Skip to content
Snippets Groups Projects
Commit 6d67c042 authored by Fons Rademakers's avatar Fons Rademakers
Browse files

fix potential buffer overflow. 

git-svn-id: http://root.cern.ch/svn/root/trunk@14664 27541ba8-7e3a-0410-8455-c3a389f83636
parent 92ebe286
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 15 additions and 11 deletions
rootx/src/rootx.cxx
+ 15
11
View file @ 6d67c042
// @(#)root/rootx:$Name: $:$Id: rootx.cxx,v 1.19 2005/09/13 13:29:51 rdm Exp $ // @(#)root/rootx:$Name: $:$Id: rootx.cxx,v 1.20 2006/04/11 17:29:30 rdm Exp $
// Author: Fons Rademakers 19/02/98 // Author: Fons Rademakers 19/02/98
////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////
...@@ -161,19 +161,21 @@ static void SetDisplay() ...@@ -161,19 +161,21 @@ static void SetDisplay()
tty += 5; // remove "/dev/" tty += 5; // remove "/dev/"
STRUCT_UTMP *utmp_entry = SearchEntry(ReadUtmp(), tty); STRUCT_UTMP *utmp_entry = SearchEntry(ReadUtmp(), tty);
if (utmp_entry) { if (utmp_entry) {
static char display[64]; char *display = new char[sizeof(utmp_entry->ut_host) + 15];
if (utmp_entry->ut_host[0] && char *host = new char[sizeof(utmp_entry->ut_host) + 1];
!utmp_entry->ut_host[sizeof(utmp_entry->ut_host)-1]) { strncpy(host, utmp_entry->ut_host, sizeof(utmp_entry->ut_host));
if (strchr(utmp_entry->ut_host, ':')) { host[sizeof(utmp_entry->ut_host)] = 0;
sprintf(display, "DISPLAY=%s", utmp_entry->ut_host); if (host[0]) {
if (strchr(host, ':')) {
sprintf(display, "DISPLAY=%s", host);
fprintf(stderr, "*** DISPLAY not set, setting it to %s\n", fprintf(stderr, "*** DISPLAY not set, setting it to %s\n",
utmp_entry->ut_host); host);
} else { } else {
sprintf(display, "DISPLAY=%s:0.0", utmp_entry->ut_host); sprintf(display, "DISPLAY=%s:0.0", host);
fprintf(stderr, "*** DISPLAY not set, setting it to %s:0.0\n", fprintf(stderr, "*** DISPLAY not set, setting it to %s:0.0\n",
utmp_entry->ut_host); host);
} }
putenv((char *)display); putenv(display);
#ifndef UTMP_NO_ADDR #ifndef UTMP_NO_ADDR
} else if (utmp_entry->ut_addr) { } else if (utmp_entry->ut_addr) {
struct hostent *he; struct hostent *he;
...@@ -182,10 +184,12 @@ static void SetDisplay() ...@@ -182,10 +184,12 @@ static void SetDisplay()
sprintf(display, "DISPLAY=%s:0.0", he->h_name); sprintf(display, "DISPLAY=%s:0.0", he->h_name);
fprintf(stderr, "*** DISPLAY not set, setting it to %s:0.0\n", fprintf(stderr, "*** DISPLAY not set, setting it to %s:0.0\n",
he->h_name); he->h_name);
putenv((char *)display); putenv(display);
} }
#endif #endif
} }
delete [] host;
// display cannot be deleted otherwise the env var is deleted too
} }
free(gUtmpContents); free(gUtmpContents);
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment