Re: buffer overflow in fonts.c?

From: Janek Kozicki <janek_listy wp pl>
To: sawfish-list gnome org
Subject: Re: buffer overflow in fonts.c?
Date: Fri, 27 Jul 2007 14:31:25 +0200

Yoshiaki Kasahara said:     (by the date of Fri, 27 Jul 2007 17:29:08 +0900 (JST))


> The following patch is for the stock 1.3 release, but it should be
> applied to the svn source, too.
> 
> --- src/fonts.c.orig    Sun Nov  3 22:00:36 2002
> +++ src/fonts.c Wed Feb  8 04:22:13 2006
> @@ -131,7 +131,7 @@
>             if (end == 0)
>                 end = p + strlen (p);
>             len = end - (p + 1);
> -           buf = malloc (len);
> +           buf = malloc (len + 1);
>             memcpy (buf, p + 1, len);
>             buf[len] = 0;
>             return buf;

thanks, better to use one byte more, than to have a buffer overflow.
Applied. But before making 1.3.2 I'll check with valgrind nevertheless,
because from reading the code in this place I'm not 100% sure that
it's needed. If valgrind will say that it's not needed I'll revert it.



> BTW, there is no libglade-xgettext in libglade-2.x.  How can I fix
> po/make-pot ?  It seems that xgettext program can directly parse Glade
> input files.  I have no knowledge how these things work, but how about
> the following patch?
> 
> --- po/make-pot.orig       Fri Jul 27 17:17:35 2007                
> +++ po/make-pot    Fri Jul 27 17:23:48 2007
> @@ -36,13 +36,12 @@
>  fi
>  
>  lisp_c=.$$.lisp.c
> -glade_c=.$$.glade.c
>  
>  ./sawfish-xgettext --doc-file=../DOC --c $REP_SRCS >$lisp_c
> -libglade-xgettext --c $GLADE_SRCS >$glade_c
>  
> -xgettext --add-comments -a --no-location $lisp_c $glade_c
> +xgettext --add-comments -a --no-location $lisp_c 
> +xgettext -j $GLADE_SRCS
>  mv -f messages.po sawfish.pot
>  
> -rm -f $lisp_c $glade_c
> +rm -f $lisp_c

honestly I can't understand this patch, so I won't apply this unless
some other people confirm (or explain) why this is necessary. I'll
remember about it though, and if the problem resurfaces later I hope
to recognize it. Any comments?

I'm about to make the 1.3.1 release, finally! :-)

-- 
Janek Kozicki                                                         |

Follow-Ups:
- Re: buffer overflow in fonts.c?
  - From: Yoshiaki Kasahara

References:
- buffer overflow in fonts.c?
  - From: Yoshiaki Kasahara

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]