Dan Espen schreef: > Alwin <translati...@ziggo.nl> writes: > >> Dear List, >> >> I would like to report a crash in FVWM 2.6.5. According to the logs, >> it's a possible buffer overflow. I'm using FVWM-Crystal 3.4.0 SVN >> rev. 767, X.Org server 1.16.4 and Gentoo Linux. >> >> The logs are huge, so it might be a good idea to only copy the >> relevant parts in-line from the attached gzipped files: >> config.log, build.log, session.log and backtrace.txt. >> >> The crash happens when the Volume+ or Volume- button is pressed >> on the keyboard. These are common Multimedia Keys which generate the >> XF86AudioRaiseVolume and XF86AudioLowerVolume KeySyms, and have auto >> repeat enabled by default. The KeySyms have key bindings in >> FVWM-Crystal: see 'Change-Volume-Down' function in the session.log. >> It decreases the volume, and prints the volume level on screen, >> using a function called 'FvwmButtons-Tooltip-Volume' in the >> session.log. >> >> When these buttons are pressed for about 3 seconds too long, after >> the volume reached 0% (or 100%) already, then FVWM is aborted with >> this log message: >> >> *** buffer overflow detected ***: fvwm terminated >> >> The backtrace leads to the tooltip print function, which might be the >> problem here: >> >> #10 0x0000000000437c89 in sprintf (__fmt=0x4a2898 "%d", >> __s=0x7ffc22de1290 "10wmButtons-Tooltip-Volume (99)") at >> /usr/include/bits/stdio2.h:33 >> >> >> Please let me know if more information is needed, or to test a patch. > > Looks to me like this line in add_window.c: > > char win_name_len[MAX_WINDOW_NAME_NUMBER_DIGITS]; > > should be: > > char win_name_len[MAX_WINDOW_NAME_NUMBER_DIGITS+1]; > > If you can test that, okay. > If I don't hear otherwise, I'll commit a change in a day or 3. >
I've made the change, recompiled and it now works fine! The crash is gone. Thank you very much for the quick fix. Kind regards, -- [alwin]