head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.16 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.14 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.12 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.10 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.8 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.6 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.4 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.2 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.1.0.24 pkgsrc-2008Q2-base:1.1 cwrapper:1.1.0.22 pkgsrc-2008Q1:1.1.0.20 pkgsrc-2008Q1-base:1.1 pkgsrc-2007Q4:1.1.0.18 pkgsrc-2007Q4-base:1.1 pkgsrc-2007Q3:1.1.0.16 pkgsrc-2007Q3-base:1.1 pkgsrc-2007Q2:1.1.0.14 pkgsrc-2007Q2-base:1.1 pkgsrc-2007Q1:1.1.0.12 pkgsrc-2007Q1-base:1.1 pkgsrc-2006Q4:1.1.0.10 pkgsrc-2006Q4-base:1.1 pkgsrc-2006Q3:1.1.0.8 pkgsrc-2006Q3-base:1.1 pkgsrc-2006Q2:1.1.0.6 pkgsrc-2006Q2-base:1.1 pkgsrc-2006Q1:1.1.0.4 pkgsrc-2006Q1-base:1.1 pkgsrc-2005Q4:1.1.0.2; locks; strict; comment @# @; 1.2 date 2008.07.14.23.01.32; author christos; state dead; branches; next 1.1; 1.1 date 2006.01.07.21.08.12; author joerg; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2006.01.07.21.08.12; author salo; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2006.01.08.05.33.48; author salo; state Exp; branches; next ; desc @@ 1.2 log @update to openmotif 2.3.1 @ text @$NetBSD: patch-bk,v 1.1 2006/01/07 21:08:12 joerg Exp $ --- clients/uil/UilSrcSrc.c.orig 2006-01-06 20:50:23.000000000 +0100 +++ clients/uil/UilSrcSrc.c @@@@ -629,8 +629,10 @@@@ open_source_file( XmConst char char buffer[256]; - /* place the file name in the expanded_name buffer */ + if (strlen(c_file_name) >= sizeof(buffer + 1)) + return src_k_open_error; + /* place the file name in the expanded_name buffer */ strcpy(buffer, c_file_name); /* Determine if this is the main file or an include file. */ @ 1.1 log @Fix a number of buffer overflows in OpenMotif's UIL implementation. For non-propolice systems this might be exploitable when the user-provided data (e.g. certain filenames) or the locale files are manipulated. Mostly-found-by: xfocus, see [xfocus-SD-051202] on VulnWatch. Some additional cases are handled which have the same impact. Bump revision. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-bk was added on branch pkgsrc-2005Q4 on 2006-01-07 21:08:12 +0000 @ text @d1 16 @ 1.1.2.2 log @Pullup ticket 1008 - requested by Joerg Sonnenberger security fix for openmotif Revisions pulled up: - pkgsrc/x11/openmotif/Makefile 1.40 - pkgsrc/x11/openmotif/distinfo 1.22 - pkgsrc/x11/openmotif/patches/patch-bj 1.3 - pkgsrc/x11/openmotif/patches/patch-bk 1.1 Module Name: pkgsrc Committed By: joerg Date: Sat Jan 7 21:08:12 UTC 2006 Modified Files: pkgsrc/x11/openmotif: Makefile distinfo Added Files: pkgsrc/x11/openmotif/patches: patch-bj patch-bk Log Message: Fix a number of buffer overflows in OpenMotif's UIL implementation. For non-propolice systems this might be exploitable when the user-provided data (e.g. certain filenames) or the locale files are manipulated. Mostly-found-by: xfocus, see [xfocus-SD-051202] on VulnWatch. Some additional cases are handled which have the same impact. Bump revision. @ text @a0 16 $NetBSD: patch-bk,v 1.1.2.1 2006/01/08 05:33:48 salo Exp $ --- clients/uil/UilSrcSrc.c.orig 2006-01-06 20:50:23.000000000 +0100 +++ clients/uil/UilSrcSrc.c @@@@ -629,8 +629,10 @@@@ open_source_file( XmConst char char buffer[256]; - /* place the file name in the expanded_name buffer */ + if (strlen(c_file_name) >= sizeof(buffer + 1)) + return src_k_open_error; + /* place the file name in the expanded_name buffer */ strcpy(buffer, c_file_name); /* Determine if this is the main file or an include file. */ @