rxvt/rxvt-2.7.10-security.patch

42 lines
1.0 KiB
Diff
Raw Normal View History

--- src/command.c
+++ src/command.c
@@ -2878,7 +2878,7 @@
unsigned char buf[256];
va_start(arg_ptr, fmt);
- vsprintf((char *)buf, fmt, arg_ptr);
+ vsnprintf((char *)buf, sizeof(buf), fmt, arg_ptr);
va_end(arg_ptr);
rxvt_tt_write(r, buf, (unsigned int)STRLEN(buf));
}
--- src/main.c
+++ src/main.c
@@ -291,10 +291,14 @@
break;
}
# else
+# error Warning, no seteuid/setegid avaliable
switch (mode) {
case IGNORE:
- setuid(getuid());
- setgid(getgid());
+ if (setgid(getgid()) < 0)
+ exit(1);
+ if (setuid(getuid()) < 0)
+ exit(1);
+
/* FALLTHROUGH */
case SAVE:
/* FALLTHROUGH */
--- src/xdefaults.c
+++ src/xdefaults.c
@@ -810,7 +810,7 @@
ptr = ".";
for (i = 0; i < (sizeof(xnames) / sizeof(xnames[0])); i++) {
- sprintf(fname, "%-.*s/%s", sizeof(fname) - STRLEN(xnames[i]) - 2,
+ snprintf(fname, sizeof(fname), "%-.*s/%s", sizeof(fname) - STRLEN(xnames[i]) - 2,
ptr, xnames[i]);
if ((rdb1 = XrmGetFileDatabase(fname)) != NULL) {
XrmMergeDatabases(rdb1, &database);