On 07/ 8/11 11:01 AM, Kees Cook wrote: > This replaces sprintf with snprintf to avoid crashing when creating > various labels. > > https://bugs.launchpad.net/ubuntu/+source/x11-apps/+bug/792642 > > Signed-off-by: Kees Cook <kees.c...@canonical.com> > --- > xclipboard.c | 3 ++- > xcutsel.c | 4 ++-- > 2 files changed, 4 insertions(+), 3 deletions(-) > > diff --git a/xclipboard.c b/xclipboard.c > index 1fddf4c..c6610e9 100644 > --- a/xclipboard.c > +++ b/xclipboard.c > @@ -334,7 +334,8 @@ AcceptSaveFile(Widget w, XEvent *e, String *argv, > Cardinal *argc) > { > char failMessage[1024]; > > - sprintf (failMessage, "Can't open file \"%s\"", filename); > + snprintf (failMessage, sizeof (failMessage), > + "Can't open file \"%s\"", filename); > XtSetArg (args[0], XtNlabel, failMessage); > XtSetValues (failDialog, args, 1); > CenterWidgetOnEvent (failDialogShell, e); > diff --git a/xcutsel.c b/xcutsel.c > index 690e201..7f33668 100644 > --- a/xcutsel.c > +++ b/xcutsel.c > @@ -288,7 +288,7 @@ main(int argc, char *argv[]) > XtAddCallback( button, XtNcallback, Quit, NULL ); > > /* %%% hack alert... */ > - sprintf(label, "*label:copy %s to %d", > + snprintf(label, sizeof(label), "*label:copy %s to %d", > options.selection_name, > options.buffer); > XrmPutLineResource( &rdb, label ); > @@ -297,7 +297,7 @@ main(int argc, char *argv[]) > XtCreateManagedWidget("sel-cut", commandWidgetClass, box, NULL, ZERO); > XtAddCallback( button, XtNcallback, GetSelection, NULL ); > > - sprintf(label, "*label:copy %d to %s", > + snprintf(label, sizeof(label), "*label:copy %d to %s", > options.buffer, > options.selection_name); > XrmPutLineResource( &rdb, label );
Reviewed-by: Alan Coopersmith <alan.coopersm...@oracle.com> -- -Alan Coopersmith- alan.coopersm...@oracle.com Oracle Solaris Platform Engineering: X Window System _______________________________________________ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel