mikep@sco.COM (Mike Patnode) (03/21/91)
FYI: has been sent to xbugs as well.
X Window System Bug Report
xbugs@expo.lcs.mit.edu
VERSION:
R4
CLIENT MACHINE and OPERATING SYSTEM:
Mitac 386 running SCO UNIX 3.2v3
DISPLAY TYPE:
Trident 8900 Super VGA
WINDOW MANAGER:
mwm
AREA:
Xlib
SYNOPSIS:
XGetHints:XGetCommand() can access a negative index.
DESCRIPTION:
It's possible that XGetTextProperty() could return a string of 0
length. XGetCommand() was assuming that the length of the string
(nitems) would be >= 1. this can then cause XTextPropertyToStringList()
to attempt a very large bcopy().
REPEAT BY:
Ran xlsclients against an R3 server. Most likey there was just one
client which had a NULL string as it's command name.
SAMPLE FIX:
*** XGetHints.c- Wed Mar 20 14:10:26 1991
--- XGetHints.c Wed Mar 20 14:12:55 1991
***************
*** 225,231 ****
/*
* ignore final <NUL> if present since UNIX WM_COMMAND is nul-terminated
*/
! if (tp.value[tp.nitems - 1] == '\0') tp.nitems--;
/*
--- 225,231 ----
/*
* ignore final <NUL> if present since UNIX WM_COMMAND is nul-terminated
*/
! if (tp.nitems > 0 && tp.value[tp.nitems - 1] == '\0') tp.nitems--;
/*
--
Mike Patnode The Santa Cruz Operation
Software Engineer 400 Encinal Street
{ucscc,uunet}!sco!mikep mikep@sco.COM P.O. Box 1900
(408) 458-1422 FAX: (408) 458-4227 Santa Cruz, CA 95061