The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Possible overrun in xterm

Ben Pfaff wrote:
> dark@xs4all.nl (Richard Braakman) writes:
> [...]
> >   - Change those routines to allocate on the heap instead of on the stack,
> >     so that they can allocate enough space.  This may have significant
> >     speed impact, since ScrnDeleteLine and ScrnInsertLine are heavily
> >     used (scrolling).
> [...]
> 
> Can you change them to allocate on the stack, but by using alloca() so
> that they can allocate the amount that is needed?  Alternatively, gcc
> supports constructs like this:
[...snip...]

Sure, that's easy enough, and will fix it for Debian and presumably
any gcc-based system.  (Diff included, and I've verified that it fixes
the problem.  Note that I've changed the approximation 4 to the real
MAX_PTRS, which is a macro that references a variable.  This will
save problems if MAX_PTRS ever changes.)

However, I reckon that this patch has zero chance of being included in
the main X distribution, since xterm is written to work on anything
from Minix to OS/2, and on any number of crufty almost-C compilers.
(I don't know if the bug is actually there in the main X sources,
 but I presume that XFree86 didn't modify xterm much.)

Your call, of course :-)  I suppose it's better to fix it for some
architectures than for none at all, and the X people can take their
time to come up with a solution they like.

-- 
Richard Braakman

diff -u xterm-old/charproc.c xterm-fix/charproc.c
--- xterm-old/charproc.c	Sun May 25 14:29:00 1997
+++ xterm-fix/charproc.c	Mon Aug 11 17:31:50 1997
@@ -3148,7 +3148,7 @@
     register TScreen *screen;
 {
     register int rows = screen->max_row + 1;
-    char *save [4 /* MAX_PTRS */ * MAX_ROWS];
+    char *save[MAX_PTRS * rows];
     Size_t len = MAX_PTRS * sizeof(char *) * rows;
 
     memcpy ( (char *)save,           (char *)screen->buf,    len);
diff -u xterm-old/screen.c xterm-fix/screen.c
--- xterm-old/screen.c	Fri May 23 12:32:00 1997
+++ xterm-fix/screen.c	Mon Aug 11 17:32:50 1997
@@ -294,7 +294,7 @@
 int last;
 register int where, n, size;
 {
-	char *save [4 /* MAX_PTRS */ * MAX_ROWS];
+        char *save[MAX_PTRS * n];
 
 	/* save n lines at bottom */
 	ScrnClearLines(save, sb, (last -= n - 1), n, size);
@@ -330,7 +330,7 @@
 register int n, last, size;
 int where;
 {
-	char *save [4 /* MAX_PTRS */ * MAX_ROWS];
+        char *save[MAX_PTRS * n];
 
 	ScrnClearLines(save, sb, where, n, size);
 


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .