From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- .../conky/files/conky-1.10.6-new_graph-oor.patch | 35 ++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 app-admin/conky/files/conky-1.10.6-new_graph-oor.patch (limited to 'app-admin/conky/files/conky-1.10.6-new_graph-oor.patch') diff --git a/app-admin/conky/files/conky-1.10.6-new_graph-oor.patch b/app-admin/conky/files/conky-1.10.6-new_graph-oor.patch new file mode 100644 index 000000000000..18091702f681 --- /dev/null +++ b/app-admin/conky/files/conky-1.10.6-new_graph-oor.patch @@ -0,0 +1,35 @@ +From 2600d01373ce04b34f698f3887e90a35c77bda61 Mon Sep 17 00:00:00 2001 +From: labath +Date: Tue, 31 Jan 2017 01:31:09 +0000 +Subject: [PATCH] Fix an out-of-range error in new_graph (#356) + +The code was multiplying the index with the size of the element, and +then adding it to the typed pointer (resulting in a double +multiplication and an OOB access). + +Replace the buggy code with a slightly safer c++ alternative. +--- + src/specials.cc | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/src/specials.cc b/src/specials.cc +index ee941eb..73bd2a2 100644 +--- a/src/specials.cc ++++ b/src/specials.cc +@@ -519,14 +519,12 @@ void new_graph(struct text_object *obj, char *buf, int buf_max_size, double val) + DBGP("reallocing graph from %d to %d", s->graph_allocated, s->graph_width); + if (!s->graph) { + /* initialize */ +- memset(graph, 0, s->graph_width * sizeof(double)); ++ std::fill_n(graph, s->graph_width, 0.0); + s->scale = 100; + } else { + if (s->graph_width > s->graph_allocated) { + /* initialize the new region */ +- memset(graph + (s->graph_allocated * sizeof(double)), 0, +- (s->graph_width - s->graph_allocated) * +- sizeof(double)); ++ std::fill(graph + s->graph_allocated, graph + s->graph_width, 0.0); + } + } + s->graph = graph; -- cgit v1.2.3