Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-admin/conky/files/conky-1.3.4-arraybounds.patch
blob: 954f900d191bd146c620805b425152687451cefa (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

--- src/conky.h.old        2005-11-30 01:08:25.000000000 -0500
+++ src/conky.h   2005-11-29 12:35:21.000000000 -0500
@@ -3,7 +3,7 @@
  *
  * This program is licensed under BSD license, read COPYING
  *
- *  $Id: conky-1.3.4-arraybounds.patch,v 1.1 2005/12/11 03:36:33 dragonheart Exp $
+ *  $Id: conky-1.3.4-arraybounds.patch,v 1.1 2005/12/11 03:36:33 dragonheart Exp $
  */

 #ifndef _conky_h_
@@ -55,6 +55,9 @@
 #define CRIT_ERR(s, varargs...) \
 { fprintf(stderr, "Conky: " s "\n", ##varargs);  exit(EXIT_FAILURE); }

+#define MIN(a,b) (a>b ? b : a)
+#define MAX(a,b) (a<b ? b : a)
+
 struct i8k_struct {
        char *version;
        char *bios;

--- src/conky.c.old	2005-11-30 01:08:26.000000000 -0500
+++ src/conky.c   2005-11-30 00:52:18.000000000 -0500
@@ -3,7 +3,7 @@
  *
  * This program is licensed under BSD license, read COPYING
  *
- *  $Id: conky-1.3.4-arraybounds.patch,v 1.1 2005/12/11 03:36:33 dragonheart Exp $
+ *  $Id: conky-1.3.4-arraybounds.patch,v 1.1 2005/12/11 03:36:33 dragonheart Exp $
  */
 
 #include "conky.h"
@@ -3462,7 +3462,9 @@
 		printf("%s\n", s);
 	}
 	/* daemon_run(s);  the daemon can be called here, but we need to have a buffer in daemon_run() and we need to tell it when everything is ready to be sent */
-	strcpy(tmpstring1, s);
+	memset(tmpstring1,0,TEXT_BUFFER_SIZE);
+	memset(tmpstring2,0,TEXT_BUFFER_SIZE);
+	strncpy(tmpstring1, s, TEXT_BUFFER_SIZE-1);
 	pos = 0;
 	added = 0;
 	char space[2];
@@ -3483,13 +3485,21 @@
 			for (i2 = 0;
 			     i2 < (8 - (1 + pos) % 8) && added <= max;
 			     i2++) {
-				tmpstring2[pos + i2] = ' ';
+				/*
+				if ( pos + i2 > TEXT_BUFFER_SIZE-1 )
+					fprintf(stderr,"buffer overrun detected\n");
+				*/
+				tmpstring2[ MIN(pos + i2, TEXT_BUFFER_SIZE-1) ] = ' '; /* guard against overrun */
 				added++;
 			}
 			pos += i2;
 		} else {
 			if (tmpstring1[i] != 9) {
-				tmpstring2[pos] = tmpstring1[i];
+				/*
+				if ( pos > TEXT_BUFFER_SIZE-1 )
+					 fprintf(stderr,"buffer overrun detected\n");
+				*/
+				tmpstring2[ MIN(pos, TEXT_BUFFER_SIZE-1) ] = tmpstring1[i]; /* guard against overrun */
 				pos++;
 			}
 		}