[packages/xv.git] / xv-longname.patch

From: Michael Rausch <M.Rausch@Ernie.MI.Uni-Koeln.DE>
Subject: bug in xv visual schnauzer

while using xv's visual schnauzer, I ran across some problems with rather
long file names. Namely these were (spurious) segmentation faults when
generation icons or selecting icons with the rubber-band.
The problem turned out to be a strncpy() without appending a terminating
null byte in case the limiting length was reached. Appended to this mail
you'll find a set of context diffs where this specific and other possible
occurances of the same bug are fixed.
I think it will be not too hard to integrate the patches into your actual
working version if patch should fail on them. Speaking of which, when do
you think we can expect a new (bigger, better, etc.) version of xv?

Ciao
	Michael

---*snip*---*snip*---*snip*--

diff -ru /tmp/xv-3.10a.orig/xvbrowse.c xv-3.10a/xvbrowse.c
--- /tmp/xv-3.10a.orig/xvbrowse.c	Thu Jan 19 18:49:17 1995
+++ xv-3.10a/xvbrowse.c	Mon Feb  5 23:46:28 1996
@@ -956,6 +956,7 @@
      char *str;
 {
   strncpy(br->dispstr, str, (size_t) 256);
+  br->dispstr[255] = '\0';
   drawBrowStr(br);
   XFlush(theDisp);
 }
@@ -1490,6 +1491,7 @@
   if (StringWidth(str) > ISPACE_WIDE-6) {
     int dotpos; 
     strncpy(tmpstr, str, (size_t) 56);
+    tmpstr[56] = '\0'; /* MR: otherwise it dies on long file names */
     dotpos = strlen(tmpstr);
     strcat(tmpstr,"...");
 
@@ -1505,7 +1507,7 @@
     nstr = tmpstr;
   }
   else nstr = str;
-  
+ 
 
   /* draw the title */
   sw = StringWidth(nstr);
diff -ru /tmp/xv-3.10a.orig/xvdir.c xv-3.10a/xvdir.c
--- /tmp/xv-3.10a.orig/xvdir.c	Tue Jan  3 22:21:39 1995
+++ xv-3.10a/xvdir.c	Mon Feb  5 21:49:21 1996
@@ -1200,6 +1200,7 @@
      char *st;
 {
   strncpy(deffname, st, (size_t) MAXFNLEN-1);
+  deffname[MAXFNLEN-1] = '\0';
   setFName(st);
 }
 
diff -ru /tmp/xv-3.10a.orig/xvpopup.c xv-3.10a/xvpopup.c
--- /tmp/xv-3.10a.orig/xvpopup.c	Thu Jan 19 19:09:31 1995
+++ xv-3.10a/xvpopup.c	Mon Feb  5 21:50:13 1996
@@ -560,6 +560,7 @@
 	nams[*lenp] = (char *) malloc((size_t) 32);
 	if (!nams[*lenp]) { free(vals[*lenp]); continue; }
 	strncpy(nams[*lenp], vals[*lenp], (size_t) 31);
+	nams[*lenp][31] = '\0';
       }
       
       if (strlen(nams[*lenp]) > (size_t) 20) {   /* fix long names */
diff -ru /tmp/xv-3.10a.orig/xvtext.c xv-3.10a/xvtext.c
--- /tmp/xv-3.10a.orig/xvtext.c	Sat Jan 14 00:46:28 1995
+++ xv-3.10a/xvtext.c	Mon Feb  5 21:50:54 1996
@@ -293,6 +293,7 @@
   tv->textlen     = len;
   tv->freeonclose = freeonclose;
   strncpy(tv->title, title, (size_t) TITLELEN-1);
+  tv->title[TITLELEN-1] = '\0';
 
