Fixed a possible buffer overflow, bug 201293

(Portage version: 2.1.3.19)

4 files changed, 237 insertions, 1 deletions

diff --git a/xfce-base/xfce4-panel/ChangeLog b/xfce-base/xfce4-panel/ChangeLog
index 1300327c9bcd..ac9b00bb1b23 100644
--- a/xfce-base/xfce4-panel/ChangeLog
+++ b/xfce-base/xfce4-panel/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for xfce-base/xfce4-panel
 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/xfce-base/xfce4-panel/ChangeLog,v 1.112 2007/11/20 06:18:47 kumba Exp $
+# $Header: /var/cvsroot/gentoo-x86/xfce-base/xfce4-panel/ChangeLog,v 1.113 2007/12/05 10:28:39 angelos Exp $
+
+*xfce4-panel-4.4.1-r2 (04 Dec 2007)
+
+  04 Dec 2007; Christoph Mende <angelos@gentoo.org>
+  +files/xfce4-panel-4.4.1-overflow.patch, +xfce4-panel-4.4.1-r2.ebuild:
+  Fixed a possible buffer overflow, bug 201293
 
   20 Nov 2007; Joshua Kinard <kumba@gentoo.org> xfce4-panel-4.4.1-r1.ebuild:
   Stable on mips, per #198845.
diff --git a/xfce-base/xfce4-panel/files/digest-xfce4-panel-4.4.1-r2 b/xfce-base/xfce4-panel/files/digest-xfce4-panel-4.4.1-r2
new file mode 100644
index 000000000000..f6b6af03f6d1
--- /dev/null
+++ b/xfce-base/xfce4-panel/files/digest-xfce4-panel-4.4.1-r2
@@ -0,0 +1,3 @@
+MD5 56b3137c190dd722dd5109be03901feb xfce4-panel-4.4.1.tar.bz2 767669
+RMD160 53d804b18b363e3571d065435163a6f74df6b3ed xfce4-panel-4.4.1.tar.bz2 767669
+SHA256 a84cfc376b1c15f941177d5189668694db365591a4132cbd4d1ac5c7da3f43fa xfce4-panel-4.4.1.tar.bz2 767669
diff --git a/xfce-base/xfce4-panel/files/xfce4-panel-4.4.1-overflow.patch b/xfce-base/xfce4-panel/files/xfce4-panel-4.4.1-overflow.patch
new file mode 100644
index 000000000000..6ffa2561cdae
--- /dev/null
+++ b/xfce-base/xfce4-panel/files/xfce4-panel-4.4.1-overflow.patch
@@ -0,0 +1,189 @@
+Index: libxfce4panel/xfce-panel-plugin-iface.c
+===================================================================
+--- libxfce4panel/xfce-panel-plugin-iface.c	(revision 25772)
++++ libxfce4panel/xfce-panel-plugin-iface.c	(working copy)
+@@ -1127,7 +1127,7 @@
+     name = xfce_panel_plugin_get_name (plugin);
+     id = xfce_panel_plugin_get_id (plugin);
+ 
+-    g_snprintf (path, 255,
++    g_snprintf (path, sizeof(path),
+                 "xfce4" G_DIR_SEPARATOR_S
+                 "panel" G_DIR_SEPARATOR_S
+                 "%s-%s.rc",
+@@ -1161,7 +1161,7 @@
+     name = xfce_panel_plugin_get_name (plugin);
+     id = xfce_panel_plugin_get_id (plugin);
+ 
+-    g_snprintf (path, 255,
++    g_snprintf (path, sizeof(path),
+                 "xfce4" G_DIR_SEPARATOR_S
+                 "panel" G_DIR_SEPARATOR_S
+                 "%s-%s.rc",
+Index: plugins/launcher/launcher-dialog.c
+===================================================================
+--- plugins/launcher/launcher-dialog.c	(revision 25772)
++++ plugins/launcher/launcher-dialog.c	(working copy)
+@@ -1183,7 +1183,7 @@
+         {
+             char last[3];
+ 
+-            g_snprintf (last, 3, "%d", ld->launcher->entries->len - 2);
++            g_snprintf (last, sizeof(last), "%d", ld->launcher->entries->len - 2);
+             path = gtk_tree_path_new_from_string (last);
+         }
+         
+Index: plugins/launcher/launcher.c
+===================================================================
+--- plugins/launcher/launcher.c	(revision 25772)
++++ plugins/launcher/launcher.c	(working copy)
