blob: ba68c5f4ea5923035646c936b0ecf81a31180085 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
$NetBSD: patch-ac,v 1.6 2008/04/03 22:42:33 tonnerre Exp $
Fix X11 privilege escalation vulnerability (CVE-2008-1142).
--- src/startup.c.orig 2008-03-31 19:27:46.000000000 +0200
+++ src/startup.c
@@ -95,11 +95,7 @@ eterm_bootstrap(int argc, char *argv[])
init_libast();
/* Open display, get options/resources and create the window */
- if (getenv("DISPLAY") == NULL) {
- display_name = STRDUP(":0");
- } else {
- display_name = STRDUP(getenv("DISPLAY"));
- }
+ display_name = NULL;
/* This MUST be called before any other Xlib functions */
#ifdef SPIFOPT_SETTING_PREPARSE
@@ -116,7 +112,9 @@ eterm_bootstrap(int argc, char *argv[])
privileges(REVERT);
#endif
if (!Xdisplay && !(Xdisplay = XOpenDisplay(display_name))) {
- libast_print_error("can't open display %s\n", display_name);
+ libast_print_error("can't open display %s\n", display_name?display_name:
+ getenv("DISPLAY")?getenv("DISPLAY"):
+ "as no -display given and DISPLAY not set");
exit(EXIT_FAILURE);
}
XSetErrorHandler((XErrorHandler) xerror_handler);
|