[12115] in bugtraq
Re: Kvt bug
daemon@ATHENA.MIT.EDU (Dominik Vogt)
Tue Oct 5 13:38:55 1999
Mail-Followup-To: D.Yu.Bolkhovityanov@INP.NSK.SU, BUGTRAQ@SECURITYFOCUS.COM,
fvwm-workers@fvwm.org
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=cWoXeonUoKmBZSoM
Message-Id: <19991004114213.C4399@hp.com>
Date: Mon, 4 Oct 1999 11:42:13 +0200
Reply-To: Dominik Vogt <dominik_vogt@HP.COM>
From: Dominik Vogt <dominik_vogt@HP.COM>
X-To: D.Yu.Bolkhovityanov@INP.NSK.SU, BUGTRAQ@SECURITYFOCUS.COM,
fvwm-workers@fvwm.org
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <ufag0zu7ehm.fsf@epithumia.math.uh.edu>; from tibbs@math.uh.edu
on Fri, Oct 01, 1999 at 08:12:05PM -0500
--cWoXeonUoKmBZSoM
Content-Type: text/plain; charset=us-ascii
> On 30 Sep 99 at 11:56, pioppo@FERRARA.LINUX.IT wrote:
>
> > Wed, 29 Sep 1999, in a message titled "Kvt bug", Sebastian Wain wrote:
> >
> > >In the xterm there is a feature to change the title of the window
> > >You can change the title of the window sending one of the escape codes of the
> > >xterm.
> > >(linux: man console_codes)
> >
> > >By Example:
> >
> > >ESC]2;This is my Xterm^G
> >
> > >This escape code changes the xterm's title to "This is my Xterm"
> >
> > >Obviously You can do the same using the kvt (Kde Virtual Terminal).
> > >But the kvt has a buffer overflow. If the size of the new title of the
> > >window is big enough then the kvt will do a core dump.
> >
> > xterm too (version 3.3.2.3) coredumps...
> > I tried this with echo -e "\033]2;(60e+06 times 'a')\007"
>
> Tried the same with xterm 3.3.3 on i586, 64M RAM, 128M swap, continuously
> increasing the number of 'a's (perl -e 'print "a" x 60000', 600000,
> 600000...). But instead of xterm crash got Fvwm2 hangup after 6e6 "a"s.
> I.e. everything else works -- I ould even press the "play" button in x11amp
> with mouse, except Fvwm2.
>
> "strace -p <fvwm2pid>" shows that Fvwm2 waits infinitely on select().
>
> The only choice was to kill the window manager.
>
> All progs are from stock RedHat 6.0/i386 -- "Fvwm Version 2.2 compiled on
> Apr 9 1999 at 16:15:38".
Sorry, I must apologize for the screwed up patch I sent on the weekend.
I made a cut-and-past error when moving the patch from our development
sources to the stable version. The correct (and tested) patch to
fvwm-2.2.2 is attached.
Bye
Dominik ^_^
--
Dominik Vogt, Hewlett-Packard GmbH, Dept. BVS
Herrenberger Str.130, 71034 Boeblingen, Germany
phone: 07031/14-4596, fax: 07031/14-3883, dominik_vogt@hp.com
--cWoXeonUoKmBZSoM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="fvwm-2.2.2-long_xterm_name_hang.patch"
*** events.c.orig Mon Oct 4 11:36:49 1999
--- events.c Sun Oct 3 01:28:41 1999
***************
*** 476,481 ****
--- 476,485 ----
free_window_names (Tmp_win, True, False);
Tmp_win->name = (char *)text_prop.value;
+ if (Tmp_win->name && strlen(Tmp_win->name) > 200)
+ /* limit to prevent hanging X server */
+ Tmp_win->name[200] = 0;
+
if (Tmp_win->name == NULL)
Tmp_win->name = NoName;
BroadcastName(M_WINDOW_NAME,Tmp_win->w,Tmp_win->frame,
***************
*** 503,508 ****
--- 507,515 ----
return;
free_window_names (Tmp_win, False, True);
Tmp_win->icon_name = (char *) text_prop.value;
+ if (Tmp_win->icon_name && strlen(Tmp_win->icon_name) > 200)
+ /* limit to prevent hanging X server */
+ Tmp_win->icon_name[200] = 0;
if (Tmp_win->icon_name == NULL)
Tmp_win->icon_name = NoName;
BroadcastName(M_ICON_NAME,Tmp_win->w,Tmp_win->frame,
--cWoXeonUoKmBZSoM--
