LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
OpenBSD 2.3: Buffer overrun problems in xterm Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
OpenBSD As stated in CERT advisory VB-98.04, there are buffer overrun problems in xterm related to the input-Method, preeditType, and *Keymap resources. Additional buffer overruns exist in the Xaw library related to the inputMethod and preeditType resources. The xterm(1) problem represents a security vulnerability for any platform where xterm is installed setuid-root (as is the case for all OpenBSD platforms). The Xaw problem represents a security vulnerability for any setuid-root program that uses the Xaw library (including xterm). Patch1 from XFree86 3.3.2 corrects these problems. We provide a version of this patch file specifically for the OpenBSD 2.3 tree. We also provide tar files which replace the xterm(1) binary and the libXaw libraries on your system. These are expected to be extracted in /usr/X11R6 using the command "tar xvfpz Xawfix.tgz". The files are... i386, alpha, mac68k, mvme68k, hp300, sparc, pmax, and arc.

Index: X11/xc/programs/xterm/Tekproc.c
diff -u X11/xc/programs/xterm/Tekproc.c:1.1.1.2 
X11/xc/programs/xterm/Tekproc.c:1.2
--- X11/xc/programs/xterm/Tekproc.c:1.1.1.2	Sat Mar  7 09:25:14 1998
+++ X11/xc/programs/xterm/Tekproc.c	Sun May  3 01:37:57 1998
@@ -1,6 +1,6 @@
 /*
  * $XConsortium: Tekproc.c /main/120 1996/11/29 10:33:20 swick $
- * $XFree86: xc/programs/xterm/Tekproc.c,v 3.13.2.2 1998/02/15 16:09:55 
hohndel Exp $
+ * $XFree86: xc/programs/xterm/Tekproc.c,v 3.13.2.4 1998/04/29 11:18:06 dawes 
Exp $
  *
  * Warning, there be crufty dragons here.
  */
@@ -74,6 +74,9 @@
 #include 
 #include 
 #include 
+
+#include "xterm.h"
+
 #include "Tekparse.h"
 #include "data.h"
 #include "error.h"
@@ -121,8 +124,6 @@
 extern long time();		/* included in  by Xos.h */
 #endif
 
-#include "xterm.h"
-
 #define DefaultGCID XGContextFromGC(DefaultGC(screen->display, DefaultScreen
(screen->display)))
 
 /* Tek defines */
@@ -1723,8 +1724,10 @@
 
 
 #ifndef X_NOT_POSIX
+#ifndef linux
 #define HAS_WAITPID
 #endif
+#endif
 
 #ifdef HAS_WAITPID
 #include 
@@ -1742,7 +1745,7 @@
 	int pid;
 #ifndef HAS_WAITPID
 	int waited;
-	int (*chldfunc)();
+	SIGNAL_T (*chldfunc) PROTO((int n));
 
 	chldfunc = signal(SIGCHLD, SIG_DFL);
 #endif
Index: X11/xc/programs/xterm/charproc.c
diff -u X11/xc/programs/xterm/charproc.c:1.1.1.2 
X11/xc/programs/xterm/charproc.c:1.2
--- X11/xc/programs/xterm/charproc.c:1.1.1.2	Sat Mar  7 09:25:28 1998
+++ X11/xc/programs/xterm/charproc.c	Sun May  3 01:37:59 1998
@@ -1,6 +1,6 @@
 /*
  * $XConsortium: charproc.c /main/196 1996/12/03 16:52:46 swick $
- * $XFree86: xc/programs/xterm/charproc.c,v 3.42.2.5 1998/02/15 16:09:58 
hohndel Exp $
+ * $XFree86: xc/programs/xterm/charproc.c,v 3.42.2.7 1998/04/29 10:51:58 dawes 
Exp $
  */
 
 /*
@@ -4030,7 +4030,6 @@
 	       *s,
 	       *ns,
 	       *end,
-		tmp[1024],
 	  	buf[32];
     XIM		xim = (XIM) NULL;
     XIMStyles  *xim_styles;
@@ -4045,17 +4044,18 @@
 	if ((p = XSetLocaleModifiers("@im=none")) != NULL && *p)
 	    xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL);
     } else {
-	strcpy(tmp, term->misc.input_method);
-	for(ns=s=tmp; ns && *s;) {
+	for(ns=s=term->misc.input_method; ns && *s;) { 
 	    while (*s && isspace(*s)) s++;
 	    if (!*s) break;
 	    if ((ns = end = strchr(s, ',')) == 0)
 		end = s + strlen(s);
 	    while (isspace(*end)) end--;
-	    *end = '\0';
 
 	    strcpy(buf, "@im=");
-	    strcat(buf, s);
+	    if (end - (s + (sizeof(buf) - 5)) > 0)
+		end = s + (sizeof(buf) - 5); 
+	    strncat(buf, s, end - s); 
+ 
 	    if ((p = XSetLocaleModifiers(buf)) != NULL && *p
 		&& (xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL)) != NULL)
 		break;
@@ -4080,8 +4080,7 @@
     }
 
     found = False;
-    strcpy(tmp, term->misc.preedit_type);
-    for(s = tmp; s && !found;) {
+    for(s = term->misc.preedit_type; s && !found;) { 
 	while (*s && isspace(*s)) s++;
 	if (!*s) break;
 	if ((ns = end = strchr(s, ',')) != 0)
@@ -4089,13 +4088,12 @@
 	else
 	    end = s + strlen(s);
 	while (isspace(*end)) end--;
-	*end = '\0';
 
-	if (!strcmp(s, "OverTheSpot")) {
+	if (!strncmp(s, "OverTheSpot", end - s)) { 
 	    input_style = (XIMPreeditPosition | XIMStatusArea);
-	} else if (!strcmp(s, "OffTheSpot")) {
+	} else if (!strncmp(s, "OffTheSpot", end - s)) { 
 	    input_style = (XIMPreeditArea | XIMStatusArea);
-	} else if (!strcmp(s, "Root")) {
+	} else if (!strncmp(s, "Root", end - s)) { 
 	    input_style = (XIMPreeditNothing | XIMStatusNothing);
 	}
 	for (i = 0; (unsigned short)i < xim_styles->count_styles; i++)
@@ -4646,7 +4644,7 @@
 	XtOverrideTranslations(w, original);
 	return;
     }
-    (void) sprintf( mapName, "%sKeymap", params[0] );
+    (void) sprintf( mapName, "%.*sKeymap", (int)sizeof(mapName) - 10, params
[0] ); 
     (void) strcpy( mapClass, mapName );
     if (islower(mapClass[0])) mapClass[0] = toupper(mapClass[0]);
     XtGetSubresources( w, (XtPointer)&keymap, mapName, mapClass,
@@ -5075,7 +5073,7 @@
      * not be set before the widget's realized, so it's tested separately).
      */
     if(screen->colorMode) {
-	if (TextWindow(screen) != 0 && (cc != bg)) {
+	if (TextWindow(screen) != 0 && (cc != bg) && (cc != fg)) {
 	    /* we might have a colored foreground/background later */
 	    xgcv.font = screen->fnt_norm->fid;
 	    mask = (GCForeground | GCBackground | GCFont);
Index: X11/xc/programs/xterm/data.c
diff -u X11/xc/programs/xterm/data.c:1.1.1.2 X11/xc/programs/xterm/data.c:1.2
--- X11/xc/programs/xterm/data.c:1.1.1.2	Sat Mar  7 09:25:33 1998
+++ X11/xc/programs/xterm/data.c	Sun May  3 01:38:00 1998
@@ -1,6 +1,6 @@
 /*
  *	$XConsortium: data.c,v 1.12 95/04/05 19:58:47 kaleb Exp $
- *	$XFree86: xc/programs/xterm/data.c,v 3.2.4.2 1998/02/15 16:10:03 
hohndel Exp $
+ *	$XFree86: xc/programs/xterm/data.c,v 3.2.4.3 1998/04/29 04:18:39 dawes 
Exp $
  */
 
 /*
@@ -101,7 +101,6 @@
 #endif
 
 int am_slave = 0;	/* set to 1 if running as a slave process */
-int done_setuid = 0;	/* set to 1 after resetting setuid */
 int max_plus1;
 fd_set Select_mask;
 fd_set X_mask;
Index: X11/xc/programs/xterm/data.h
diff -u X11/xc/programs/xterm/data.h:1.1.1.2 X11/xc/programs/xterm/data.h:1.2
--- X11/xc/programs/xterm/data.h:1.1.1.2	Sat Mar  7 09:25:34 1998
+++ X11/xc/programs/xterm/data.h	Sun May  3 01:38:01 1998
@@ -1,6 +1,6 @@
 /*
  *	$XConsortium: data.h /main/13 1996/11/24 17:35:40 rws $
- *	$XFree86: xc/programs/xterm/data.h,v 3.3.2.1 1998/02/15 16:10:03 
hohndel Exp $
+ *	$XFree86: xc/programs/xterm/data.h,v 3.3.2.2 1998/04/29 04:18:39 dawes 
Exp $
  */
 /*
  * Copyright 1987 by Digital Equipment Corporation, Maynard, Massachusetts.
@@ -71,7 +71,6 @@
 #endif
 extern Char buffer[];
 extern int am_slave;
-extern int done_setuid;
 extern int bcnt;
 #ifdef DEBUG
 extern int debug;
Index: X11/xc/programs/xterm/main.c
diff -u X11/xc/programs/xterm/main.c:1.2 X11/xc/programs/xterm/main.c:1.3
--- X11/xc/programs/xterm/main.c:1.2	Sat Mar 14 13:35:29 1998
+++ X11/xc/programs/xterm/main.c	Sun May  3 01:38:02 1998
@@ -64,7 +64,7 @@
 
 ******************************************************************/
 
-/* $XFree86: xc/programs/xterm/main.c,v 3.47.2.8 1998/02/27 01:29:29 dawes Exp 
$ */
+/* $XFree86: xc/programs/xterm/main.c,v 3.47.2.10 1998/04/29 10:52:00 dawes 
Exp $ */
 
 
 /* main.c */
@@ -325,9 +325,11 @@
 #endif
 #ifdef SVR4
 #define USE_POSIX_WAIT
+#define HAS_SAVED_IDS_AND_SETEUID
 #endif
 
 #ifdef linux
+#define HAS_SAVED_IDS_AND_SETEUID
 #ifndef CBAUD
 #define CBAUD 0010017
 #endif
@@ -341,6 +343,7 @@
 #define USE_POSIX_WAIT
 #define LASTLOG
 #define WTMP
+#define HAS_SAVED_IDS_AND_SETEUID
 #endif
 
 #include 
@@ -976,6 +979,12 @@
 "will be started.  Options that start with a plus sign (+) restore the 
default.",
 NULL};
 
+static int abbrev (char *tst, char *cmp)
+{
+	size_t len = strlen(tst);
+	return ((len >= 2) && (!strncmp(tst, cmp, len)));
+}
+
 static void Syntax (badOption)
     char *badOption;
 {
@@ -1115,9 +1124,9 @@
 	/* Do these first, since we may not be able to open the display */
 	ProgramName = argv[0];
 	if (argc > 1) {
-		if (!strncmp(argv[1], "-v", 2))
+		if (abbrev(argv[1], "-version"))
 			Version();
-		if (!strncmp(argv[1], "-h", 2) && strncmp(argv[1], "-hc", 3))
+		if (abbrev(argv[1], "-help"))
 			Help();
 	}
 
@@ -1725,15 +1734,6 @@
 	XSetErrorHandler(xerror);
 	XSetIOErrorHandler(xioerror);
 
-#ifndef HAS_SAVED_IDS_AND_SETEUID
-	(void) setuid (screen->uid); /* we're done with privileges... */
-	(void) setgid (screen->gid);
-	done_setuid = 1;
-#else
-	seteuid(screen->uid);
-	setegid(screen->gid);
-#endif
-
 #ifdef ALLOWLOGGING
 	if (term->misc.log_on) {
 		StartLog(screen);
@@ -2159,10 +2159,6 @@
 
 	screen->uid = getuid();
 	screen->gid = getgid();
-#ifdef HAS_SAVED_IDS_AND_SETEUID
-	screen->euid = geteuid();
-	screen->egid = getegid();
-#endif
 
 #ifdef linux
 	bzero(termcap, sizeof termcap);
@@ -3553,7 +3549,7 @@
     int i, n, ncap;
     errstat err;
     struct caplist *cl;
-    char buf[64], numbuf[12];
+    char buf[64];
     struct caplist *capvnew;
     int ttythread();
     int xwatchdogthread();
@@ -3892,10 +3888,6 @@
 	register int wfd;
 	struct utmp utmp;
 
-#ifdef HAS_SAVED_IDS_AND_SETEUID
-        setegid(screen->egid);
-        seteuid(screen->euid);
-#endif
 	if (!resource.utmpInhibit && added_utmp_entry &&
 	    (!am_slave && tslot > 0 && (wfd = open(etc_utmp, O_WRONLY)) >= 0)){
 		bzero((char *)&utmp, sizeof(struct utmp));
@@ -3914,10 +3906,6 @@
 		}
 #endif /* WTMP */
 	}
-#ifdef HAS_SAVED_IDS_AND_SETEUID
-	setegid(screen->gid);
-	seteuid(screen->uid);
-#endif  /* HAS_SAVED_IDS_AND_SETEUID */
 #endif	/* USE_SYSV_UTMP */
 #endif	/* UTMP */
 #ifndef AMOEBA
Index: X11/xc/programs/xterm/misc.c
diff -u X11/xc/programs/xterm/misc.c:1.1.1.2 X11/xc/programs/xterm/misc.c:1.2
--- X11/xc/programs/xterm/misc.c:1.1.1.2	Sat Mar  7 09:25:44 1998
+++ X11/xc/programs/xterm/misc.c	Sun May  3 01:38:03 1998
@@ -1,6 +1,6 @@
 /*
  *	$XConsortium: misc.c /main/112 1996/11/29 10:34:07 swick $
- *	$XFree86: xc/programs/xterm/misc.c,v 3.17.2.3 1998/02/24 13:54:37 
hohndel Exp $
+ *	$XFree86: xc/programs/xterm/misc.c,v 3.17.2.4 1998/04/29 04:18:45 dawes 
Exp $
  */
 
 /*
@@ -48,13 +48,13 @@
 #include 
 #include 
 
+#include "xterm.h"
+
 #include "VTparse.h"
 #include "data.h"
 #include "error.h"
 #include "menu.h"
 
-#include "xterm.h"
-
 #if XtSpecificationRelease < 6
 #ifndef X_GETTIMEOFDAY
 #define X_GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *)0)
@@ -534,8 +534,10 @@
 #if defined(ALLOWLOGGING) || defined(DEBUG)
 
 #ifndef X_NOT_POSIX
+#ifndef linux
 #define HAS_WAITPID
 #endif
+#endif
 
 /*
  * create a file only if we could with the permissions of the real user id.
@@ -559,18 +561,10 @@
     int pid;
 #ifndef HAS_WAITPID
     int waited;
-    int (*chldfunc)();
+    SIGNAL_T (*chldfunc)();
 
     chldfunc = signal(SIGCHLD, SIG_DFL);
 #endif
-
-    if (done_setuid) {
-	fd = open(pathname, O_WRONLY|O_CREAT|O_APPEND, mode);
-	if (fd >= 0) {
-	    close(fd);
-	}
-	return;
-    }
 
     pid = fork();
     switch (pid)
Index: X11/xc/programs/xterm/os2main.c
diff -u X11/xc/programs/xterm/os2main.c:1.1.1.2 
X11/xc/programs/xterm/os2main.c:1.2
--- X11/xc/programs/xterm/os2main.c:1.1.1.2	Sat Mar  7 09:25:45 1998
+++ X11/xc/programs/xterm/os2main.c	Sun May  3 01:38:05 1998
@@ -5,7 +5,7 @@
 #ifndef lint
 static char *rid="$XConsortium: main.c,v 1.227.1.2 95/06/29 18:13:15 kaleb Exp 
$";
 #endif /* lint */
-/* $XFree86: xc/programs/xterm/os2main.c,v 3.5.2.3 1998/02/22 01:28:30 robin 
Exp $ */
+/* $XFree86: xc/programs/xterm/os2main.c,v 3.5.2.5 1998/04/29 10:52:01 dawes 
Exp $ */
 
 /***********************************************************
 
@@ -518,6 +518,12 @@
 "will be started.  Options that start with a plus sign (+) restore the 
default.",
 NULL};
 
+static int abbrev (char *tst, char *cmp)
+{
+	size_t len = strlen(tst);
+	return ((len >= 2) && (!strncmp(tst, cmp, len)));
+}
+
 static void Syntax (badOption)
     char *badOption;
 {
@@ -770,9 +776,9 @@
 	/* Do these first, since we may not be able to open the display */
 	ProgramName = argv[0];
 	if (argc > 1) {
-		if (!strncmp(argv[1], "-v", 2))
+		if (abbrev(argv[1], "-version"))
 			Version();
-		if (!strncmp(argv[1], "-h", 2) && strncmp(argv[1], "-hc", 3))
+		if (abbrev(argv[1], "-help"))
 			Help();
 	}
 
@@ -1064,10 +1070,6 @@
 #endif	/* DEBUG */
 	XSetErrorHandler(xerror);
 	XSetIOErrorHandler(xioerror);
-
-	(void) setuid (screen->uid); /* we're done with privileges... */
-	(void) setgid (screen->gid);
-	done_setuid = 1;
 
 #ifdef ALLOWLOGGING
 	if (term->misc.log_on) {
Index: X11/xc/programs/xterm/print.c
diff -u X11/xc/programs/xterm/print.c:1.1.1.1 X11/xc/programs/xterm/print.c:1.2
--- X11/xc/programs/xterm/print.c:1.1.1.1	Sat Mar  7 09:26:09 1998
+++ X11/xc/programs/xterm/print.c	Sun May  3 01:38:06 1998
@@ -1,5 +1,5 @@
 /*
- * $XFree86: xc/programs/xterm/print.c,v 1.3.2.1 1998/02/15 16:10:08 hohndel 
Exp $
+ * $XFree86: xc/programs/xterm/print.c,v 1.3.2.3 1998/04/29 11:18:07 dawes Exp 
$
  */
 
 /************************************************************
@@ -42,6 +42,7 @@
 
 #include "ptyx.h"
 #include "data.h"
+#include "error.h"
 #include "xterm.h"
 
 #define Strlen(a) strlen((char *)a)
@@ -172,8 +173,33 @@
 {
 	static int initialized;
 	if (!initialized) {
+		FILE	*input;
+		int	my_pipe[2];
+		int	my_pid;
+		int	c;
 		register TScreen *screen = &term->screen;
-		Printer = popen(screen->printer_command, "w");
+
+	    	if (pipe(my_pipe))
+			SysError (ERROR_FORK);
+		if ((my_pid = fork()) < 0)
+			SysError (ERROR_FORK);
+
+		if (my_pid == 0) {
+			close(my_pipe[1]);	/* printer is silent */
+			setgid (screen->gid);
+			setuid (screen->uid);
+			Printer = popen(screen->printer_command, "w");
+			input = fdopen(my_pipe[0], "r");
+			while ((c = fgetc(input)) != EOF) {
+				fputc(c, Printer);
+				if (chr == '\r' || chr == '\n' || chr == '\f')
+					fflush(Printer);
+			}
+			exit(0);
+		} else {
+			close(my_pipe[0]);	/* won't read from printer */
+			Printer = fdopen(my_pipe[1], "w");
+		}
 		initialized++;
 	}
 	if (Printer != 0) {
Index: X11/xc/programs/xterm/ptyx.h
diff -u X11/xc/programs/xterm/ptyx.h:1.2 X11/xc/programs/xterm/ptyx.h:1.3
--- X11/xc/programs/xterm/ptyx.h:1.2	Sat Mar 14 13:35:31 1998
+++ X11/xc/programs/xterm/ptyx.h	Sun May  3 01:38:07 1998
@@ -529,10 +529,6 @@
 #define DoSM(code,value) screen->save_modes[code] = value
 #define DoRM(code,value) value = screen->save_modes[code]
 
-#if defined(SVR4) || defined(linux) || defined(CSRG_BASED)
-#define HAS_SAVED_IDS_AND_SETEUID
-#endif
-
 typedef struct {
 	Boolean		saved;
 	int		row;
@@ -561,10 +557,6 @@
 	long		pid;		/* pid of process on far side   */
 	int		uid;		/* user id of actual person	*/
 	int		gid;		/* group id of actual person	*/
-#ifdef HAS_SAVED_IDS_AND_SETEUID
-        int             euid;
-        int             egid;
-#endif
 	GC		cursorGC;	/* normal cursor painting	*/
 	GC		fillCursorGC;	/* special cursor painting	*/
 	GC		reversecursorGC;/* reverse cursor painting	*/
Index: X11/xc/programs/xterm/version.h
diff -u X11/xc/programs/xterm/version.h:1.1.1.1 
X11/xc/programs/xterm/version.h:1.2
--- X11/xc/programs/xterm/version.h:1.1.1.1	Sat Mar  7 09:26:09 1998
+++ X11/xc/programs/xterm/version.h	Sun May  3 01:38:08 1998
@@ -1,4 +1,4 @@
-/* $XFree86: xc/programs/xterm/version.h,v 3.2.2.3 1998/03/03 12:51:03 dawes 
Exp $ */
+/* $XFree86: xc/programs/xterm/version.h,v 3.2.2.5 1998/04/29 04:18:47 dawes 
Exp $ */
 
 /*
  * This is the string that's printed in response to "xterm -version", or
@@ -6,4 +6,4 @@
  * version of xterm has been built.  The number in parentheses is my patch
  * number (T.Dickey).
  */
-#define XTERM_VERSION "XFree86 3.9Ad(68)"
+#define XTERM_VERSION "XFree86 3.3.2.1"
Index: X11/xc/lib/Xaw/XawIm.c
diff -u X11/xc/lib/Xaw/XawIm.c:1.1.1.1 X11/xc/lib/Xaw/XawIm.c:1.2
--- X11/xc/lib/Xaw/XawIm.c:1.1.1.1	Fri Sep  5 02:59:50 1997
+++ X11/xc/lib/Xaw/XawIm.c	Sun May  3 01:33:11 1998
@@ -53,6 +53,7 @@
 in this Software without prior written authorization from the X Consortium.
 
 */
+/* $XFree86: xc/lib/Xaw/XawIm.c,v 1.1.1.4.2.1 1998/05/01 04:02:42 dawes Exp $ 
*/
 
 #include 
 #include 
@@ -452,7 +453,7 @@
     } else {
 	for (i = 0; i < ve->im.im_list_num; i++) {
 	    strcpy(modifiers, "@im=");
-	    strcat(modifiers, ve->im.im_list[i]);
+	    strncat(modifiers, ve->im.im_list[i], sizeof(modifiers) - 5/*strlen
("@im=")*/);
 	    if ((p = XSetLocaleModifiers(modifiers)) != NULL && *p &&
 		(xim = XOpenIM(XtDisplay(ve->parent), NULL, NULL, NULL)) != 
NULL)
 		break;
@@ -1354,7 +1355,7 @@
     strcpy(s, p);
     save_s = s;
 
-    while(1) {
+    while(i < (sizeof(list) / sizeof(list[0]))) {
 	list[i] = s;
 	ss = index(s, ',');
 	if (!ss) {
@@ -1645,10 +1646,10 @@
 
     if ((vw = SearchVendorShell(inwidg)) && (ve = GetExtPart(vw)) &&
 	ve->im.xim && (p = GetIcTableShared(inwidg, ve)) && p->xic) {
-	  return(XwcLookupString(p->xic, event, buffer_return, bytes_buffer,
+	  return(XwcLookupString(p->xic, event, buffer_return, 
bytes_buffer/sizeof(wchar_t),
 				 keysym_return, status_return));
     }
-    ret = XLookupString( event, tmp_buf, 64, keysym_return,
+    ret = XLookupString( event, tmp_buf, sizeof(tmp_buf), keysym_return,
 		         (XComposeStatus*) status_return );
     for ( i = 0, tmp_p = tmp_buf, buf_p = buffer_return; i < ret; i++ ) {
 	*buf_p++ = _Xaw_atowc(*tmp_p++);

Index: X11/xc/programs/xterm/Tekproc.c
diff -u X11/xc/programs/xterm/Tekproc.c:1.1.1.2 
X11/xc/programs/xterm/Tekproc.c:1.2
--- X11/xc/programs/xterm/Tekproc.c:1.1.1.2	Sat Mar  7 09:25:14 1998
+++ X11/xc/programs/xterm/Tekproc.c	Sun May  3 01:37:57 1998
@@ -1,6 +1,6 @@
 /*
  * $XConsortium: Tekproc.c /main/120 1996/11/29 10:33:20 swick $
- * $XFree86: xc/programs/xterm/Tekproc.c,v 3.13.2.2 1998/02/15 16:09:55 
hohndel Exp $
+ * $XFree86: xc/programs/xterm/Tekproc.c,v 3.13.2.4 1998/04/29 11:18:06 dawes 
Exp $
  *
  * Warning, there be crufty dragons here.
  */
@@ -74,6 +74,9 @@
 #include 
 #include 
 #include 
+
+#include "xterm.h"
+
 #include "Tekparse.h"
 #include "data.h"
 #include "error.h"
@@ -121,8 +124,6 @@
 extern long time();		/* included in  by Xos.h */
 #endif
 
-#include "xterm.h"
-
 #define DefaultGCID XGContextFromGC(DefaultGC(screen->display, DefaultScreen
(screen->display)))
 
 /* Tek defines */
@@ -1723,8 +1724,10 @@
 
 
 #ifndef X_NOT_POSIX
+#ifndef linux
 #define HAS_WAITPID
 #endif
+#endif
 
 #ifdef HAS_WAITPID
 #include 
@@ -1742,7 +1745,7 @@
 	int pid;
 #ifndef HAS_WAITPID
 	int waited;
-	int (*chldfunc)();
+	SIGNAL_T (*chldfunc) PROTO((int n));
 
 	chldfunc = signal(SIGCHLD, SIG_DFL);
 #endif
Index: X11/xc/programs/xterm/charproc.c
diff -u X11/xc/programs/xterm/charproc.c:1.1.1.2 
X11/xc/programs/xterm/charproc.c:1.2
--- X11/xc/programs/xterm/charproc.c:1.1.1.2	Sat Mar  7 09:25:28 1998
+++ X11/xc/programs/xterm/charproc.c	Sun May  3 01:37:59 1998
@@ -1,6 +1,6 @@
 /*
  * $XConsortium: charproc.c /main/196 1996/12/03 16:52:46 swick $
- * $XFree86: xc/programs/xterm/charproc.c,v 3.42.2.5 1998/02/15 16:09:58 
hohndel Exp $
+ * $XFree86: xc/programs/xterm/charproc.c,v 3.42.2.7 1998/04/29 10:51:58 dawes 
Exp $
  */
 
 /*
@@ -4030,7 +4030,6 @@
 	       *s,
 	       *ns,
 	       *end,
-		tmp[1024],
 	  	buf[32];
     XIM		xim = (XIM) NULL;
     XIMStyles  *xim_styles;
@@ -4045,17 +4044,18 @@
 	if ((p = XSetLocaleModifiers("@im=none")) != NULL && *p)
 	    xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL);
     } else {
-	strcpy(tmp, term->misc.input_method);
-	for(ns=s=tmp; ns && *s;) {
+	for(ns=s=term->misc.input_method; ns && *s;) { 
 	    while (*s && isspace(*s)) s++;
 	    if (!*s) break;
 	    if ((ns = end = strchr(s, ',')) == 0)
 		end = s + strlen(s);
 	    while (isspace(*end)) end--;
-	    *end = '\0';
 
 	    strcpy(buf, "@im=");
-	    strcat(buf, s);
+	    if (end - (s + (sizeof(buf) - 5)) > 0)
+		end = s + (sizeof(buf) - 5); 
+	    strncat(buf, s, end - s); 
+ 
 	    if ((p = XSetLocaleModifiers(buf)) != NULL && *p
 		&& (xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL)) != NULL)
 		break;
@@ -4080,8 +4080,7 @@
     }
 
     found = False;
-    strcpy(tmp, term->misc.preedit_type);
-    for(s = tmp; s && !found;) {
+    for(s = term->misc.preedit_type; s && !found;) { 
 	while (*s && isspace(*s)) s++;
 	if (!*s) break;
 	if ((ns = end = strchr(s, ',')) != 0)
@@ -4089,13 +4088,12 @@
 	else
 	    end = s + strlen(s);
 	while (isspace(*end)) end--;
-	*end = '\0';
 
-	if (!strcmp(s, "OverTheSpot")) {
+	if (!strncmp(s, "OverTheSpot", end - s)) { 
 	    input_style = (XIMPreeditPosition | XIMStatusArea);
-	} else if (!strcmp(s, "OffTheSpot")) {
+	} else if (!strncmp(s, "OffTheSpot", end - s)) { 
 	    input_style = (XIMPreeditArea | XIMStatusArea);
-	} else if (!strcmp(s, "Root")) {
+	} else if (!strncmp(s, "Root", end - s)) { 
 	    input_style = (XIMPreeditNothing | XIMStatusNothing);
 	}
 	for (i = 0; (unsigned short)i < xim_styles->count_styles; i++)
@@ -4646,7 +4644,7 @@
 	XtOverrideTranslations(w, original);
 	return;
     }
-    (void) sprintf( mapName, "%sKeymap", params[0] );
+    (void) sprintf( mapName, "%.*sKeymap", (int)sizeof(mapName) - 10, params
[0] ); 
     (void) strcpy( mapClass, mapName );
     if (islower(mapClass[0])) mapClass[0] = toupper(mapClass[0]);
     XtGetSubresources( w, (XtPointer)&keymap, mapName, mapClass,
@@ -5075,7 +5073,7 @@
      * not be set before the widget's realized, so it's tested separately).
      */
     if(screen->colorMode) {
-	if (TextWindow(screen) != 0 && (cc != bg)) {
+	if (TextWindow(screen) != 0 && (cc != bg) && (cc != fg)) {
 	    /* we might have a colored foreground/background later */
 	    xgcv.font = screen->fnt_norm->fid;
 	    mask = (GCForeground | GCBackground | GCFont);
Index: X11/xc/programs/xterm/data.c
diff -u X11/xc/programs/xterm/data.c:1.1.1.2 X11/xc/programs/xterm/data.c:1.2
--- X11/xc/programs/xterm/data.c:1.1.1.2	Sat Mar  7 09:25:33 1998
+++ X11/xc/programs/xterm/data.c	Sun May  3 01:38:00 1998
@@ -1,6 +1,6 @@
 /*
  *	$XConsortium: data.c,v 1.12 95/04/05 19:58:47 kaleb Exp $
- *	$XFree86: xc/programs/xterm/data.c,v 3.2.4.2 1998/02/15 16:10:03 
hohndel Exp $
+ *	$XFree86: xc/programs/xterm/data.c,v 3.2.4.3 1998/04/29 04:18:39 dawes 
Exp $
  */
 
 /*
@@ -101,7 +101,6 @@
 #endif
 
 int am_slave = 0;	/* set to 1 if running as a slave process */
-int done_setuid = 0;	/* set to 1 after resetting setuid */
 int max_plus1;
 fd_set Select_mask;
 fd_set X_mask;
Index: X11/xc/programs/xterm/data.h
diff -u X11/xc/programs/xterm/data.h:1.1.1.2 X11/xc/programs/xterm/data.h:1.2
--- X11/xc/programs/xterm/data.h:1.1.1.2	Sat Mar  7 09:25:34 1998
+++ X11/xc/programs/xterm/data.h	Sun May  3 01:38:01 1998
@@ -1,6 +1,6 @@
 /*
  *	$XConsortium: data.h /main/13 1996/11/24 17:35:40 rws $
- *	$XFree86: xc/programs/xterm/data.h,v 3.3.2.1 1998/02/15 16:10:03 
hohndel Exp $
+ *	$XFree86: xc/programs/xterm/data.h,v 3.3.2.2 1998/04/29 04:18:39 dawes 
Exp $
  */
 /*
  * Copyright 1987 by Digital Equipment Corporation, Maynard, Massachusetts.
@@ -71,7 +71,6 @@
 #endif
 extern Char buffer[];
 extern int am_slave;
-extern int done_setuid;
 extern int bcnt;
 #ifdef DEBUG
 extern int debug;
Index: X11/xc/programs/xterm/main.c
diff -u X11/xc/programs/xterm/main.c:1.2 X11/xc/programs/xterm/main.c:1.3
--- X11/xc/programs/xterm/main.c:1.2	Sat Mar 14 13:35:29 1998
+++ X11/xc/programs/xterm/main.c	Sun May  3 01:38:02 1998
@@ -64,7 +64,7 @@
 
 ******************************************************************/
 
-/* $XFree86: xc/programs/xterm/main.c,v 3.47.2.8 1998/02/27 01:29:29 dawes Exp 
$ */
+/* $XFree86: xc/programs/xterm/main.c,v 3.47.2.10 1998/04/29 10:52:00 dawes 
Exp $ */
 
 
 /* main.c */
@@ -325,9 +325,11 @@
 #endif
 #ifdef SVR4
 #define USE_POSIX_WAIT
+#define HAS_SAVED_IDS_AND_SETEUID
 #endif
 
 #ifdef linux
+#define HAS_SAVED_IDS_AND_SETEUID
 #ifndef CBAUD
 #define CBAUD 0010017
 #endif
@@ -341,6 +343,7 @@
 #define USE_POSIX_WAIT
 #define LASTLOG
 #define WTMP
+#define HAS_SAVED_IDS_AND_SETEUID
 #endif
 
 #include 
@@ -976,6 +979,12 @@
 "will be started.  Options that start with a plus sign (+) restore the 
default.",
 NULL};
 
+static int abbrev (char *tst, char *cmp)
+{
+	size_t len = strlen(tst);
+	return ((len >= 2) && (!strncmp(tst, cmp, len)));
+}
+
 static void Syntax (badOption)
     char *badOption;
 {
@@ -1115,9 +1124,9 @@
 	/* Do these first, since we may not be able to open the display */
 	ProgramName = argv[0];
 	if (argc > 1) {
-		if (!strncmp(argv[1], "-v", 2))
+		if (abbrev(argv[1], "-version"))
 			Version();
-		if (!strncmp(argv[1], "-h", 2) && strncmp(argv[1], "-hc", 3))
+		if (abbrev(argv[1], "-help"))
 			Help();
 	}
 
@@ -1725,15 +1734,6 @@
 	XSetErrorHandler(xerror);
 	XSetIOErrorHandler(xioerror);
 
-#ifndef HAS_SAVED_IDS_AND_SETEUID
-	(void) setuid (screen->uid); /* we're done with privileges... */
-	(void) setgid (screen->gid);
-	done_setuid = 1;
-#else
-	seteuid(screen->uid);
-	setegid(screen->gid);
-#endif
-
 #ifdef ALLOWLOGGING
 	if (term->misc.log_on) {
 		StartLog(screen);
@@ -2159,10 +2159,6 @@
 
 	screen->uid = getuid();
 	screen->gid = getgid();
-#ifdef HAS_SAVED_IDS_AND_SETEUID
-	screen->euid = geteuid();
-	screen->egid = getegid();
-#endif
 
 #ifdef linux
 	bzero(termcap, sizeof termcap);
@@ -3553,7 +3549,7 @@
     int i, n, ncap;
     errstat err;
     struct caplist *cl;
-    char buf[64], numbuf[12];
+    char buf[64];
     struct caplist *capvnew;
     int ttythread();
     int xwatchdogthread();
@@ -3892,10 +3888,6 @@
 	register int wfd;
 	struct utmp utmp;
 
