Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 1 | From f98a09cacff7baad8748c9aa217afd155a4d493f Mon Sep 17 00:00:00 2001 |
| 2 | From: "mmcc@openbsd.org" <mmcc@openbsd.org> |
| 3 | Date: Tue, 20 Oct 2015 03:36:35 +0000 |
| 4 | Subject: [PATCH] upstream commit |
| 5 | |
| 6 | Replace a function-local allocation with stack memory. |
| 7 | |
| 8 | ok djm@ |
| 9 | |
| 10 | Upstream-ID: c09fbbab637053a2ab9f33ca142b4e20a4c5a17e |
| 11 | Upstream-Status: Backport |
| 12 | CVE: CVE-2016-1907 |
| 13 | |
| 14 | [YOCTO #8935] |
| 15 | |
| 16 | Signed-off-by: Armin Kuster <akuster@mvista.com> |
| 17 | |
| 18 | --- |
| 19 | clientloop.c | 9 ++------- |
| 20 | 1 file changed, 2 insertions(+), 7 deletions(-) |
| 21 | |
| 22 | diff --git a/clientloop.c b/clientloop.c |
| 23 | index 87ceb3d..1e05cba 100644 |
| 24 | --- a/clientloop.c |
| 25 | +++ b/clientloop.c |
| 26 | @@ -1,4 +1,4 @@ |
| 27 | -/* $OpenBSD: clientloop.c,v 1.275 2015/07/10 06:21:53 markus Exp $ */ |
| 28 | +/* $OpenBSD: clientloop.c,v 1.276 2015/10/20 03:36:35 mmcc Exp $ */ |
| 29 | /* |
| 30 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 31 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 32 | @@ -311,11 +311,10 @@ client_x11_get_proto(const char *display, const char *xauth_path, |
| 33 | static char proto[512], data[512]; |
| 34 | FILE *f; |
| 35 | int got_data = 0, generated = 0, do_unlink = 0, i; |
| 36 | - char *xauthdir, *xauthfile; |
| 37 | + char xauthdir[PATH_MAX] = "", xauthfile[PATH_MAX] = ""; |
| 38 | struct stat st; |
| 39 | u_int now, x11_timeout_real; |
| 40 | |
| 41 | - xauthdir = xauthfile = NULL; |
| 42 | *_proto = proto; |
| 43 | *_data = data; |
| 44 | proto[0] = data[0] = '\0'; |
| 45 | @@ -343,8 +342,6 @@ client_x11_get_proto(const char *display, const char *xauth_path, |
| 46 | display = xdisplay; |
| 47 | } |
| 48 | if (trusted == 0) { |
| 49 | - xauthdir = xmalloc(PATH_MAX); |
| 50 | - xauthfile = xmalloc(PATH_MAX); |
| 51 | mktemp_proto(xauthdir, PATH_MAX); |
| 52 | /* |
| 53 | * The authentication cookie should briefly outlive |
| 54 | @@ -407,8 +404,6 @@ client_x11_get_proto(const char *display, const char *xauth_path, |
| 55 | unlink(xauthfile); |
| 56 | rmdir(xauthdir); |
| 57 | } |
| 58 | - free(xauthdir); |
| 59 | - free(xauthfile); |
| 60 | |
| 61 | /* |
| 62 | * If we didn't get authentication data, just make up some |
| 63 | -- |
| 64 | 1.9.1 |
| 65 | |