Date: Mon, 6 Feb 2006 19:07:52 GMT From: Victor Snezhko <snezhko@indorsoft.ru> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/92912: [patch] x11-wm/sawfish2 writes 1 byte beyond allocated memory Message-ID: <200602061907.k16J7q5R053377@www.freebsd.org> Resent-Message-ID: <200602061910.k16JA7sI021283@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 92912
>Category: ports
>Synopsis: [patch] x11-wm/sawfish2 writes 1 byte beyond allocated memory
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Feb 06 19:10:04 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Victor Snezhko
>Release: 7.0-CURRENT
>Organization:
IndorSoft Ltd.
>Environment:
FreeBSD freebsd.indorsoft.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #0: Sat Jan 21 08:03:26 NOVT 2006 root@freebsd.indorsoft.ru:/home/vvs/obj/usr/src/sys/VVS i386
>Description:
src/fonts.c contains the following code:
buf = malloc (len);
memcpy (buf, p + 1, len);
buf[len] = 0;
after the new malloc code has been committed to -current (with debugging enabled by default), sawfish fails to start due to this error.
>How-To-Repeat:
Install x11-wm/sawfish2 on a 7.0-CURRENT box cvsupped after Jan 13, 2006.
It will not start.
>Fix:
we need to add this patch:
vvs@freebsd$ cat /usr/ports/x11-wm/sawfish2/files/patch-src\:\:fonts.c
--- src/fonts.c.orig Tue Feb 7 00:15:27 2006
+++ src/fonts.c Tue Feb 7 00:15:37 2006
@@ -131,7 +131,7 @@
if (end == 0)
end = p + strlen (p);
len = end - (p + 1);
- buf = malloc (len);
+ buf = malloc (len + 1);
memcpy (buf, p + 1, len);
buf[len] = 0;
return buf;
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200602061907.k16J7q5R053377>