Author: dteske
Date: Wed Jan 27 06:21:35 2016
New Revision: 294893
URL: https://svnweb.freebsd.org/changeset/base/294893
Log:
Fix a crash if `-D' is used without `-t title'
dialog(3)'s dlg_reallocate_gauge(), used both by dialog(3)'s dialog_gauge()
and dialog(1)'s `--gauge', will segmentation fault in strlen(3) if no title
is set for the widget. Reproducible with `dialog --gauge hi 6 20' (adding
`--title ""' is enough to prevent segmentation fault).
MFC after: 3 days
X-MFC-to: stable/10
Modified:
head/lib/libdpv/dialog_util.c
Modified: head/lib/libdpv/dialog_util.c
==============================================================================
--- head/lib/libdpv/dialog_util.c Wed Jan 27 06:16:53 2016
(r294892)
+++ head/lib/libdpv/dialog_util.c Wed Jan 27 06:21:35 2016
(r294893)
@@ -261,6 +261,13 @@ dialog_spawn_gauge(char *init_prompt, pi
errx(EXIT_FAILURE, "Out of memory?!");
sprintf(dargv[n++], "--title");
dargv[n++] = title;
+ } else {
+ if ((dargv[n] = malloc(8)) == NULL)
+ errx(EXIT_FAILURE, "Out of memory?!");
+ sprintf(dargv[n++], "--title");
+ if ((dargv[n] = malloc(8)) == NULL)
+ errx(EXIT_FAILURE, "Out of memory?!");
+ sprintf(dargv[n++], "");
}
if (backtitle != NULL) {
if ((dargv[n] = malloc(12)) == NULL)
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