   computeText(tv);      /* compute # lines and linestarts array */

---*snap*---*snap*---*snap*--
Commit	Line	Data
c1f0ee65 JR	1	From: Michael Rausch <M.Rausch@Ernie.MI.Uni-Koeln.DE>
	2	Subject: bug in xv visual schnauzer
	3
	4	while using xv's visual schnauzer, I ran across some problems with rather
	5	long file names. Namely these were (spurious) segmentation faults when
	6	generation icons or selecting icons with the rubber-band.
	7	The problem turned out to be a strncpy() without appending a terminating
	8	null byte in case the limiting length was reached. Appended to this mail
	9	you'll find a set of context diffs where this specific and other possible
	10	occurances of the same bug are fixed.
	11	I think it will be not too hard to integrate the patches into your actual
	12	working version if patch should fail on them. Speaking of which, when do
	13	you think we can expect a new (bigger, better, etc.) version of xv?
	14
	15	Ciao
	16	Michael
	17
	18	---snip---snip---snip--
	19
	20	diff -ru /tmp/xv-3.10a.orig/xvbrowse.c xv-3.10a/xvbrowse.c
	21	--- /tmp/xv-3.10a.orig/xvbrowse.c Thu Jan 19 18:49:17 1995
	22	+++ xv-3.10a/xvbrowse.c Mon Feb 5 23:46:28 1996
	23	@@ -956,6 +956,7 @@
	24	char *str;
	25	{
	26	strncpy(br->dispstr, str, (size_t) 256);
	27	+ br->dispstr[255] = '\0';
	28	drawBrowStr(br);
	29	XFlush(theDisp);
	30	}
	31	@@ -1490,6 +1491,7 @@
	32	if (StringWidth(str) > ISPACE_WIDE-6) {
	33	int dotpos;
	34	strncpy(tmpstr, str, (size_t) 56);
	35	+ tmpstr[56] = '\0'; /* MR: otherwise it dies on long file names */
	36	dotpos = strlen(tmpstr);
	37	strcat(tmpstr,"...");
	38
	39	@@ -1505,7 +1507,7 @@
	40	nstr = tmpstr;
	41	}
	42	else nstr = str;
	43	-
	44	+
	45
	46	/* draw the title */
	47	sw = StringWidth(nstr);
	48	diff -ru /tmp/xv-3.10a.orig/xvdir.c xv-3.10a/xvdir.c
	49	--- /tmp/xv-3.10a.orig/xvdir.c Tue Jan 3 22:21:39 1995
	50	+++ xv-3.10a/xvdir.c Mon Feb 5 21:49:21 1996
	51	@@ -1200,6 +1200,7 @@
	52	char *st;
	53	{
	54	strncpy(deffname, st, (size_t) MAXFNLEN-1);
	55	+ deffname[MAXFNLEN-1] = '\0';
	56	setFName(st);
	57	}
	58
	59	diff -ru /tmp/xv-3.10a.orig/xvpopup.c xv-3.10a/xvpopup.c
	60	--- /tmp/xv-3.10a.orig/xvpopup.c Thu Jan 19 19:09:31 1995
	61	+++ xv-3.10a/xvpopup.c Mon Feb 5 21:50:13 1996
	62	@@ -560,6 +560,7 @@
	63	nams[lenp] = (char ) malloc((size_t) 32);
	64	if (!nams[lenp]) { free(vals[lenp]); continue; }
65	strncpy(nams[lenp], vals[lenp], (size_t) 31);
66	+ nams[*lenp][31] = '\0';
67	}
68
69	if (strlen(nams[lenp]) > (size_t) 20) { / fix long names */
70	diff -ru /tmp/xv-3.10a.orig/xvtext.c xv-3.10a/xvtext.c
71	--- /tmp/xv-3.10a.orig/xvtext.c Sat Jan 14 00:46:28 1995
72	+++ xv-3.10a/xvtext.c Mon Feb 5 21:50:54 1996
73	@@ -293,6 +293,7 @@
74	tv->textlen = len;
75	tv->freeonclose = freeonclose;
76	strncpy(tv->title, title, (size_t) TITLELEN-1);
77	+ tv->title[TITLELEN-1] = '\0';
78
79	computeText(tv); /* compute # lines and linestarts array */
80
81	---snap---snap---snap--