.xkey, buf, sizeof buf, &ksym, 0);
+ if(IsFunctionKey(ksym) || IsKeypadKey(ksym)
+ || IsMiscFunctionKey(ksym) || IsPFKey(ksym)
+ || IsPrivateKeypadKey(ksym))
+@@ -122,7 +122,7 @@
+ --len;
+ break;
+ default:
+- if(num && !iscntrl((int) buf[0])) {
++ if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) {
+ memcpy(passwd + len, buf, num);
+ len += num;
+ }
Reply to: