From 39ae6228d0c0de4581265f6333db8b900f3f6f38 Mon Sep 17 00:00:00 2001 From: tonnerre Date: Tue, 27 May 2008 21:46:53 +0000 Subject: Don't make any assumptions about default displays in aterm. Fixes CVE-2008-1142. --- x11/aterm/Makefile | 4 ++-- x11/aterm/distinfo | 4 ++-- x11/aterm/patches/patch-aa | 26 ++++++++++++++++++++++---- 3 files changed, 26 insertions(+), 8 deletions(-) (limited to 'x11/aterm') diff --git a/x11/aterm/Makefile b/x11/aterm/Makefile index 3618af7facf..1cf243a40ed 100644 --- a/x11/aterm/Makefile +++ b/x11/aterm/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.34 2007/01/19 08:02:33 rillig Exp $ +# $NetBSD: Makefile,v 1.35 2008/05/27 21:46:53 tonnerre Exp $ # DISTNAME= aterm-1.0.0 -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= x11 MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=aterm/} EXTRACT_SUFX= .tar.bz2 diff --git a/x11/aterm/distinfo b/x11/aterm/distinfo index 0b54774431f..d7b52eb071d 100644 --- a/x11/aterm/distinfo +++ b/x11/aterm/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.12 2007/01/19 08:02:33 rillig Exp $ +$NetBSD: distinfo,v 1.13 2008/05/27 21:46:53 tonnerre Exp $ SHA1 (aterm-1.0.0.tar.bz2) = 806fd20aec2851c5eea26d9e6a707985da3579a3 RMD160 (aterm-1.0.0.tar.bz2) = b74f54b6aa6f1d4a094671507c30f627f074eb48 Size (aterm-1.0.0.tar.bz2) = 248708 bytes -SHA1 (patch-aa) = 9390b91ecf82b4bdf7e91c2c858c7ef7eb912fe1 +SHA1 (patch-aa) = 3db1064f3998d1d901902c4309841e102db32fa4 SHA1 (patch-ac) = 28c79343079680251a013ec3fe364b01f5a5ccac SHA1 (patch-ad) = 0c87ee69672e98189afa2cfdcdd9691a1571f354 SHA1 (patch-ae) = 2cb3efc3c252b010f12299265abf14366b45083a diff --git a/x11/aterm/patches/patch-aa b/x11/aterm/patches/patch-aa index d6bd21889bb..21c2d1d92f9 100644 --- a/x11/aterm/patches/patch-aa +++ b/x11/aterm/patches/patch-aa @@ -1,8 +1,8 @@ -$NetBSD: patch-aa,v 1.4 2006/12/11 12:23:24 sketch Exp $ +$NetBSD: patch-aa,v 1.5 2008/05/27 21:46:53 tonnerre Exp $ ---- src/main.c.orig 2006-12-11 12:19:55.000000000 +0000 -+++ src/main.c 2006-12-11 12:20:28.000000000 +0000 -@@ -1037,12 +1037,10 @@ +--- src/main.c.orig 2005-06-20 18:10:19.000000000 +0200 ++++ src/main.c +@@ -1037,12 +1037,10 @@ resize_window(XEvent* ev) XConfigureEvent *xconf = &(ev->xconfigure); while( XCheckTypedWindowEvent( Xdisplay, TermWin.parent, ConfigureNotify, ev ) ); @@ -15,3 +15,21 @@ $NetBSD: patch-aa,v 1.4 2006/12/11 12:23:24 sketch Exp $ TermWin.root_x = root_x ; TermWin.root_y = root_y ; TermWin.root_width = xconf->width ; +@@ -2047,9 +2045,14 @@ main(int argc, char *argv[]) + */ + get_options(argc, argv); + +- if( display_name == NULL ) +- if ((display_name = getenv("DISPLAY")) == NULL) +- display_name = ":0"; ++ if( display_name == NULL ) ++ display_name = getenv("DISPLAY"); ++ ++ if( display_name == NULL ) ++ { ++ print_error("DISPLAY variable not set and none given"); ++ exit(EXIT_FAILURE); ++ } + + #ifdef HAVE_AFTERSTEP + #ifdef MyArgs_IS_MACRO -- cgit v1.2.3