-#ifdef HAS_SAVED_IDS_AND_SETEUID
-        setegid(screen->egid);
-        seteuid(screen->euid);
-#endif
 	if (!resource.utmpInhibit && added_utmp_entry &&
 	    (!am_slave && tslot > 0 && (wfd = open(etc_utmp, O_WRONLY)) >= 0)){
 		bzero((char *)&utmp, sizeof(struct utmp));
@@ -3914,10 +3906,6 @@
 		}
 #endif /* WTMP */
 	}
-#ifdef HAS_SAVED_IDS_AND_SETEUID
-	setegid(screen->gid);
-	seteuid(screen->uid);
-#endif  /* HAS_SAVED_IDS_AND_SETEUID */
 #endif	/* USE_SYSV_UTMP */
 #endif	/* UTMP */
 #ifndef AMOEBA
Index: X11/xc/programs/xterm/misc.c
diff -u X11/xc/programs/xterm/misc.c:1.1.1.2 X11/xc/programs/xterm/misc.c:1.2
--- X11/xc/programs/xterm/misc.c:1.1.1.2	Sat Mar  7 09:25:44 1998
+++ X11/xc/programs/xterm/misc.c	Sun May  3 01:38:03 1998
@@ -1,6 +1,6 @@
 /*
  *	$XConsortium: misc.c /main/112 1996/11/29 10:34:07 swick $
- *	$XFree86: xc/programs/xterm/misc.c,v 3.17.2.3 1998/02/24 13:54:37 
hohndel Exp $
+ *	$XFree86: xc/programs/xterm/misc.c,v 3.17.2.4 1998/04/29 04:18:45 dawes 
Exp $
  */
 
 /*
@@ -48,13 +48,13 @@
 #include 
 #include 
 
+#include "xterm.h"
+
 #include "VTparse.h"
 #include "data.h"
 #include "error.h"
 #include "menu.h"
 
-#include "xterm.h"
-
 #if XtSpecificationRelease < 6
 #ifndef X_GETTIMEOFDAY
 #define X_GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *)0)
@@ -534,8 +534,10 @@
 #if defined(ALLOWLOGGING) || defined(DEBUG)
 
 #ifndef X_NOT_POSIX
+#ifndef linux
 #define HAS_WAITPID
 #endif
+#endif
 
 /*
  * create a file only if we could with the permissions of the real user id.
@@ -559,18 +561,10 @@
     int pid;
 #ifndef HAS_WAITPID
     int waited;
-    int (*chldfunc)();
+    SIGNAL_T (*chldfunc)();
 
     chldfunc = signal(SIGCHLD, SIG_DFL);
 #endif
-
-    if (done_setuid) {
-	fd = open(pathname, O_WRONLY|O_CREAT|O_APPEND, mode);
-	if (fd >= 0) {
-	    close(fd);
-	}
-	return;
-    }
 
     pid = fork();
     switch (pid)
Index: X11/xc/programs/xterm/os2main.c
diff -u X11/xc/programs/xterm/os2main.c:1.1.1.2 
X11/xc/programs/xterm/os2main.c:1.2
--- X11/xc/programs/xterm/os2main.c:1.1.1.2	Sat Mar  7 09:25:45 1998
+++ X11/xc/programs/xterm/os2main.c	Sun May  3 01:38:05 1998
@@ -5,7 +5,7 @@
 #ifndef lint
 static char *rid="$XConsortium: main.c,v 1.227.1.2 95/06/29 18:13:15 kaleb Exp 
$";
 #endif /* lint */
-/* $XFree86: xc/programs/xterm/os2main.c,v 3.5.2.3 1998/02/22 01:28:30 robin 
Exp $ */
+/* $XFree86: xc/programs/xterm/os2main.c,v 3.5.2.5 1998/04/29 10:52:01 dawes 
Exp $ */
 
 /***********************************************************
 
@@ -518,6 +518,12 @@
 "will be started.  Options that start with a plus sign (+) restore the 
default.",
 NULL};
 
+static int abbrev (char *tst, char *cmp)
+{
+	size_t len = strlen(tst);
+	return ((len >= 2) && (!strncmp(tst, cmp, len)));
+}
+
 static void Syntax (badOption)
     char *badOption;
 {
@@ -770,9 +776,9 @@
 	/* Do these first, since we may not be able to open the display */
 	ProgramName = argv[0];
 	if (argc > 1) {
-		if (!strncmp(argv[1], "-v", 2))
+		if (abbrev(argv[1], "-version"))
 			Version();
-		if (!strncmp(argv[1], "-h", 2) && strncmp(argv[1], "-hc", 3))
+		if (abbrev(argv[1], "-help"))
 			Help();
 	}
 
@@ -1064,10 +1070,6 @@
 #endif	/* DEBUG */
 	XSetErrorHandler(xerror);
 	XSetIOErrorHandler(xioerror);
-
-	(void) setuid (screen->uid); /* we're done with privileges... */
-	(void) setgid (screen->gid);
-	done_setuid = 1;
 
 #ifdef ALLOWLOGGING
 	if (term->misc.log_on) {
Index: X11/xc/programs/xterm/print.c
diff -u X11/xc/programs/xterm/print.c:1.1.1.1 X11/xc/programs/xterm/print.c:1.2
--- X11/xc/programs/xterm/print.c:1.1.1.1	Sat Mar  7 09:26:09 1998
+++ X11/xc/programs/xterm/print.c	Sun May  3 01:38:06 1998
@@ -1,5 +1,5 @@
 /*
- * $XFree86: xc/programs/xterm/print.c,v 1.3.2.1 1998/02/15 16:10:08 hohndel 
Exp $
+ * $XFree86: xc/programs/xterm/print.c,v 1.3.2.3 1998/04/29 11:18:07 dawes Exp 
$
  */
 
 /************************************************************
@@ -42,6 +42,7 @@
 
 #include "ptyx.h"
 #include "data.h"
+#include "error.h"
 #include "xterm.h"
 
 #define Strlen(a) strlen((char *)a)
@@ -172,8 +173,33 @@
 {
 	static int initialized;
 	if (!initialized) {
+		FILE	*input;
+		int	my_pipe[2];
+		int	my_pid;
+		int	c;
 		register TScreen *screen = &term->screen;
-		Printer = popen(screen->printer_command, "w");
+
+	    	if (pipe(my_pipe))
+			SysError (ERROR_FORK);
+		if ((my_pid = fork()) < 0)
+			SysError (ERROR_FORK);
+
+		if (my_pid == 0) {
+			close(my_pipe[1]);	/* printer is silent */
+			setgid (screen->gid);
+			setuid (screen->uid);
+			Printer = popen(screen->printer_command, "w");
+			input = fdopen(my_pipe[0], "r");
+			while ((c = fgetc(input)) != EOF) {
+				fputc(c, Printer);
+				if (chr == '\r' || chr == '\n' || chr == '\f')
+					fflush(Printer);
+			}
+			exit(0);
+		} else {
+			close(my_pipe[0]);	/* won't read from printer */
+			Printer = fdopen(my_pipe[1], "w");
+		}
 		initialized++;
 	}
 	if (Printer != 0) {
Index: X11/xc/programs/xterm/ptyx.h
diff -u X11/xc/programs/xterm/ptyx.h:1.2 X11/xc/programs/xterm/ptyx.h:1.3
--- X11/xc/programs/xterm/ptyx.h:1.2	Sat Mar 14 13:35:31 1998
+++ X11/xc/programs/xterm/ptyx.h	Sun May  3 01:38:07 1998
@@ -529,10 +529,6 @@
 #define DoSM(code,value) screen->save_modes[code] = value
 #define DoRM(code,value) value = screen->save_modes[code]
 
-#if defined(SVR4) || defined(linux) || defined(CSRG_BASED)
-#define HAS_SAVED_IDS_AND_SETEUID
-#endif
-
 typedef struct {
 	Boolean		saved;
 	int		row;
@@ -561,10 +557,6 @@
 	long		pid;		/* pid of process on far side   */
 	int		uid;		/* user id of actual person	*/
 	int		gid;		/* group id of actual person	*/
-#ifdef HAS_SAVED_IDS_AND_SETEUID
-        int             euid;
-        int             egid;
-#endif
 	GC		cursorGC;	/* normal cursor painting	*/
 	GC		fillCursorGC;	/* special cursor painting	*/
 	GC		reversecursorGC;/* reverse cursor painting	*/
Index: X11/xc/programs/xterm/version.h
diff -u X11/xc/programs/xterm/version.h:1.1.1.1 
X11/xc/programs/xterm/version.h:1.2
--- X11/xc/programs/xterm/version.h:1.1.1.1	Sat Mar  7 09:26:09 1998
+++ X11/xc/programs/xterm/version.h	Sun May  3 01:38:08 1998
@@ -1,4 +1,4 @@
-/* $XFree86: xc/programs/xterm/version.h,v 3.2.2.3 1998/03/03 12:51:03 dawes 
Exp $ */
+/* $XFree86: xc/programs/xterm/version.h,v 3.2.2.5 1998/04/29 04:18:47 dawes 
Exp $ */
 
 /*
  * This is the string that's printed in response to "xterm -version", or
@@ -6,4 +6,4 @@
  * version of xterm has been built.  The number in parentheses is my patch
  * number (T.Dickey).
  */
-#define XTERM_VERSION "XFree86 3.9Ad(68)"
+#define XTERM_VERSION "XFree86 3.3.2.1"
Index: X11/xc/lib/Xaw/XawIm.c
diff -u X11/xc/lib/Xaw/XawIm.c:1.1.1.1 X11/xc/lib/Xaw/XawIm.c:1.2
--- X11/xc/lib/Xaw/XawIm.c:1.1.1.1	Fri Sep  5 02:59:50 1997
+++ X11/xc/lib/Xaw/XawIm.c	Sun May  3 01:33:11 1998
@@ -53,6 +53,7 @@
 in this Software without prior written authorization from the X Consortium.
 
 */
+/* $XFree86: xc/lib/Xaw/XawIm.c,v 1.1.1.4.2.1 1998/05/01 04:02:42 dawes Exp $ 
*/
 
 #include 
 #include 
@@ -452,7 +453,7 @@
     } else {
 	for (i = 0; i < ve->im.im_list_num; i++) {
 	    strcpy(modifiers, "@im=");
-	    strcat(modifiers, ve->im.im_list[i]);
+	    strncat(modifiers, ve->im.im_list[i], sizeof(modifiers) - 5/*strlen
("@im=")*/);
 	    if ((p = XSetLocaleModifiers(modifiers)) != NULL && *p &&
 		(xim = XOpenIM(XtDisplay(ve->parent), NULL, NULL, NULL)) != 
NULL)
 		break;
@@ -1354,7 +1355,7 @@
     strcpy(s, p);
     save_s = s;
 
-    while(1) {
+    while(i < (sizeof(list) / sizeof(list[0]))) {
 	list[i] = s;
 	ss = index(s, ',');
 	if (!ss) {
@@ -1645,10 +1646,10 @@
 
     if ((vw = SearchVendorShell(inwidg)) && (ve = GetExtPart(vw)) &&
 	ve->im.xim && (p = GetIcTableShared(inwidg, ve)) && p->xic) {
-	  return(XwcLookupString(p->xic, event, buffer_return, bytes_buffer,
+	  return(XwcLookupString(p->xic, event, buffer_return, 
bytes_buffer/sizeof(wchar_t),
 				 keysym_return, status_return));
     }
-    ret = XLookupString( event, tmp_buf, 64, keysym_return,
+    ret = XLookupString( event, tmp_buf, sizeof(tmp_buf), keysym_return,
 		         (XComposeStatus*) status_return );
     for ( i = 0, tmp_p = tmp_buf, buf_p = buffer_return; i < ret; i++ ) {
 	*buf_p++ = _Xaw_atowc(*tmp_p++);

                                
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Ottawa Linux Symposium: May get by with a little help from its friends
Black Hat 2014: How to crack just about everything
NSA Playset, 911 hacked and war cats: A wild ride at DEF CON 22
More Details of Onion/Critroni Crypto Ransomware Emerge
Is there Another NSA Leaker? Updated
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.