[4613] in bugtraq
Re: libX11 overflow continued....
daemon@ATHENA.MIT.EDU (Lamont Granquist)
Fri May 30 11:53:09 1997
Date: Fri, 30 May 1997 05:38:50 -0700
Reply-To: Lamont Granquist <lamontg@HITL.WASHINGTON.EDU>
From: Lamont Granquist <lamontg@HITL.WASHINGTON.EDU>
X-To: David Hedley <hedley@CS.BRIS.AC.UK>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <6005.864948072@maxx>
On Fri, 30 May 1997, David Hedley wrote:
> Set the environment variable XAPPLRESDIR to be your home directory (you
> will only have to do this if it is already pointing somewhere else, or
> you have set some of the other X resource enviroment variables like
> XUSERFILESEARCHPATH), and then run xterm. xterm will then segmentation
> fault/bus error etc.
Joe Zbiciak's wrapper almost protects against this. It nukes XAPPLRESDIR,
XUSERFILESEARCHPATH and any environment variables that aren't in a small
set of approved ones (I had to add DISPLAY to this list). The problem is
that xterm will still pick up ~/XTerm anyway on the machine I tested this
on (varies based on configuration? anyone know offhand how to configure
it to not do this?). However, it does protect against, say ~/foobar/XTerm
with XAPPLRESDIR pointing to ~/foobar.
I tested this on an R5k O2 Irix 6.3.
Of course this probably just moves the buffer overflow into xrdb -merge,
(correct, David?)
--
Lamont Granquist <lamontg@hitl.washington.edu> (206)616-1469 fax:(206)543-5380
Human Interface Technology Lab. University of Washington. Seattle, WA
PGP pubkey: finger lamontg@near.hitl.washington.edu
