From c2811c953620cf946269db2b74b29e0dc707e26a Mon Sep 17 00:00:00 2001 From: Alex Gendin Date: Sat, 26 Sep 2020 23:26:07 -0400 Subject: Fix segfault when X starts This patch potentially fixes bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884934 System log entries when this bug occurs: kernel: xauth[16729]: segfault at 1 ip 00007f51f517f5a5 sp 00007ffdec846568 error 4 in libc-2.31.so[7f51f5102000+144000] kernel: Code: bc d1 f3 0f 7f 27 f3 0f 7f 6f 10 f3 0f 7f 77 20 f3 0f 7f 7f 30 49 83 c0 0f 49 29 d0 48 8d 7c 17 31 e9 8f 0b 00 00 66 0f ef c0 0f 6f 0e f3 0f 6f 56 10 66 0f 74 c1 66 0f d7 d0 49 83 f8 11 0f This bug happens when function get_address_info() in gethost.c is called with a display name without forward slash, for example 'myhost.mydomain:0' --- gethost.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'gethost.c') diff --git a/gethost.c b/gethost.c index c353a9a..b304bb9 100644 --- a/gethost.c +++ b/gethost.c @@ -199,7 +199,7 @@ struct addrlist *get_address_info ( #ifdef HAVE_STRLCPY strlcpy(path, fulldpyname, sizeof(path)); #else - strncpy(path, fulldpyname, sizeof(path)); + strncpy(path, fulldpyname, sizeof(path) - 1); path[sizeof(path) - 1] = '\0'; #endif if (0 == stat(path, &sbuf) && S_ISSOCK(sbuf.st_mode) ) { @@ -218,10 +218,11 @@ struct addrlist *get_address_info ( if (is_path_to_socket) { /* Use the bundle id (part preceding : in the basename) as our src id */ char *c; + c = strrchr(fulldpyname, '/'); #ifdef HAVE_STRLCPY - strlcpy(buf, strrchr(fulldpyname, '/') + 1, sizeof(buf)); + strlcpy(buf, (NULL != c) ? c + 1 : fulldpyname, sizeof(buf)); #else - strncpy(buf, strrchr(fulldpyname, '/') + 1, sizeof(buf)); + strncpy(buf, (NULL != c) ? c + 1 : fulldpyname, sizeof(buf) - 1); buf[sizeof(buf) - 1] = '\0'; #endif -- cgit v1.2.1