From accb07958bd466f7f4763a9547a6daca74f6f8e7524d86f0c2eb0af7064f78e8 Mon Sep 17 00:00:00 2001 From: Michael Vetter <jubalh@iodoru.org> Date: Wed, 1 Feb 2023 09:48:11 +0000 Subject: [PATCH] Accepting request 1062276 from home:rmax:branches:X11:windowmanagers - Fix a buffer overflow in the FvwmAuto module. fvwm-FvwmAuto-overflow.patch OBS-URL: https://build.opensuse.org/request/show/1062276 OBS-URL: https://build.opensuse.org/package/show/X11:windowmanagers/fvwm2?expand=0&rev=49 --- fvwm-FvwmAuto-overflow.patch | 11 +++++++++++ fvwm2.changes | 6 ++++++ fvwm2.spec | 5 +++-- 3 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 fvwm-FvwmAuto-overflow.patch diff --git a/fvwm-FvwmAuto-overflow.patch b/fvwm-FvwmAuto-overflow.patch new file mode 100644 index 0000000..a0130a6 --- /dev/null +++ b/fvwm-FvwmAuto-overflow.patch @@ -0,0 +1,11 @@ +--- modules/FvwmAuto/FvwmAuto.c.orig ++++ modules/FvwmAuto/FvwmAuto.c +@@ -340,6 +340,8 @@ main(int argc, char **argv) + { + len = max(len, strlen(leave_fn)); + } ++ /* add space for newline and trailing 0 */ ++ len += 2; + if (do_pass_id) + { + len += 32; diff --git a/fvwm2.changes b/fvwm2.changes index 4bb0b21..3b7ad5f 100644 --- a/fvwm2.changes +++ b/fvwm2.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Jan 31 14:22:50 UTC 2023 - Reinhard Max <max@suse.com> + +- Fix a buffer overflow in the FvwmAuto module. + fvwm-FvwmAuto-overflow.patch + ------------------------------------------------------------------- Tue Mar 3 09:30:08 UTC 2020 - Dr. Werner Fink <werner@suse.de> diff --git a/fvwm2.spec b/fvwm2.spec index 0377433..a1ca67c 100644 --- a/fvwm2.spec +++ b/fvwm2.spec @@ -1,7 +1,7 @@ # # spec file for package fvwm2 # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -32,6 +32,7 @@ Patch0: fvwm-configure.patch Patch1: fvwm-2.5.26-sv_SE.patch Patch2: fvwm-no-date-time.patch Patch3: enable-more-mouse-buttons.patch +Patch4: fvwm-FvwmAuto-overflow.patch BuildRequires: automake BuildRequires: gcc-c++ BuildRequires: libpng-devel @@ -63,7 +64,7 @@ Requires: wallpaper-branding Requires: xdg-menu Requires: xli Requires(post): update-alternatives -Requires(postun): update-alternatives +Requires(postun):update-alternatives Provides: fvwm Provides: fvwmicns Provides: windowmanager