xinit: fix buffer overflow when too many arguments are given

See: https://lists.x.org/archives/xorg-devel/2019-January/057886.html
This commit is contained in:
maxice8 2019-01-20 12:25:54 -02:00 committed by maxice8
parent 8656034768
commit 770e115d39
2 changed files with 48 additions and 8 deletions

View file

@ -0,0 +1,39 @@
Signed-off-by: Tobias Stoeckmann <tobias at stoeckmann.org>
---
xinit.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/xinit.c b/xinit.c
index f826b7a..8efd0be 100644
--- xinit.c
+++ xinit.c
@@ -151,7 +151,6 @@ main(int argc, char *argv[])
register char **ptr;
pid_t pid;
int client_given = 0, server_given = 0;
- int client_args_given = 0, server_args_given = 0;
int start_of_client_args, start_of_server_args;
struct sigaction sa, si;
#ifdef __APPLE__
@@ -174,7 +173,8 @@ main(int argc, char *argv[])
}
start_of_client_args = (cptr - client);
while (argc && strcmp(*argv, "--")) {
- client_args_given++;
+ if (cptr > clientargv + 98)
+ Fatalx("too many client arguments");
*cptr++ = *argv++;
argc--;
}
@@ -202,7 +202,8 @@ main(int argc, char *argv[])
start_of_server_args = (sptr - server);
while (--argc >= 0) {
- server_args_given++;
+ if (sptr > serverargv + 98)
+ Fatalx("too many server arguments");
*sptr++ = *argv++;
}
*sptr = NULL;
--
2.20.1

View file

@ -1,22 +1,23 @@
# Template build file for 'xinit'.
# Template file for 'xinit'
pkgname=xinit
version=1.4.0
revision=3
revision=4
build_style=gnu-configure
configure_args="--with-xinitdir=/etc/X11/xinit"
hostmakedepends="pkg-config"
makedepends="libX11-devel"
short_desc="X init program"
maintainer="Juan RP <xtraeme@voidlinux.org>"
license="MIT"
homepage="http://xorg.freedesktop.org/"
distfiles="${XORG_SITE}/app/${pkgname}-${version}.tar.bz2"
checksum=230835eef2f5978a1e1344928168119373f6df1d0a32c09515e545721ee582ef
conf_files="
/etc/X11/xinit/xinitrc
/etc/X11/xinit/xserverrc
/etc/skel/.xinitrc
/etc/skel/.xsession"
short_desc="X init program"
maintainer="Juan RP <xtraeme@voidlinux.org>"
homepage="http://xorg.freedesktop.org/"
license="MIT"
distfiles="${XORG_SITE}/app/$pkgname-$version.tar.bz2"
checksum=230835eef2f5978a1e1344928168119373f6df1d0a32c09515e545721ee582ef
post_install() {
vinstall ${FILESDIR}/xinitrc 644 etc/skel .xinitrc