[wiki] [sites] [dwm][patch][winicon] Prevent potential pointer overflow || AdamYuan
commit 66ce520d4a5ac684fda9b3e40dd8236d54e804db
Author: AdamYuan <y13916619121_AT_126.com>
Date: Fri Jul 23 13:42:32 2021 +0800
[dwm][patch][winicon] Prevent potential pointer overflow
diff --git a/dwm.suckless.org/patches/winicon/dwm-winicon-6.2-v1.3.diff b/dwm.suckless.org/patches/winicon/dwm-winicon-6.2-v1.3.diff
index 34373a07..27d5ce22 100644
--- a/dwm.suckless.org/patches/winicon/dwm-winicon-6.2-v1.3.diff
+++ b/dwm.suckless.org/patches/winicon/dwm-winicon-6.2-v1.3.diff
_AT_@ -81,7 +81,7 @@ index 4bcd5ad..07b6433 100644
/* Map functions */
void drw_map(Drw *drw, Window win, int x, int y, unsigned int w, unsigned int h);
diff --git a/dwm.c b/dwm.c
-index 4465af1..850dbbf 100644
+index 4465af1..b02a80c 100644
--- a/dwm.c
+++ b/dwm.c
_AT_@ -28,6 +28,8 @@
_AT_@ -183,16 +183,16 @@ index 4465af1..850dbbf 100644
+ const unsigned long *end = p + n;
+ unsigned long *i;
+ uint32_t bstd = UINT32_MAX, d, m;
-+ for (i = p; i + 1 < end; ) {
++ for (i = p; i < end - 1; i += sz) {
+ if ((w = *i++) > UINT16_MAX || (h = *i++) > UINT16_MAX) { XFree(p); return NULL; }
-+ m = w > h ? w : h; sz = w * h;
-+ if ((i += sz) <= end && m >= ICONSIZE && (d = m - ICONSIZE) < bstd) { bstd = d; bstp = i - sz; }
++ if ((sz = w * h) > end - i) break;
++ if ((m = w > h ? w : h) >= ICONSIZE && (d = m - ICONSIZE) < bstd) { bstd = d; bstp = i; }
+ }
+ if (!bstp) {
-+ for (i = p; i + 1 < end; ) {
++ for (i = p; i < end - 1; i += sz) {
+ if ((w = *i++) > UINT16_MAX || (h = *i++) > UINT16_MAX) { XFree(p); return NULL; }
-+ m = w > h ? w : h; sz = w * h;
-+ if ((i += sz) <= end && (d = ICONSIZE - m) < bstd) { bstd = d; bstp = i - sz; }
++ if ((sz = w * h) > end - i) break;
++ if ((d = ICONSIZE - (w > h ? w : h)) < bstd) { bstd = d; bstp = i; }
+ }
+ }
+ if (!bstp) { XFree(p); return NULL; }
Received on Fri Jul 23 2021 - 07:42:47 CEST
This archive was generated by hypermail 2.3.0
: Fri Jul 23 2021 - 07:48:42 CEST