tags 514406 + patch
thanks
Hi,
I read some man pages, looked at the source code and came up with the attached
patched. I noticed that options.c has a function (addExecToCommand()) that
creates a copy of the locker command line if it doesn't contain any semicolons.
This means I only ran into this bug, because my locker contains semicolons!
I patched this function to just always unconditionally copy the string and to
never prepend the locker with 'exec', because stuff like 'a & b', 'a || b' etc
isn't handled. I doubt this will cause any problems, but feel free to come up
with a different fix.
With this patch applied, valgrind doesn't complain about wrong memory usages
anymore.
Uli
P.S.: Thanks to Patrick Matthäi for helping me with this bug mail. CC'd security
on his advice, blame him. ;)
--
"Do you know that books smell like nutmeg or some spice from a foreign land?"
-- Faber in Fahrenheit 451
diff -Nurp xautolock-2.1.orig/src/options.c xautolock-2.1/src/options.c
--- xautolock-2.1.orig/src/options.c 2002-01-15 16:37:33.000000000 +0100
+++ xautolock-2.1/src/options.c 2009-02-07 14:01:47.192402633 +0100
@@ -250,6 +254,8 @@ addExecToCommand (const char** command)
* actually consists of multiple ones, we need to look for `;'
* characters first. We can only err on the safe side here...
*/
+ /* FIXME: This would also need to handle other stuff like e.g. & */
+#if 0
if (!strchr (*command, ';'))
{
char* tmp;
@@ -257,6 +263,14 @@ addExecToCommand (const char** command)
"exec %s", *command);
*command = tmp;
}
+#else
+ /* Create a copy of the string or else XrmDestroyDatabase would free() that
+ * string from underneath us.
+ */
+ char* tmp = newArray (char, strlen (*command) + 1);
+ (void) strcpy (tmp, *command);
+ *command = tmp;
+#endif
}
#endif /* !VMS */