+@@ -370,7 +370,7 @@
+     {
+         char first[256];
+ 
+-        g_snprintf (first, 256, _("Could not run \"%s\""), entry->name);
++        g_snprintf (first, sizeof(first), _("Could not run \"%s\""), entry->name);
+     
+         xfce_message_dialog (NULL, _("Xfce Panel"), 
+                              GTK_STOCK_DIALOG_ERROR, first, error->message,
+@@ -395,7 +395,7 @@
+     {
+         char first[256];
+         
+-        g_snprintf (first, 256, _("Error in command \"%s\""), 
++        g_snprintf (first, sizeof(first), _("Error in command \"%s\""), 
+                     entry->real_exec);
+     
+         xfce_message_dialog (NULL, _("Xfce Panel"), 
+@@ -432,7 +432,7 @@
+     {
+         char first[256];
+         
+-        g_snprintf (first, 256, _("Could not run \"%s\""), entry->name);
++        g_snprintf (first, sizeof(first), _("Could not run \"%s\""), entry->name);
+     
+         xfce_message_dialog (NULL, _("Xfce Panel"), 
+                              GTK_STOCK_DIALOG_ERROR, first, error->message,
+@@ -739,11 +739,11 @@
+     if (entry->name || entry->comment)
+     {
+         if (entry->name && entry->comment)
+-            g_snprintf (tip, 521, "%s\n%s", entry->name, entry->comment);
++            g_snprintf (tip, sizeof(tip), "%s\n%s", entry->name, entry->comment);
+         else if (entry->name)
+-            g_strlcpy (tip, entry->name, 521);
++            g_strlcpy (tip, entry->name, sizeof(tip));
+         else
+-            g_strlcpy (tip, entry->comment, 521);
++            g_strlcpy (tip, entry->comment, sizeof(tip));
+ 
+         gtk_tooltips_set_tip (launcher->tips, launcher->iconbutton, tip, NULL);
+     }
+@@ -1029,7 +1029,7 @@
+         LauncherEntry *entry;
+         char group[10];
+         
+-        g_snprintf (group, 10, "Entry %d", i);
++        g_snprintf (group, sizeof(group), "Entry %d", i);
+         
+         if (!xfce_rc_has_group (rc, group))
+             break;
+@@ -1098,7 +1098,7 @@
+     {
+         LauncherEntry *entry = g_ptr_array_index (launcher->entries, i);
+ 
+-        g_snprintf (group, 10, "Entry %d", i);
++        g_snprintf (group, sizeof(group), "Entry %d", i);
+ 
+         xfce_rc_set_group (rc, group);
+ 
+Index: plugins/clock/clock.c
+===================================================================
+--- plugins/clock/clock.c	(revision 25772)
++++ plugins/clock/clock.c	(working copy)
+@@ -173,7 +173,7 @@
+ 	 * %B  : full month name
+ 	 * %Y  : four digit year
+ 	 */
+-        strftime(date_s, 255, _("%A %d %B %Y"), tm);
++        strftime(date_s, sizeof(date_s), _("%A %d %B %Y"), tm);
+ 
+         /* Conversion to utf8
+          * Patch by Oliver M. Bolzer <oliver@fakeroot.net>
+Index: panel/panel.c
+===================================================================
+--- panel/panel.c	(revision 25772)
++++ panel/panel.c	(working copy)
+@@ -988,7 +988,7 @@
+     static char id[30];
+     
+     /* unique number: pseudo-random time() + counter */
+-    g_snprintf (id, 30, "%ld%d", (glong) time (NULL), counter++);
++    g_snprintf (id, sizeof(id), "%ld%d", (glong) time (NULL), counter++);
+     
+     return id;
+ }
+Index: panel/panel-dialogs.c
+===================================================================
+--- panel/panel-dialogs.c	(revision 25772)
++++ panel/panel-dialogs.c	(working copy)
