[Xcb] [PATCH:xcb-util] Make sure wm_class name strings are null-terminated
Peter Harris
pharris at opentext.com
Tue Jun 15 12:58:52 PDT 2010
On 2010-06-14 15:28, Alan Coopersmith wrote:
>
> After digging into this more, I'm not sure if any patch is needed here.
> It depends on whether you want to expose bugs in other people's code, or
> protect API callers from them.
>
> ICCCM says WM_CLASS contains two null-terminated strings.
How about something like:
(Completely untested. Not even compiled. For discussion only.)
diff --git a/icccm/icccm.c b/icccm/icccm.c
index 1c66a74..9ada18d 100644
--- a/icccm/icccm.c
+++ b/icccm/icccm.c
@@ -359,8 +359,17 @@ xcb_get_wm_class_from_reply
prop->_reply = reply;
prop->instance_name = (char *) xcb_get_property_value(prop->_reply);
+ int len = xcb_get_property_value_length(prop->_reply);
+ /* Ensure there's a C end-of-string at the end of the property.
+ Truncate the property if necessary (the spec says there's already
+ a 0 in the last position, so this only hurts invalid props). */
+ if(len < reply->length * 4)
+ prop->instance_name[len] = 0;
+ else
+ prop->instance_name[len-1] = 0;
+
int name_len = strlen(prop->instance_name);
- if(name_len == xcb_get_property_value_length(prop->_reply))
+ if(name_len == len)
name_len--;
prop->class_name = prop->instance_name + name_len + 1;
--
1.7.0.6
--
Open Text Connectivity Solutions Group
Peter Harris http://connectivity.opentext.com/
Research and Development Phone: +1 905 762 6001
pharris at opentext.com Toll Free: 1 877 359 4866
More information about the Xcb
mailing list