This replaces sprintf with snprintf to avoid crashing when creating various labels.
https://bugs.launchpad.net/ubuntu/+source/x11-apps/+bug/792642 Signed-off-by: Kees Cook <kees.c...@canonical.com> --- xclipboard.c | 3 ++- xcutsel.c | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/xclipboard.c b/xclipboard.c index 1fddf4c..c6610e9 100644 --- a/xclipboard.c +++ b/xclipboard.c @@ -334,7 +334,8 @@ AcceptSaveFile(Widget w, XEvent *e, String *argv, Cardinal *argc) { char failMessage[1024]; - sprintf (failMessage, "Can't open file \"%s\"", filename); + snprintf (failMessage, sizeof (failMessage), + "Can't open file \"%s\"", filename); XtSetArg (args[0], XtNlabel, failMessage); XtSetValues (failDialog, args, 1); CenterWidgetOnEvent (failDialogShell, e); diff --git a/xcutsel.c b/xcutsel.c index 690e201..7f33668 100644 --- a/xcutsel.c +++ b/xcutsel.c @@ -288,7 +288,7 @@ main(int argc, char *argv[]) XtAddCallback( button, XtNcallback, Quit, NULL ); /* %%% hack alert... */ - sprintf(label, "*label:copy %s to %d", + snprintf(label, sizeof(label), "*label:copy %s to %d", options.selection_name, options.buffer); XrmPutLineResource( &rdb, label ); @@ -297,7 +297,7 @@ main(int argc, char *argv[]) XtCreateManagedWidget("sel-cut", commandWidgetClass, box, NULL, ZERO); XtAddCallback( button, XtNcallback, GetSelection, NULL ); - sprintf(label, "*label:copy %d to %s", + snprintf(label, sizeof(label), "*label:copy %d to %s", options.buffer, options.selection_name); XrmPutLineResource( &rdb, label ); -- 1.7.4.1 -- Kees Cook Ubuntu Security Team _______________________________________________ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
