Fix for CVE-2011-0768, an off-by-one error in handling large pixmap
filenames which resulted in an overflow of a single NUL character if
the filename exceeded PATH_MAX bytes. This bug is NOT exploitable.
Again, thanks to Jonathan Brossard and the team at Toucan System for
responsibly disclosing this vulnerability and to CERT for assisting
with coordination and disclosure.
----------------------------------------------------------------------
SVN revision: 59414
Fix for CVE-2011-0409 (CERT VU#285156), a use-after-free error in the
XIM code. This only affects versions where XIM support is compiled in
(which it is by default). There are no known exploits for this bug,
but it is theoretically exploitable. Thanks to Jonathan Brossard and
the team at Toucan System for responsibly disclosing this
vulnerability and to CERT for assisting with coordination and
disclosure.
----------------------------------------------------------------------
SVN revision: 59413
Revert previous patch generated by badnull.cocci script, and apply the new one.
The main difference is that assert and assert-like functions are not touched
anymore.
SVN revision: 51650
Using !! instead of != NULL results in significantly and unacceptably
less readable code, and I refuse to accept those changes.
Unfortunately, since they were all done at once, I have to revert the
whole thing. Oh well. :(
SVN revision: 51583
Apply badzero.cocci, badnull.coci and badnull2.cocci
This should convert all cases where there's a comparison to NULL to simpler
forms. This patch applies the following transformations:
code before patch ||code after patch
===============================================================
return a == NULL; return !a;
return a != NULL; return !!a;
func(a == NULL); func(!a);
func(a != NULL); func(!!a);
b = a == NULL; b = !a;
b = a != NULL; b = !!a;
b = a == NULL ? c : d; b = !a ? c : d;
b = a != NULL ? c : d; b = a ? c : d;
other cases:
a == NULL !a
a != NULL a
SVN revision: 51487
This causes the following change:
In script.c and term.c XA_CLIPBOARD(Xdisplay) used to expand to
XA_PRIMARY, i.e. the identifier of the "PRIMARY" atom, now it will
be the identifier of the "CLIPBOARD" atom.
SVN revision: 50969
Modified patch from Paolo Ferrario <skooks@tiscali.it> based on input
from Kim Woelders <kim@woelders.dk> to allow Eterm to respond to
selection requests in UTF-8, compound text, or string only.
Previously, exotic selection request types would receive a string
back, but it would claim to be whatever type was requested. Now it
claims to be a string, which is probably more correct. This should
also eliminate server round-trips when clients ask for UTF-8, get a
string, then ask for a string (Opera).
----------------------------------------------------------------------
SVN revision: 50916
Fix off-by-one error that was causing crashes with visual bell. Found
by d_willsc@cojobo.bonn.de.
----------------------------------------------------------------------
SVN revision: 43285
Revert bad change to borderless code. We're now doing best effort
borderless with no override_redirect (which may come back some day as
a separate option if there's a need) based on advice from raster and
kwo.
----------------------------------------------------------------------
SVN revision: 43284
Support font effects in 8 directions. Patch supplied by Joern
Bernhardt <Joern.Bernhardt@gmx.net>.
----------------------------------------------------------------------
SVN revision: 43283
Fix for scrolling limitations from Cliff Miller <cbm@whatexit.org>.
----------------------------------------------------------------------
SVN revision: 43282
Patch for FreeBSD UNIX98 pty support from Ed Schouten <ed@80386.nl>.
----------------------------------------------------------------------
SVN revision: 43281
Re-enable SIGPIPE after fork() for child processes who might not
re-enable it on their own.
----------------------------------------------------------------------
SVN revision: 43280
Remove fontset fallbacks. I think this might help speed up the load
time slowness some people are seeing. Let's find out.
----------------------------------------------------------------------
SVN revision: 38477
Fix compile errors related to the removal of unnecessary typecasting
macros.
----------------------------------------------------------------------
SVN revision: 38171
(Correct) fix for CVE-2008-1692. Eterm no longer defaults to using
":0" for $DISPLAY due to the possibility that an attacker can create a
fake X server on a shared system, intercept the Eterm X connection,
and send fake keystrokes to the victim's Eterm to execute arbitrary
commands as that user.
The previous fix, while it did indeed correct the vulnerability, broke
the --display option. The original fix from Bernhard Link was more
correct, albeit not quite on target.
----------------------------------------------------------------------
SVN revision: 34574
Patch from Emmanuel Anne <emmanuel.anne@gmail.com> to fix cut/paste
with KDE applications.
----------------------------------------------------------------------
SVN revision: 34573
Modified patch from hsim@gmx.li to allow setting of the "Urgent" hint
on beep.
----------------------------------------------------------------------
SVN revision: 34572
Patch from Kim Woelders <kim@woelders.dk>:
There is a race problem with Eterm during startup related to the
shell LINES/COLUMNS env vars.
If the WM changes the window size (e.g. due to saved settings)
before mapping the window, sometimes the shell will set LINES and
COLUMNS according to the old/incorrect size and sometimes to the
new/correct size, depending on wheter the call to tt_winsize() at
command.c line 2322 (by the shell child process) or the
tt_resize() (by the Eterm process) due to the ConfigureNotify
caused by the resize (or WM ICCCM ConfigureNotify) operation
happens first.
The call in question was added by Azundris for Escreen. So far
Escreen seems to be behaving properly with this patch applied, but all
my Eterm windows (Escreen and otherwise) are pre-sized with -g anyway.
So I'm going to keep my eye on it for awhile. In case of trouble,
change the "#if 0" to "#ifdef ESCREEN" to revert to previous behavior
when in Escreen mode. Normal operation should not require the call in
question.
----------------------------------------------------------------------
SVN revision: 34568
Patch from Jason McCarver <slam@parasite.cc> to support -S/--sticky
option for "sticky" (i.e., present on all desktops) startup.
----------------------------------------------------------------------
SVN revision: 26874
Fixed a typo and some logic errors in libscream located by Mike
Frysinger <vapier@gentoo.org>.
----------------------------------------------------------------------
SVN revision: 26691
Stéphane Aulery
Michael Jennings
Boris Faure
Cedric BAIL
Mike Frysinger
Michael Jennings
Lucas De Marchi
Kim Woelders
Hannes Janetzek
Daniel Kolesa
Peter Wehrfritz
Carsten Haitzler