1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
Index: src/init.c
===================================================================
--- src/init.c (revision 265)
+++ src/init.c (working copy)
@@ -1030,38 +1030,38 @@
/*
* Open display, get options/resources and create the window
*/
- if (IS_NULL(rs[Rs_display_name] = getenv("DISPLAY")))
- rs[Rs_display_name] = ":0";
-
rxvt_get_options( r, r_argc, r_argv );
rxvt_free( r_argv ); /* XXX memory leak? */
#ifdef LOCAL_X_IS_UNIX
- if( rs[Rs_display_name][0] == ':' )
+ /*
+ * 2008-04-29 gi1242: Force UNIX sockets for security (Gentoo Bug #219750)
+ */
+ if( IS_NULL( rs[Rs_display_name] ) )
+ rs[Rs_display_name] = getenv( "DISPLAY" );
+
+ if( rs[Rs_display_name] && rs[Rs_display_name][0] == ':' )
{
- int l = 5 + STRLEN(rs[Rs_display_name]);
+ char *val;
+ int l = 5 + STRLEN(rs[Rs_display_name]);
if (l <= 0 || l > 1024) /* possible integer overflow */
l = 1024;
+
val = rxvt_malloc(l);
- STRCPY(val, "unix");
- STRNCAT(val, rs[Rs_display_name], l-5);
- val[l-1] = (char) 0;
- rxvt_msg (DBG_INFO, DBG_INIT, "Open X display %s\n", val);
- r->Xdisplay = XOpenDisplay(val);
- rxvt_free(val);
+ STRCPY( val, "unix");
+ STRNCAT( val, rs[Rs_display_name], l-5);
+
+ rs[Rs_display_name] = val;
}
-#endif
+#endif /* LOCAL_X_IS_UNIX */
- if (IS_NULL(r->Xdisplay))
+ rxvt_msg( DBG_INFO, DBG_INIT, "Open X display %s\n", rs[Rs_display_name] );
+ r->Xdisplay = XOpenDisplay( rs[Rs_display_name] );
+ if( IS_NULL(r->Xdisplay) )
{
- rxvt_msg (DBG_INFO, DBG_INIT, "Open X display %s\n",
- rs[Rs_display_name] ? rs[Rs_display_name] : "nil");
- r->Xdisplay = XOpenDisplay( rs[Rs_display_name] );
- if (IS_NULL(r->Xdisplay))
- {
- rxvt_msg (DBG_ERROR, DBG_INIT, "can't open display %s", rs[Rs_display_name] );
- exit( EXIT_FAILURE );
- }
+ rxvt_msg( DBG_ERROR, DBG_INIT, "Error opening display %s\n",
+ rs[Rs_display_name] );
+ exit( EXIT_FAILURE );
}
|
GitWeb
