summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/xfdesktop/0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch64
-rw-r--r--main/xfdesktop/APKBUILD9
2 files changed, 70 insertions, 3 deletions
diff --git a/main/xfdesktop/0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch b/main/xfdesktop/0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch
new file mode 100644
index 000000000..48a4388f8
--- /dev/null
+++ b/main/xfdesktop/0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch
@@ -0,0 +1,64 @@
+From 7669f5b3bc23658ac4f339fd288d8e8f9f30419e Mon Sep 17 00:00:00 2001
+From: Stefan Seyfried <seife+obs@b1-systems.com>
+Date: Wed, 27 Jun 2012 09:42:55 +0200
+Subject: [PATCH] fix use-after-free in
+ xfdesktop_regular_file_icon_peek_tooltip
+
+xfce_rc_close() actually free()s "comment", so it needs to come after
+we have strdup()ed its contents, not before.
+This was introduced in commit 2fac2c92 (fix for bug 8509)
+Fixes bug 9059.
+---
+ src/xfdesktop-regular-file-icon.c | 25 ++++++++++++-------------
+ 1 file changed, 12 insertions(+), 13 deletions(-)
+
+diff --git a/src/xfdesktop-regular-file-icon.c b/src/xfdesktop-regular-file-icon.c
+index ff5d074..6e4b71d 100644
+--- a/src/xfdesktop-regular-file-icon.c
++++ b/src/xfdesktop-regular-file-icon.c
+@@ -552,6 +552,10 @@ xfdesktop_regular_file_icon_peek_tooltip(XfdesktopIcon *icon)
+ G_FILE_ATTRIBUTE_TIME_MODIFIED);
+ time_string = xfdesktop_file_utils_format_time_for_display(mtime);
+
++ regular_file_icon->priv->tooltip =
++ g_strdup_printf(_("Type: %s\nSize: %s\nLast modified: %s"),
++ description, size_string, time_string);
++
+ /* Extract the Comment entry from the .desktop file */
+ if(is_desktop_file)
+ {
+@@ -563,23 +567,18 @@ xfdesktop_regular_file_icon_peek_tooltip(XfdesktopIcon *icon)
+ xfce_rc_set_group(rcfile, "Desktop Entry");
+ comment = xfce_rc_read_entry(rcfile, "Comment", NULL);
+ }
++ /* Prepend the comment to the tooltip */
++ if(comment != NULL) {
++ gchar *tooltip = regular_file_icon->priv->tooltip;
++ regular_file_icon->priv->tooltip = g_strdup_printf("%s\n%s",
++ comment,
++ tooltip);
++ g_free(tooltip);
++ }
+
+ xfce_rc_close(rcfile);
+ }
+
+- regular_file_icon->priv->tooltip =
+- g_strdup_printf(_("Type: %s\nSize: %s\nLast modified: %s"),
+- description, size_string, time_string);
+-
+- /* Prepend the comment to the tooltip */
+- if(is_desktop_file && comment != NULL) {
+- gchar *tooltip = regular_file_icon->priv->tooltip;
+- regular_file_icon->priv->tooltip = g_strdup_printf("%s\n%s",
+- comment,
+- tooltip);
+- g_free(tooltip);
+- }
+-
+ g_free(time_string);
+ g_free(size_string);
+ g_free(description);
+--
+1.7.10.4
+
diff --git a/main/xfdesktop/APKBUILD b/main/xfdesktop/APKBUILD
index b6adbe661..f855f5016 100644
--- a/main/xfdesktop/APKBUILD
+++ b/main/xfdesktop/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=xfdesktop
pkgver=4.10.0
-pkgrel=0
+pkgrel=1
pkgdesc="A desktop manager for Xfce"
url="http://www.xfce.org/"
arch="all"
@@ -11,7 +11,9 @@ depends="hicolor-icon-theme"
makedepends="garcon-dev thunar-dev libxfce4ui-dev libwnck-dev libnotify-dev
exo-dev"
install=
-source="http://archive.xfce.org/src/xfce/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.bz2"
+source="http://archive.xfce.org/src/xfce/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.bz2
+ 0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch
+ "
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
@@ -38,4 +40,5 @@ package() {
make DESTDIR="$pkgdir" install || return 1
}
-md5sums="d5f6fb9fdde3ddff5804b2a251892936 xfdesktop-4.10.0.tar.bz2"
+md5sums="d5f6fb9fdde3ddff5804b2a251892936 xfdesktop-4.10.0.tar.bz2
+9d76c3d1b4972b61c4a052b1a1dd733a 0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch"