buffer overflow in fonts.c?


During I was trying to compile the source from svn on my FreeBSD box,
I noticed one of port-local patches wasn't incorporated into the svn


The following patch is for the stock 1.3 release, but it should be
applied to the svn source, too.

--- src/fonts.c.orig    Sun Nov  3 22:00:36 2002
+++ src/fonts.c Wed Feb  8 04:22:13 2006
@@ -131,7 +131,7 @@
            if (end == 0)
                end = p + strlen (p);
            len = end - (p + 1);
-           buf = malloc (len);
+           buf = malloc (len + 1);
            memcpy (buf, p + 1, len);
            buf[len] = 0;
            return buf;

BTW, there is no libglade-xgettext in libglade-2.x.  How can I fix
po/make-pot ?  It seems that xgettext program can directly parse Glade
input files.  I have no knowledge how these things work, but how about
the following patch?

--- po/make-pot.orig       Fri Jul 27 17:17:35 2007                
+++ po/make-pot    Fri Jul 27 17:23:48 2007
@@ -36,13 +36,12 @@
 ./sawfish-xgettext --doc-file=../DOC --c $REP_SRCS >$lisp_c
-libglade-xgettext --c $GLADE_SRCS >$glade_c
-xgettext --add-comments -a --no-location $lisp_c $glade_c
+xgettext --add-comments -a --no-location $lisp_c 
+xgettext -j $GLADE_SRCS
 mv -f messages.po sawfish.pot
-rm -f $lisp_c $glade_c
+rm -f $lisp_c
Yoshiaki Kasahara
Research Institute for Information Technology, Kyushu University
kasahara nc kyushu-u ac jp

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]