+@@ -259,12 +259,12 @@
+         
+         if (info->comment)
+         {
+-            g_snprintf (text, 512, "<b>%s</b>\n%s", info->display_name, 
++            g_snprintf (text, sizeof(text), "<b>%s</b>\n%s", info->display_name, 
+                                     info->comment);
+         }
+         else
+         {
+-            g_snprintf (text, 512, "<b>%s</b>", info->display_name);
++            g_snprintf (text, sizeof(text), "<b>%s</b>", info->display_name);
+         }
+ 
+         g_object_set (cell, "markup", text, 
+@@ -1276,7 +1276,7 @@
+                 gtk_widget_set_size_request (scroll, req.width, -1);
+             }
+ 
+-            g_snprintf (markup, 10, "<b>%d</b>", i + 1);
++            g_snprintf (markup, sizeof(markup), "<b>%d</b>", i + 1);
+             
+             ebox = gtk_event_box_new ();
+             style = gtk_widget_get_style (ebox);
+@@ -1382,7 +1382,7 @@
+     if (G_UNLIKELY (!composite_atom))
+     {
+         char text[16];
+-        g_snprintf (text, 16, "_NET_WM_CM_S%d", 
++        g_snprintf (text, sizeof(text), "_NET_WM_CM_S%d", 
+                     GDK_SCREEN_XNUMBER(gdk_screen_get_default()));
+         composite_atom = 
+             XInternAtom (GDK_DISPLAY (), text, False);
+@@ -1453,7 +1453,7 @@
+ 
+     panel_block_autohide (PANEL (g_ptr_array_index (pmd->panels, n)));
+ 
+-    g_snprintf (name, 20, _("Panel %d"), pmd->panels->len);
++    g_snprintf (name, sizeof(name), _("Panel %d"), pmd->panels->len);
+ 
+     gtk_combo_box_append_text (GTK_COMBO_BOX (pmd->panel_selector), name);
+ 
+@@ -1489,7 +1489,7 @@
+     {
+         char name[20];
+ 
+-        g_snprintf (name, 20, _("Panel %d"), i + 1);
++        g_snprintf (name, sizeof(name), _("Panel %d"), i + 1);
+ 
+         gtk_combo_box_append_text (GTK_COMBO_BOX (pmd->panel_selector), name);
+     }
+@@ -1514,7 +1514,7 @@
+     {
+         char name[20];
+ 
+-        g_snprintf (name, 20, _("Panel %d"), i + 1);
++        g_snprintf (name, sizeof(name), _("Panel %d"), i + 1);
+ 
+         gtk_combo_box_append_text (GTK_COMBO_BOX (pmd->panel_selector), name);
+     }
diff --git a/xfce-base/xfce4-panel/xfce4-panel-4.4.1-r2.ebuild b/xfce-base/xfce4-panel/xfce4-panel-4.4.1-r2.ebuild
new file mode 100644
index 000000000000..77ccd1f4dd8a
--- /dev/null
+++ b/xfce-base/xfce4-panel/xfce4-panel-4.4.1-r2.ebuild
@@ -0,0 +1,38 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/xfce-base/xfce4-panel/xfce4-panel-4.4.1-r2.ebuild,v 1.1 2007/12/05 10:28:39 angelos Exp $
+
+inherit eutils xfce44
+
+XFCE_VERSION=4.4.1
+xfce44
+
+DESCRIPTION="Panel"
+HOMEPAGE="http://www.xfce.org/projects/xfce4-panel/"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+
+IUSE="debug doc startup-notification"
+
+RDEPEND="x11-libs/libX11
+	x11-libs/libSM
+	gnome-base/librsvg
+	>=x11-libs/gtk+-2.6
+	>=xfce-base/libxfce4util-${XFCE_MASTER_VERSION}
+	>=xfce-base/libxfcegui4-${XFCE_MASTER_VERSION}
+	>=xfce-base/xfce-mcs-manager-${XFCE_MASTER_VERSION}
+	startup-notification? ( x11-libs/startup-notification )"
+DEPEND="${RDEPEND}
+	dev-util/pkgconfig
+	doc? ( dev-util/gtk-doc )
+	!<xfce-base/xfce-utils-4.4"
+
+DOCS="AUTHORS ChangeLog HACKING NEWS README README.Plugins"
+
+xfce44_core_package
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${P}-gtk212.patch
+	epatch "${FILESDIR}"/${P}-overflow.patch
+}