diff options
-rw-r--r-- | main/xfdesktop/0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch | 64 | ||||
-rw-r--r-- | main/xfdesktop/APKBUILD | 9 |
2 files changed, 70 insertions, 3 deletions
diff --git a/main/xfdesktop/0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch b/main/xfdesktop/0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch new file mode 100644 index 000000000..48a4388f8 --- /dev/null +++ b/main/xfdesktop/0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch @@ -0,0 +1,64 @@ +From 7669f5b3bc23658ac4f339fd288d8e8f9f30419e Mon Sep 17 00:00:00 2001 +From: Stefan Seyfried <seife+obs@b1-systems.com> +Date: Wed, 27 Jun 2012 09:42:55 +0200 +Subject: [PATCH] fix use-after-free in + xfdesktop_regular_file_icon_peek_tooltip + +xfce_rc_close() actually free()s "comment", so it needs to come after +we have strdup()ed its contents, not before. +This was introduced in commit 2fac2c92 (fix for bug 8509) +Fixes bug 9059. +--- + src/xfdesktop-regular-file-icon.c | 25 ++++++++++++------------- + 1 file changed, 12 insertions(+), 13 deletions(-) + +diff --git a/src/xfdesktop-regular-file-icon.c b/src/xfdesktop-regular-file-icon.c +index ff5d074..6e4b71d 100644 +--- a/src/xfdesktop-regular-file-icon.c ++++ b/src/xfdesktop-regular-file-icon.c +@@ -552,6 +552,10 @@ xfdesktop_regular_file_icon_peek_tooltip(XfdesktopIcon *icon) + G_FILE_ATTRIBUTE_TIME_MODIFIED); + time_string = xfdesktop_file_utils_format_time_for_display(mtime); + ++ regular_file_icon->priv->tooltip = ++ g_strdup_printf(_("Type: %s\nSize: %s\nLast modified: %s"), ++ description, size_string, time_string); ++ + /* Extract the Comment entry from the .desktop file */ + if(is_desktop_file) + { +@@ -563,23 +567,18 @@ xfdesktop_regular_file_icon_peek_tooltip(XfdesktopIcon *icon) + xfce_rc_set_group(rcfile, "Desktop Entry"); + comment = xfce_rc_read_entry(rcfile, "Comment", NULL); + } ++ /* Prepend the comment to the tooltip */ ++ if(comment != NULL) { ++ gchar *tooltip = regular_file_icon->priv->tooltip; ++ regular_file_icon->priv->tooltip = g_strdup_printf("%s\n%s", ++ comment, ++ tooltip); ++ g_free(tooltip); ++ } + + xfce_rc_close(rcfile); + } + +- regular_file_icon->priv->tooltip = +- g_strdup_printf(_("Type: %s\nSize: %s\nLast modified: %s"), +- description, size_string, time_string); +- +- /* Prepend the comment to the tooltip */ +- if(is_desktop_file && comment != NULL) { +- gchar *tooltip = regular_file_icon->priv->tooltip; +- regular_file_icon->priv->tooltip = g_strdup_printf("%s\n%s", +- comment, +- tooltip); +- g_free(tooltip); +- } +- + g_free(time_string); + g_free(size_string); + g_free(description); +-- +1.7.10.4 + diff --git a/main/xfdesktop/APKBUILD b/main/xfdesktop/APKBUILD index b6adbe661..f855f5016 100644 --- a/main/xfdesktop/APKBUILD +++ b/main/xfdesktop/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=xfdesktop pkgver=4.10.0 -pkgrel=0 +pkgrel=1 pkgdesc="A desktop manager for Xfce" url="http://www.xfce.org/" arch="all" @@ -11,7 +11,9 @@ depends="hicolor-icon-theme" makedepends="garcon-dev thunar-dev libxfce4ui-dev libwnck-dev libnotify-dev exo-dev" install= -source="http://archive.xfce.org/src/xfce/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.bz2" +source="http://archive.xfce.org/src/xfce/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.bz2 + 0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch + " _builddir="$srcdir"/$pkgname-$pkgver prepare() { @@ -38,4 +40,5 @@ package() { make DESTDIR="$pkgdir" install || return 1 } -md5sums="d5f6fb9fdde3ddff5804b2a251892936 xfdesktop-4.10.0.tar.bz2" +md5sums="d5f6fb9fdde3ddff5804b2a251892936 xfdesktop-4.10.0.tar.bz2 +9d76c3d1b4972b61c4a052b1a1dd733a 0001-fix-use-after-free-in-xfdesktop_regular_file_icon_pe.patch" |