As stated in CERT advisory VB-98.04, there are buffer overrun problems in xterm related to the input-Method, preeditType, and *Keymap resources. Additional buffer overruns exist in the Xaw library related to the inputMethod and preeditType resources.
The xterm(1) problem represents a security vulnerability for any platform where
xterm is installed setuid-root (as is the case for all OpenBSD platforms). The
Xaw problem represents a security vulnerability for any setuid-root program
that uses the Xaw library (including xterm). Patch1 from XFree86 3.3.2 corrects
these problems. We provide a version of this patch file specifically for the
OpenBSD 2.3 tree.
We also provide tar files which replace the xterm(1) binary and the libXaw
libraries on your system. These are expected to be extracted in
/usr/X11R6 using the command
"tar xvfpz Xawfix.tgz".
The files are...
i386,
alpha,
mac68k,
mvme68k,
hp300,
sparc,
pmax,
and
arc.
Index: X11/xc/programs/xterm/Tekproc.c
diff -u X11/xc/programs/xterm/Tekproc.c:1.1.1.2
X11/xc/programs/xterm/Tekproc.c:1.2
--- X11/xc/programs/xterm/Tekproc.c:1.1.1.2 Sat Mar 7 09:25:14 1998
+++ X11/xc/programs/xterm/Tekproc.c Sun May 3 01:37:57 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: Tekproc.c /main/120 1996/11/29 10:33:20 swick $
- * $XFree86: xc/programs/xterm/Tekproc.c,v 3.13.2.2 1998/02/15 16:09:55
hohndel Exp $
+ * $XFree86: xc/programs/xterm/Tekproc.c,v 3.13.2.4 1998/04/29 11:18:06 dawes
Exp $
*
* Warning, there be crufty dragons here.
*/
@@ -74,6 +74,9 @@
#include
#include
#include
+
+#include "xterm.h"
+
#include "Tekparse.h"
#include "data.h"
#include "error.h"
@@ -121,8 +124,6 @@
extern long time(); /* included in by Xos.h */
#endif
-#include "xterm.h"
-
#define DefaultGCID XGContextFromGC(DefaultGC(screen->display, DefaultScreen
(screen->display)))
/* Tek defines */
@@ -1723,8 +1724,10 @@
#ifndef X_NOT_POSIX
+#ifndef linux
#define HAS_WAITPID
#endif
+#endif
#ifdef HAS_WAITPID
#include
@@ -1742,7 +1745,7 @@
int pid;
#ifndef HAS_WAITPID
int waited;
- int (*chldfunc)();
+ SIGNAL_T (*chldfunc) PROTO((int n));
chldfunc = signal(SIGCHLD, SIG_DFL);
#endif
Index: X11/xc/programs/xterm/charproc.c
diff -u X11/xc/programs/xterm/charproc.c:1.1.1.2
X11/xc/programs/xterm/charproc.c:1.2
--- X11/xc/programs/xterm/charproc.c:1.1.1.2 Sat Mar 7 09:25:28 1998
+++ X11/xc/programs/xterm/charproc.c Sun May 3 01:37:59 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: charproc.c /main/196 1996/12/03 16:52:46 swick $
- * $XFree86: xc/programs/xterm/charproc.c,v 3.42.2.5 1998/02/15 16:09:58
hohndel Exp $
+ * $XFree86: xc/programs/xterm/charproc.c,v 3.42.2.7 1998/04/29 10:51:58 dawes
Exp $
*/
/*
@@ -4030,7 +4030,6 @@
*s,
*ns,
*end,
- tmp[1024],
buf[32];
XIM xim = (XIM) NULL;
XIMStyles *xim_styles;
@@ -4045,17 +4044,18 @@
if ((p = XSetLocaleModifiers("@im=none")) != NULL && *p)
xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL);
} else {
- strcpy(tmp, term->misc.input_method);
- for(ns=s=tmp; ns && *s;) {
+ for(ns=s=term->misc.input_method; ns && *s;) {
while (*s && isspace(*s)) s++;
if (!*s) break;
if ((ns = end = strchr(s, ',')) == 0)
end = s + strlen(s);
while (isspace(*end)) end--;
- *end = '\0';
strcpy(buf, "@im=");
- strcat(buf, s);
+ if (end - (s + (sizeof(buf) - 5)) > 0)
+ end = s + (sizeof(buf) - 5);
+ strncat(buf, s, end - s);
+
if ((p = XSetLocaleModifiers(buf)) != NULL && *p
&& (xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL)) != NULL)
break;
@@ -4080,8 +4080,7 @@
}
found = False;
- strcpy(tmp, term->misc.preedit_type);
- for(s = tmp; s && !found;) {
+ for(s = term->misc.preedit_type; s && !found;) {
while (*s && isspace(*s)) s++;
if (!*s) break;
if ((ns = end = strchr(s, ',')) != 0)
@@ -4089,13 +4088,12 @@
else
end = s + strlen(s);
while (isspace(*end)) end--;
- *end = '\0';
- if (!strcmp(s, "OverTheSpot")) {
+ if (!strncmp(s, "OverTheSpot", end - s)) {
input_style = (XIMPreeditPosition | XIMStatusArea);
- } else if (!strcmp(s, "OffTheSpot")) {
+ } else if (!strncmp(s, "OffTheSpot", end - s)) {
input_style = (XIMPreeditArea | XIMStatusArea);
- } else if (!strcmp(s, "Root")) {
+ } else if (!strncmp(s, "Root", end - s)) {
input_style = (XIMPreeditNothing | XIMStatusNothing);
}
for (i = 0; (unsigned short)i < xim_styles->count_styles; i++)
@@ -4646,7 +4644,7 @@
XtOverrideTranslations(w, original);
return;
}
- (void) sprintf( mapName, "%sKeymap", params[0] );
+ (void) sprintf( mapName, "%.*sKeymap", (int)sizeof(mapName) - 10, params
[0] );
(void) strcpy( mapClass, mapName );
if (islower(mapClass[0])) mapClass[0] = toupper(mapClass[0]);
XtGetSubresources( w, (XtPointer)&keymap, mapName, mapClass,
@@ -5075,7 +5073,7 @@
* not be set before the widget's realized, so it's tested separately).
*/
if(screen->colorMode) {
- if (TextWindow(screen) != 0 && (cc != bg)) {
+ if (TextWindow(screen) != 0 && (cc != bg) && (cc != fg)) {
/* we might have a colored foreground/background later */
xgcv.font = screen->fnt_norm->fid;
mask = (GCForeground | GCBackground | GCFont);
Index: X11/xc/programs/xterm/data.c
diff -u X11/xc/programs/xterm/data.c:1.1.1.2 X11/xc/programs/xterm/data.c:1.2
--- X11/xc/programs/xterm/data.c:1.1.1.2 Sat Mar 7 09:25:33 1998
+++ X11/xc/programs/xterm/data.c Sun May 3 01:38:00 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: data.c,v 1.12 95/04/05 19:58:47 kaleb Exp $
- * $XFree86: xc/programs/xterm/data.c,v 3.2.4.2 1998/02/15 16:10:03
hohndel Exp $
+ * $XFree86: xc/programs/xterm/data.c,v 3.2.4.3 1998/04/29 04:18:39 dawes
Exp $
*/
/*
@@ -101,7 +101,6 @@
#endif
int am_slave = 0; /* set to 1 if running as a slave process */
-int done_setuid = 0; /* set to 1 after resetting setuid */
int max_plus1;
fd_set Select_mask;
fd_set X_mask;
Index: X11/xc/programs/xterm/data.h
diff -u X11/xc/programs/xterm/data.h:1.1.1.2 X11/xc/programs/xterm/data.h:1.2
--- X11/xc/programs/xterm/data.h:1.1.1.2 Sat Mar 7 09:25:34 1998
+++ X11/xc/programs/xterm/data.h Sun May 3 01:38:01 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: data.h /main/13 1996/11/24 17:35:40 rws $
- * $XFree86: xc/programs/xterm/data.h,v 3.3.2.1 1998/02/15 16:10:03
hohndel Exp $
+ * $XFree86: xc/programs/xterm/data.h,v 3.3.2.2 1998/04/29 04:18:39 dawes
Exp $
*/
/*
* Copyright 1987 by Digital Equipment Corporation, Maynard, Massachusetts.
@@ -71,7 +71,6 @@
#endif
extern Char buffer[];
extern int am_slave;
-extern int done_setuid;
extern int bcnt;
#ifdef DEBUG
extern int debug;
Index: X11/xc/programs/xterm/main.c
diff -u X11/xc/programs/xterm/main.c:1.2 X11/xc/programs/xterm/main.c:1.3
--- X11/xc/programs/xterm/main.c:1.2 Sat Mar 14 13:35:29 1998
+++ X11/xc/programs/xterm/main.c Sun May 3 01:38:02 1998
@@ -64,7 +64,7 @@
******************************************************************/
-/* $XFree86: xc/programs/xterm/main.c,v 3.47.2.8 1998/02/27 01:29:29 dawes Exp
$ */
+/* $XFree86: xc/programs/xterm/main.c,v 3.47.2.10 1998/04/29 10:52:00 dawes
Exp $ */
/* main.c */
@@ -325,9 +325,11 @@
#endif
#ifdef SVR4
#define USE_POSIX_WAIT
+#define HAS_SAVED_IDS_AND_SETEUID
#endif
#ifdef linux
+#define HAS_SAVED_IDS_AND_SETEUID
#ifndef CBAUD
#define CBAUD 0010017
#endif
@@ -341,6 +343,7 @@
#define USE_POSIX_WAIT
#define LASTLOG
#define WTMP
+#define HAS_SAVED_IDS_AND_SETEUID
#endif
#include
@@ -976,6 +979,12 @@
"will be started. Options that start with a plus sign (+) restore the
default.",
NULL};
+static int abbrev (char *tst, char *cmp)
+{
+ size_t len = strlen(tst);
+ return ((len >= 2) && (!strncmp(tst, cmp, len)));
+}
+
static void Syntax (badOption)
char *badOption;
{
@@ -1115,9 +1124,9 @@
/* Do these first, since we may not be able to open the display */
ProgramName = argv[0];
if (argc > 1) {
- if (!strncmp(argv[1], "-v", 2))
+ if (abbrev(argv[1], "-version"))
Version();
- if (!strncmp(argv[1], "-h", 2) && strncmp(argv[1], "-hc", 3))
+ if (abbrev(argv[1], "-help"))
Help();
}
@@ -1725,15 +1734,6 @@
XSetErrorHandler(xerror);
XSetIOErrorHandler(xioerror);
-#ifndef HAS_SAVED_IDS_AND_SETEUID
- (void) setuid (screen->uid); /* we're done with privileges... */
- (void) setgid (screen->gid);
- done_setuid = 1;
-#else
- seteuid(screen->uid);
- setegid(screen->gid);
-#endif
-
#ifdef ALLOWLOGGING
if (term->misc.log_on) {
StartLog(screen);
@@ -2159,10 +2159,6 @@
screen->uid = getuid();
screen->gid = getgid();
-#ifdef HAS_SAVED_IDS_AND_SETEUID
- screen->euid = geteuid();
- screen->egid = getegid();
-#endif
#ifdef linux
bzero(termcap, sizeof termcap);
@@ -3553,7 +3549,7 @@
int i, n, ncap;
errstat err;
struct caplist *cl;
- char buf[64], numbuf[12];
+ char buf[64];
struct caplist *capvnew;
int ttythread();
int xwatchdogthread();
@@ -3892,10 +3888,6 @@
register int wfd;
struct utmp utmp;
-#ifdef HAS_SAVED_IDS_AND_SETEUID
- setegid(screen->egid);
- seteuid(screen->euid);
-#endif
if (!resource.utmpInhibit && added_utmp_entry &&
(!am_slave && tslot > 0 && (wfd = open(etc_utmp, O_WRONLY)) >= 0)){
bzero((char *)&utmp, sizeof(struct utmp));
@@ -3914,10 +3906,6 @@
}
#endif /* WTMP */
}
-#ifdef HAS_SAVED_IDS_AND_SETEUID
- setegid(screen->gid);
- seteuid(screen->uid);
-#endif /* HAS_SAVED_IDS_AND_SETEUID */
#endif /* USE_SYSV_UTMP */
#endif /* UTMP */
#ifndef AMOEBA
Index: X11/xc/programs/xterm/misc.c
diff -u X11/xc/programs/xterm/misc.c:1.1.1.2 X11/xc/programs/xterm/misc.c:1.2
--- X11/xc/programs/xterm/misc.c:1.1.1.2 Sat Mar 7 09:25:44 1998
+++ X11/xc/programs/xterm/misc.c Sun May 3 01:38:03 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: misc.c /main/112 1996/11/29 10:34:07 swick $
- * $XFree86: xc/programs/xterm/misc.c,v 3.17.2.3 1998/02/24 13:54:37
hohndel Exp $
+ * $XFree86: xc/programs/xterm/misc.c,v 3.17.2.4 1998/04/29 04:18:45 dawes
Exp $
*/
/*
@@ -48,13 +48,13 @@
#include
#include
+#include "xterm.h"
+
#include "VTparse.h"
#include "data.h"
#include "error.h"
#include "menu.h"
-#include "xterm.h"
-
#if XtSpecificationRelease < 6
#ifndef X_GETTIMEOFDAY
#define X_GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *)0)
@@ -534,8 +534,10 @@
#if defined(ALLOWLOGGING) || defined(DEBUG)
#ifndef X_NOT_POSIX
+#ifndef linux
#define HAS_WAITPID
#endif
+#endif
/*
* create a file only if we could with the permissions of the real user id.
@@ -559,18 +561,10 @@
int pid;
#ifndef HAS_WAITPID
int waited;
- int (*chldfunc)();
+ SIGNAL_T (*chldfunc)();
chldfunc = signal(SIGCHLD, SIG_DFL);
#endif
-
- if (done_setuid) {
- fd = open(pathname, O_WRONLY|O_CREAT|O_APPEND, mode);
- if (fd >= 0) {
- close(fd);
- }
- return;
- }
pid = fork();
switch (pid)
Index: X11/xc/programs/xterm/os2main.c
diff -u X11/xc/programs/xterm/os2main.c:1.1.1.2
X11/xc/programs/xterm/os2main.c:1.2
--- X11/xc/programs/xterm/os2main.c:1.1.1.2 Sat Mar 7 09:25:45 1998
+++ X11/xc/programs/xterm/os2main.c Sun May 3 01:38:05 1998
@@ -5,7 +5,7 @@
#ifndef lint
static char *rid="$XConsortium: main.c,v 1.227.1.2 95/06/29 18:13:15 kaleb Exp
$";
#endif /* lint */
-/* $XFree86: xc/programs/xterm/os2main.c,v 3.5.2.3 1998/02/22 01:28:30 robin
Exp $ */
+/* $XFree86: xc/programs/xterm/os2main.c,v 3.5.2.5 1998/04/29 10:52:01 dawes
Exp $ */
/***********************************************************
@@ -518,6 +518,12 @@
"will be started. Options that start with a plus sign (+) restore the
default.",
NULL};
+static int abbrev (char *tst, char *cmp)
+{
+ size_t len = strlen(tst);
+ return ((len >= 2) && (!strncmp(tst, cmp, len)));
+}
+
static void Syntax (badOption)
char *badOption;
{
@@ -770,9 +776,9 @@
/* Do these first, since we may not be able to open the display */
ProgramName = argv[0];
if (argc > 1) {
- if (!strncmp(argv[1], "-v", 2))
+ if (abbrev(argv[1], "-version"))
Version();
- if (!strncmp(argv[1], "-h", 2) && strncmp(argv[1], "-hc", 3))
+ if (abbrev(argv[1], "-help"))
Help();
}
@@ -1064,10 +1070,6 @@
#endif /* DEBUG */
XSetErrorHandler(xerror);
XSetIOErrorHandler(xioerror);
-
- (void) setuid (screen->uid); /* we're done with privileges... */
- (void) setgid (screen->gid);
- done_setuid = 1;
#ifdef ALLOWLOGGING
if (term->misc.log_on) {
Index: X11/xc/programs/xterm/print.c
diff -u X11/xc/programs/xterm/print.c:1.1.1.1 X11/xc/programs/xterm/print.c:1.2
--- X11/xc/programs/xterm/print.c:1.1.1.1 Sat Mar 7 09:26:09 1998
+++ X11/xc/programs/xterm/print.c Sun May 3 01:38:06 1998
@@ -1,5 +1,5 @@
/*
- * $XFree86: xc/programs/xterm/print.c,v 1.3.2.1 1998/02/15 16:10:08 hohndel
Exp $
+ * $XFree86: xc/programs/xterm/print.c,v 1.3.2.3 1998/04/29 11:18:07 dawes Exp
$
*/
/************************************************************
@@ -42,6 +42,7 @@
#include "ptyx.h"
#include "data.h"
+#include "error.h"
#include "xterm.h"
#define Strlen(a) strlen((char *)a)
@@ -172,8 +173,33 @@
{
static int initialized;
if (!initialized) {
+ FILE *input;
+ int my_pipe[2];
+ int my_pid;
+ int c;
register TScreen *screen = &term->screen;
- Printer = popen(screen->printer_command, "w");
+
+ if (pipe(my_pipe))
+ SysError (ERROR_FORK);
+ if ((my_pid = fork()) < 0)
+ SysError (ERROR_FORK);
+
+ if (my_pid == 0) {
+ close(my_pipe[1]); /* printer is silent */
+ setgid (screen->gid);
+ setuid (screen->uid);
+ Printer = popen(screen->printer_command, "w");
+ input = fdopen(my_pipe[0], "r");
+ while ((c = fgetc(input)) != EOF) {
+ fputc(c, Printer);
+ if (chr == '\r' || chr == '\n' || chr == '\f')
+ fflush(Printer);
+ }
+ exit(0);
+ } else {
+ close(my_pipe[0]); /* won't read from printer */
+ Printer = fdopen(my_pipe[1], "w");
+ }
initialized++;
}
if (Printer != 0) {
Index: X11/xc/programs/xterm/ptyx.h
diff -u X11/xc/programs/xterm/ptyx.h:1.2 X11/xc/programs/xterm/ptyx.h:1.3
--- X11/xc/programs/xterm/ptyx.h:1.2 Sat Mar 14 13:35:31 1998
+++ X11/xc/programs/xterm/ptyx.h Sun May 3 01:38:07 1998
@@ -529,10 +529,6 @@
#define DoSM(code,value) screen->save_modes[code] = value
#define DoRM(code,value) value = screen->save_modes[code]
-#if defined(SVR4) || defined(linux) || defined(CSRG_BASED)
-#define HAS_SAVED_IDS_AND_SETEUID
-#endif
-
typedef struct {
Boolean saved;
int row;
@@ -561,10 +557,6 @@
long pid; /* pid of process on far side */
int uid; /* user id of actual person */
int gid; /* group id of actual person */
-#ifdef HAS_SAVED_IDS_AND_SETEUID
- int euid;
- int egid;
-#endif
GC cursorGC; /* normal cursor painting */
GC fillCursorGC; /* special cursor painting */
GC reversecursorGC;/* reverse cursor painting */
Index: X11/xc/programs/xterm/version.h
diff -u X11/xc/programs/xterm/version.h:1.1.1.1
X11/xc/programs/xterm/version.h:1.2
--- X11/xc/programs/xterm/version.h:1.1.1.1 Sat Mar 7 09:26:09 1998
+++ X11/xc/programs/xterm/version.h Sun May 3 01:38:08 1998
@@ -1,4 +1,4 @@
-/* $XFree86: xc/programs/xterm/version.h,v 3.2.2.3 1998/03/03 12:51:03 dawes
Exp $ */
+/* $XFree86: xc/programs/xterm/version.h,v 3.2.2.5 1998/04/29 04:18:47 dawes
Exp $ */
/*
* This is the string that's printed in response to "xterm -version", or
@@ -6,4 +6,4 @@
* version of xterm has been built. The number in parentheses is my patch
* number (T.Dickey).
*/
-#define XTERM_VERSION "XFree86 3.9Ad(68)"
+#define XTERM_VERSION "XFree86 3.3.2.1"
Index: X11/xc/lib/Xaw/XawIm.c
diff -u X11/xc/lib/Xaw/XawIm.c:1.1.1.1 X11/xc/lib/Xaw/XawIm.c:1.2
--- X11/xc/lib/Xaw/XawIm.c:1.1.1.1 Fri Sep 5 02:59:50 1997
+++ X11/xc/lib/Xaw/XawIm.c Sun May 3 01:33:11 1998
@@ -53,6 +53,7 @@
in this Software without prior written authorization from the X Consortium.
*/
+/* $XFree86: xc/lib/Xaw/XawIm.c,v 1.1.1.4.2.1 1998/05/01 04:02:42 dawes Exp $
*/
#include
#include
@@ -452,7 +453,7 @@
} else {
for (i = 0; i < ve->im.im_list_num; i++) {
strcpy(modifiers, "@im=");
- strcat(modifiers, ve->im.im_list[i]);
+ strncat(modifiers, ve->im.im_list[i], sizeof(modifiers) - 5/*strlen
("@im=")*/);
if ((p = XSetLocaleModifiers(modifiers)) != NULL && *p &&
(xim = XOpenIM(XtDisplay(ve->parent), NULL, NULL, NULL)) !=
NULL)
break;
@@ -1354,7 +1355,7 @@
strcpy(s, p);
save_s = s;
- while(1) {
+ while(i < (sizeof(list) / sizeof(list[0]))) {
list[i] = s;
ss = index(s, ',');
if (!ss) {
@@ -1645,10 +1646,10 @@
if ((vw = SearchVendorShell(inwidg)) && (ve = GetExtPart(vw)) &&
ve->im.xim && (p = GetIcTableShared(inwidg, ve)) && p->xic) {
- return(XwcLookupString(p->xic, event, buffer_return, bytes_buffer,
+ return(XwcLookupString(p->xic, event, buffer_return,
bytes_buffer/sizeof(wchar_t),
keysym_return, status_return));
}
- ret = XLookupString( event, tmp_buf, 64, keysym_return,
+ ret = XLookupString( event, tmp_buf, sizeof(tmp_buf), keysym_return,
(XComposeStatus*) status_return );
for ( i = 0, tmp_p = tmp_buf, buf_p = buffer_return; i < ret; i++ ) {
*buf_p++ = _Xaw_atowc(*tmp_p++);
Index: X11/xc/programs/xterm/Tekproc.c
diff -u X11/xc/programs/xterm/Tekproc.c:1.1.1.2
X11/xc/programs/xterm/Tekproc.c:1.2
--- X11/xc/programs/xterm/Tekproc.c:1.1.1.2 Sat Mar 7 09:25:14 1998
+++ X11/xc/programs/xterm/Tekproc.c Sun May 3 01:37:57 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: Tekproc.c /main/120 1996/11/29 10:33:20 swick $
- * $XFree86: xc/programs/xterm/Tekproc.c,v 3.13.2.2 1998/02/15 16:09:55
hohndel Exp $
+ * $XFree86: xc/programs/xterm/Tekproc.c,v 3.13.2.4 1998/04/29 11:18:06 dawes
Exp $
*
* Warning, there be crufty dragons here.
*/
@@ -74,6 +74,9 @@
#include
#include
#include
+
+#include "xterm.h"
+
#include "Tekparse.h"
#include "data.h"
#include "error.h"
@@ -121,8 +124,6 @@
extern long time(); /* included in by Xos.h */
#endif
-#include "xterm.h"
-
#define DefaultGCID XGContextFromGC(DefaultGC(screen->display, DefaultScreen
(screen->display)))
/* Tek defines */
@@ -1723,8 +1724,10 @@
#ifndef X_NOT_POSIX
+#ifndef linux
#define HAS_WAITPID
#endif
+#endif
#ifdef HAS_WAITPID
#include
@@ -1742,7 +1745,7 @@
int pid;
#ifndef HAS_WAITPID
int waited;
- int (*chldfunc)();
+ SIGNAL_T (*chldfunc) PROTO((int n));
chldfunc = signal(SIGCHLD, SIG_DFL);
#endif
Index: X11/xc/programs/xterm/charproc.c
diff -u X11/xc/programs/xterm/charproc.c:1.1.1.2
X11/xc/programs/xterm/charproc.c:1.2
--- X11/xc/programs/xterm/charproc.c:1.1.1.2 Sat Mar 7 09:25:28 1998
+++ X11/xc/programs/xterm/charproc.c Sun May 3 01:37:59 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: charproc.c /main/196 1996/12/03 16:52:46 swick $
- * $XFree86: xc/programs/xterm/charproc.c,v 3.42.2.5 1998/02/15 16:09:58
hohndel Exp $
+ * $XFree86: xc/programs/xterm/charproc.c,v 3.42.2.7 1998/04/29 10:51:58 dawes
Exp $
*/
/*
@@ -4030,7 +4030,6 @@
*s,
*ns,
*end,
- tmp[1024],
buf[32];
XIM xim = (XIM) NULL;
XIMStyles *xim_styles;
@@ -4045,17 +4044,18 @@
if ((p = XSetLocaleModifiers("@im=none")) != NULL && *p)
xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL);
} else {
- strcpy(tmp, term->misc.input_method);
- for(ns=s=tmp; ns && *s;) {
+ for(ns=s=term->misc.input_method; ns && *s;) {
while (*s && isspace(*s)) s++;
if (!*s) break;
if ((ns = end = strchr(s, ',')) == 0)
end = s + strlen(s);
while (isspace(*end)) end--;
- *end = '\0';
strcpy(buf, "@im=");
- strcat(buf, s);
+ if (end - (s + (sizeof(buf) - 5)) > 0)
+ end = s + (sizeof(buf) - 5);
+ strncat(buf, s, end - s);
+
if ((p = XSetLocaleModifiers(buf)) != NULL && *p
&& (xim = XOpenIM(XtDisplay(term), NULL, NULL, NULL)) != NULL)
break;
@@ -4080,8 +4080,7 @@
}
found = False;
- strcpy(tmp, term->misc.preedit_type);
- for(s = tmp; s && !found;) {
+ for(s = term->misc.preedit_type; s && !found;) {
while (*s && isspace(*s)) s++;
if (!*s) break;
if ((ns = end = strchr(s, ',')) != 0)
@@ -4089,13 +4088,12 @@
else
end = s + strlen(s);
while (isspace(*end)) end--;
- *end = '\0';
- if (!strcmp(s, "OverTheSpot")) {
+ if (!strncmp(s, "OverTheSpot", end - s)) {
input_style = (XIMPreeditPosition | XIMStatusArea);
- } else if (!strcmp(s, "OffTheSpot")) {
+ } else if (!strncmp(s, "OffTheSpot", end - s)) {
input_style = (XIMPreeditArea | XIMStatusArea);
- } else if (!strcmp(s, "Root")) {
+ } else if (!strncmp(s, "Root", end - s)) {
input_style = (XIMPreeditNothing | XIMStatusNothing);
}
for (i = 0; (unsigned short)i < xim_styles->count_styles; i++)
@@ -4646,7 +4644,7 @@
XtOverrideTranslations(w, original);
return;
}
- (void) sprintf( mapName, "%sKeymap", params[0] );
+ (void) sprintf( mapName, "%.*sKeymap", (int)sizeof(mapName) - 10, params
[0] );
(void) strcpy( mapClass, mapName );
if (islower(mapClass[0])) mapClass[0] = toupper(mapClass[0]);
XtGetSubresources( w, (XtPointer)&keymap, mapName, mapClass,
@@ -5075,7 +5073,7 @@
* not be set before the widget's realized, so it's tested separately).
*/
if(screen->colorMode) {
- if (TextWindow(screen) != 0 && (cc != bg)) {
+ if (TextWindow(screen) != 0 && (cc != bg) && (cc != fg)) {
/* we might have a colored foreground/background later */
xgcv.font = screen->fnt_norm->fid;
mask = (GCForeground | GCBackground | GCFont);
Index: X11/xc/programs/xterm/data.c
diff -u X11/xc/programs/xterm/data.c:1.1.1.2 X11/xc/programs/xterm/data.c:1.2
--- X11/xc/programs/xterm/data.c:1.1.1.2 Sat Mar 7 09:25:33 1998
+++ X11/xc/programs/xterm/data.c Sun May 3 01:38:00 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: data.c,v 1.12 95/04/05 19:58:47 kaleb Exp $
- * $XFree86: xc/programs/xterm/data.c,v 3.2.4.2 1998/02/15 16:10:03
hohndel Exp $
+ * $XFree86: xc/programs/xterm/data.c,v 3.2.4.3 1998/04/29 04:18:39 dawes
Exp $
*/
/*
@@ -101,7 +101,6 @@
#endif
int am_slave = 0; /* set to 1 if running as a slave process */
-int done_setuid = 0; /* set to 1 after resetting setuid */
int max_plus1;
fd_set Select_mask;
fd_set X_mask;
Index: X11/xc/programs/xterm/data.h
diff -u X11/xc/programs/xterm/data.h:1.1.1.2 X11/xc/programs/xterm/data.h:1.2
--- X11/xc/programs/xterm/data.h:1.1.1.2 Sat Mar 7 09:25:34 1998
+++ X11/xc/programs/xterm/data.h Sun May 3 01:38:01 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: data.h /main/13 1996/11/24 17:35:40 rws $
- * $XFree86: xc/programs/xterm/data.h,v 3.3.2.1 1998/02/15 16:10:03
hohndel Exp $
+ * $XFree86: xc/programs/xterm/data.h,v 3.3.2.2 1998/04/29 04:18:39 dawes
Exp $
*/
/*
* Copyright 1987 by Digital Equipment Corporation, Maynard, Massachusetts.
@@ -71,7 +71,6 @@
#endif
extern Char buffer[];
extern int am_slave;
-extern int done_setuid;
extern int bcnt;
#ifdef DEBUG
extern int debug;
Index: X11/xc/programs/xterm/main.c
diff -u X11/xc/programs/xterm/main.c:1.2 X11/xc/programs/xterm/main.c:1.3
--- X11/xc/programs/xterm/main.c:1.2 Sat Mar 14 13:35:29 1998
+++ X11/xc/programs/xterm/main.c Sun May 3 01:38:02 1998
@@ -64,7 +64,7 @@
******************************************************************/
-/* $XFree86: xc/programs/xterm/main.c,v 3.47.2.8 1998/02/27 01:29:29 dawes Exp
$ */
+/* $XFree86: xc/programs/xterm/main.c,v 3.47.2.10 1998/04/29 10:52:00 dawes
Exp $ */
/* main.c */
@@ -325,9 +325,11 @@
#endif
#ifdef SVR4
#define USE_POSIX_WAIT
+#define HAS_SAVED_IDS_AND_SETEUID
#endif
#ifdef linux
+#define HAS_SAVED_IDS_AND_SETEUID
#ifndef CBAUD
#define CBAUD 0010017
#endif
@@ -341,6 +343,7 @@
#define USE_POSIX_WAIT
#define LASTLOG
#define WTMP
+#define HAS_SAVED_IDS_AND_SETEUID
#endif
#include
@@ -976,6 +979,12 @@
"will be started. Options that start with a plus sign (+) restore the
default.",
NULL};
+static int abbrev (char *tst, char *cmp)
+{
+ size_t len = strlen(tst);
+ return ((len >= 2) && (!strncmp(tst, cmp, len)));
+}
+
static void Syntax (badOption)
char *badOption;
{
@@ -1115,9 +1124,9 @@
/* Do these first, since we may not be able to open the display */
ProgramName = argv[0];
if (argc > 1) {
- if (!strncmp(argv[1], "-v", 2))
+ if (abbrev(argv[1], "-version"))
Version();
- if (!strncmp(argv[1], "-h", 2) && strncmp(argv[1], "-hc", 3))
+ if (abbrev(argv[1], "-help"))
Help();
}
@@ -1725,15 +1734,6 @@
XSetErrorHandler(xerror);
XSetIOErrorHandler(xioerror);
-#ifndef HAS_SAVED_IDS_AND_SETEUID
- (void) setuid (screen->uid); /* we're done with privileges... */
- (void) setgid (screen->gid);
- done_setuid = 1;
-#else
- seteuid(screen->uid);
- setegid(screen->gid);
-#endif
-
#ifdef ALLOWLOGGING
if (term->misc.log_on) {
StartLog(screen);
@@ -2159,10 +2159,6 @@
screen->uid = getuid();
screen->gid = getgid();
-#ifdef HAS_SAVED_IDS_AND_SETEUID
- screen->euid = geteuid();
- screen->egid = getegid();
-#endif
#ifdef linux
bzero(termcap, sizeof termcap);
@@ -3553,7 +3549,7 @@
int i, n, ncap;
errstat err;
struct caplist *cl;
- char buf[64], numbuf[12];
+ char buf[64];
struct caplist *capvnew;
int ttythread();
int xwatchdogthread();
@@ -3892,10 +3888,6 @@
register int wfd;
struct utmp utmp;
-#ifdef HAS_SAVED_IDS_AND_SETEUID
- setegid(screen->egid);
- seteuid(screen->euid);
-#endif
if (!resource.utmpInhibit && added_utmp_entry &&
(!am_slave && tslot > 0 && (wfd = open(etc_utmp, O_WRONLY)) >= 0)){
bzero((char *)&utmp, sizeof(struct utmp));
@@ -3914,10 +3906,6 @@
}
#endif /* WTMP */
}
-#ifdef HAS_SAVED_IDS_AND_SETEUID
- setegid(screen->gid);
- seteuid(screen->uid);
-#endif /* HAS_SAVED_IDS_AND_SETEUID */
#endif /* USE_SYSV_UTMP */
#endif /* UTMP */
#ifndef AMOEBA
Index: X11/xc/programs/xterm/misc.c
diff -u X11/xc/programs/xterm/misc.c:1.1.1.2 X11/xc/programs/xterm/misc.c:1.2
--- X11/xc/programs/xterm/misc.c:1.1.1.2 Sat Mar 7 09:25:44 1998
+++ X11/xc/programs/xterm/misc.c Sun May 3 01:38:03 1998
@@ -1,6 +1,6 @@
/*
* $XConsortium: misc.c /main/112 1996/11/29 10:34:07 swick $
- * $XFree86: xc/programs/xterm/misc.c,v 3.17.2.3 1998/02/24 13:54:37
hohndel Exp $
+ * $XFree86: xc/programs/xterm/misc.c,v 3.17.2.4 1998/04/29 04:18:45 dawes
Exp $
*/
/*
@@ -48,13 +48,13 @@
#include
#include
+#include "xterm.h"
+
#include "VTparse.h"
#include "data.h"
#include "error.h"
#include "menu.h"
-#include "xterm.h"
-
#if XtSpecificationRelease < 6
#ifndef X_GETTIMEOFDAY
#define X_GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *)0)
@@ -534,8 +534,10 @@
#if defined(ALLOWLOGGING) || defined(DEBUG)
#ifndef X_NOT_POSIX
+#ifndef linux
#define HAS_WAITPID
#endif
+#endif
/*
* create a file only if we could with the permissions of the real user id.
@@ -559,18 +561,10 @@
int pid;
#ifndef HAS_WAITPID
int waited;
- int (*chldfunc)();
+ SIGNAL_T (*chldfunc)();
chldfunc = signal(SIGCHLD, SIG_DFL);
#endif
-
- if (done_setuid) {
- fd = open(pathname, O_WRONLY|O_CREAT|O_APPEND, mode);
- if (fd >= 0) {
- close(fd);
- }
- return;
- }
pid = fork();
switch (pid)
Index: X11/xc/programs/xterm/os2main.c
diff -u X11/xc/programs/xterm/os2main.c:1.1.1.2
X11/xc/programs/xterm/os2main.c:1.2
--- X11/xc/programs/xterm/os2main.c:1.1.1.2 Sat Mar 7 09:25:45 1998
+++ X11/xc/programs/xterm/os2main.c Sun May 3 01:38:05 1998
@@ -5,7 +5,7 @@
#ifndef lint
static char *rid="$XConsortium: main.c,v 1.227.1.2 95/06/29 18:13:15 kaleb Exp
$";
#endif /* lint */
-/* $XFree86: xc/programs/xterm/os2main.c,v 3.5.2.3 1998/02/22 01:28:30 robin
Exp $ */
+/* $XFree86: xc/programs/xterm/os2main.c,v 3.5.2.5 1998/04/29 10:52:01 dawes
Exp $ */
/***********************************************************
@@ -518,6 +518,12 @@
"will be started. Options that start with a plus sign (+) restore the
default.",
NULL};
+static int abbrev (char *tst, char *cmp)
+{
+ size_t len = strlen(tst);
+ return ((len >= 2) && (!strncmp(tst, cmp, len)));
+}
+
static void Syntax (badOption)
char *badOption;
{
@@ -770,9 +776,9 @@
/* Do these first, since we may not be able to open the display */
ProgramName = argv[0];
if (argc > 1) {
- if (!strncmp(argv[1], "-v", 2))
+ if (abbrev(argv[1], "-version"))
Version();
- if (!strncmp(argv[1], "-h", 2) && strncmp(argv[1], "-hc", 3))
+ if (abbrev(argv[1], "-help"))
Help();
}
@@ -1064,10 +1070,6 @@
#endif /* DEBUG */
XSetErrorHandler(xerror);
XSetIOErrorHandler(xioerror);
-
- (void) setuid (screen->uid); /* we're done with privileges... */
- (void) setgid (screen->gid);
- done_setuid = 1;
#ifdef ALLOWLOGGING
if (term->misc.log_on) {
Index: X11/xc/programs/xterm/print.c
diff -u X11/xc/programs/xterm/print.c:1.1.1.1 X11/xc/programs/xterm/print.c:1.2
--- X11/xc/programs/xterm/print.c:1.1.1.1 Sat Mar 7 09:26:09 1998
+++ X11/xc/programs/xterm/print.c Sun May 3 01:38:06 1998
@@ -1,5 +1,5 @@
/*
- * $XFree86: xc/programs/xterm/print.c,v 1.3.2.1 1998/02/15 16:10:08 hohndel
Exp $
+ * $XFree86: xc/programs/xterm/print.c,v 1.3.2.3 1998/04/29 11:18:07 dawes Exp
$
*/
/************************************************************
@@ -42,6 +42,7 @@
#include "ptyx.h"
#include "data.h"
+#include "error.h"
#include "xterm.h"
#define Strlen(a) strlen((char *)a)
@@ -172,8 +173,33 @@
{
static int initialized;
if (!initialized) {
+ FILE *input;
+ int my_pipe[2];
+ int my_pid;
+ int c;
register TScreen *screen = &term->screen;
- Printer = popen(screen->printer_command, "w");
+
+ if (pipe(my_pipe))
+ SysError (ERROR_FORK);
+ if ((my_pid = fork()) < 0)
+ SysError (ERROR_FORK);
+
+ if (my_pid == 0) {
+ close(my_pipe[1]); /* printer is silent */
+ setgid (screen->gid);
+ setuid (screen->uid);
+ Printer = popen(screen->printer_command, "w");
+ input = fdopen(my_pipe[0], "r");
+ while ((c = fgetc(input)) != EOF) {
+ fputc(c, Printer);
+ if (chr == '\r' || chr == '\n' || chr == '\f')
+ fflush(Printer);
+ }
+ exit(0);
+ } else {
+ close(my_pipe[0]); /* won't read from printer */
+ Printer = fdopen(my_pipe[1], "w");
+ }
initialized++;
}
if (Printer != 0) {
Index: X11/xc/programs/xterm/ptyx.h
diff -u X11/xc/programs/xterm/ptyx.h:1.2 X11/xc/programs/xterm/ptyx.h:1.3
--- X11/xc/programs/xterm/ptyx.h:1.2 Sat Mar 14 13:35:31 1998
+++ X11/xc/programs/xterm/ptyx.h Sun May 3 01:38:07 1998
@@ -529,10 +529,6 @@
#define DoSM(code,value) screen->save_modes[code] = value
#define DoRM(code,value) value = screen->save_modes[code]
-#if defined(SVR4) || defined(linux) || defined(CSRG_BASED)
-#define HAS_SAVED_IDS_AND_SETEUID
-#endif
-
typedef struct {
Boolean saved;
int row;
@@ -561,10 +557,6 @@
long pid; /* pid of process on far side */
int uid; /* user id of actual person */
int gid; /* group id of actual person */
-#ifdef HAS_SAVED_IDS_AND_SETEUID
- int euid;
- int egid;
-#endif
GC cursorGC; /* normal cursor painting */
GC fillCursorGC; /* special cursor painting */
GC reversecursorGC;/* reverse cursor painting */
Index: X11/xc/programs/xterm/version.h
diff -u X11/xc/programs/xterm/version.h:1.1.1.1
X11/xc/programs/xterm/version.h:1.2
--- X11/xc/programs/xterm/version.h:1.1.1.1 Sat Mar 7 09:26:09 1998
+++ X11/xc/programs/xterm/version.h Sun May 3 01:38:08 1998
@@ -1,4 +1,4 @@
-/* $XFree86: xc/programs/xterm/version.h,v 3.2.2.3 1998/03/03 12:51:03 dawes
Exp $ */
+/* $XFree86: xc/programs/xterm/version.h,v 3.2.2.5 1998/04/29 04:18:47 dawes
Exp $ */
/*
* This is the string that's printed in response to "xterm -version", or
@@ -6,4 +6,4 @@
* version of xterm has been built. The number in parentheses is my patch
* number (T.Dickey).
*/
-#define XTERM_VERSION "XFree86 3.9Ad(68)"
+#define XTERM_VERSION "XFree86 3.3.2.1"
Index: X11/xc/lib/Xaw/XawIm.c
diff -u X11/xc/lib/Xaw/XawIm.c:1.1.1.1 X11/xc/lib/Xaw/XawIm.c:1.2
--- X11/xc/lib/Xaw/XawIm.c:1.1.1.1 Fri Sep 5 02:59:50 1997
+++ X11/xc/lib/Xaw/XawIm.c Sun May 3 01:33:11 1998
@@ -53,6 +53,7 @@
in this Software without prior written authorization from the X Consortium.
*/
+/* $XFree86: xc/lib/Xaw/XawIm.c,v 1.1.1.4.2.1 1998/05/01 04:02:42 dawes Exp $
*/
#include
#include
@@ -452,7 +453,7 @@
} else {
for (i = 0; i < ve->im.im_list_num; i++) {
strcpy(modifiers, "@im=");
- strcat(modifiers, ve->im.im_list[i]);
+ strncat(modifiers, ve->im.im_list[i], sizeof(modifiers) - 5/*strlen
("@im=")*/);
if ((p = XSetLocaleModifiers(modifiers)) != NULL && *p &&
(xim = XOpenIM(XtDisplay(ve->parent), NULL, NULL, NULL)) !=
NULL)
break;
@@ -1354,7 +1355,7 @@
strcpy(s, p);
save_s = s;
- while(1) {
+ while(i < (sizeof(list) / sizeof(list[0]))) {
list[i] = s;
ss = index(s, ',');
if (!ss) {
@@ -1645,10 +1646,10 @@
if ((vw = SearchVendorShell(inwidg)) && (ve = GetExtPart(vw)) &&
ve->im.xim && (p = GetIcTableShared(inwidg, ve)) && p->xic) {
- return(XwcLookupString(p->xic, event, buffer_return, bytes_buffer,
+ return(XwcLookupString(p->xic, event, buffer_return,
bytes_buffer/sizeof(wchar_t),
keysym_return, status_return));
}
- ret = XLookupString( event, tmp_buf, 64, keysym_return,
+ ret = XLookupString( event, tmp_buf, sizeof(tmp_buf), keysym_return,
(XComposeStatus*) status_return );
for ( i = 0, tmp_p = tmp_buf, buf_p = buffer_return; i < ret; i++ ) {
*buf_p++ = _Xaw_atowc(*tmp_p++);
|
