falso
/
cdesktopenv
mirror of https://git.code.sf.net/p/cdesktopenv/code
1
0
Fork 0
Code Issues Releases Wiki Activity
280 Commits 4 Branches 26 Tags 102 MiB
Commit Graph

5 Commits

Author SHA1 Message Date
Pascal Stumpf 3718075b7c OpenBSD fixes for DtWidget, dtaction, dtappbuilder. 2012-08-10 14:10:52 -06:00
Marc Balmer bb21797684 Use a more robust idiom When converting sprintf() to snprintf() 
don't use the idiom

char foo[BUFSIZ];
snprintf(foo, BUFSIZ, ....);

but

char foo[BUFSIZ];
snprintf(foo, sizeo foo, ....);

because this will automatically catch situations where the size of foo
is later changed, e.g. like  foo[BUFSIZ + 8];

Fix another use of sprintf.
 2012-08-09 11:52:17 -06:00
Jon Trulson 70e1c5a55a dtaction: Fix unsafe use of sprintf 
Patch from Robert Tomsick <robert+cde@tomsick.net>:

I believe this fixes vulnerability #3 from CERT CA-1999-11.[1]  The other
uses of sprintf in DtAction seem to be safe.

[1] https://www.cert.org/advisories/CA-1999-11.html
 2012-08-08 20:17:17 -06:00
Peter Howkins c884521619 Add GNU LGPL headers to all .c .C and .h files 2012-03-10 18:58:32 +00:00
Peter Howkins 83b6996daa Initial import of the CDE 2.1.30 sources from the Open Group. 2012-03-10 18:21:40 +00:00