X-Git-Url: http://git.demorecorder.com/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=src%2Fxcb_auth.c;h=104f2f07b592f67f021e3afdae5a0f6f74421c37;hb=010e5661;hp=a648b16bc69d957f6b7113e2b67c2f9c7c6d0a93;hpb=9f24c91f91dd68a52e46191b686283b0df38d2f5;p=free-sw%2Fxcb%2Flibxcb

diff --git a/src/xcb_auth.c b/src/xcb_auth.c
index a648b16..104f2f0 100644
--- a/src/xcb_auth.c
+++ b/src/xcb_auth.c
@@ -97,6 +97,7 @@ static Xauth *get_authptr(struct sockaddr *sockname, unsigned int socknamelen,
     unsigned short family;
     char hostnamebuf[256];   /* big enough for max hostname */
     char dispbuf[40];   /* big enough to hold more than 2^64 base 10 */
+    int dispbuflen;
 
     family = FamilyLocal; /* 256 */
     switch(sockname->sa_family)
@@ -127,7 +128,11 @@ static Xauth *get_authptr(struct sockaddr *sockname, unsigned int socknamelen,
         return 0;   /* cannot authenticate this family */
     }
 
-    snprintf(dispbuf, sizeof(dispbuf), "%d", display);
+    dispbuflen = snprintf(dispbuf, sizeof(dispbuf), "%d", display);
+    if(dispbuflen < 0)
+        return 0;
+    /* snprintf may have truncate our text */
+    dispbuflen = MIN(dispbuflen, sizeof(dispbuf) - 1);
 
     if (family == FamilyLocal) {
         if (gethostname(hostnamebuf, sizeof(hostnamebuf)) == -1)
@@ -138,7 +143,7 @@ static Xauth *get_authptr(struct sockaddr *sockname, unsigned int socknamelen,
 
     return XauGetBestAuthByAddr (family,
                                  (unsigned short) addrlen, addr,
-                                 (unsigned short) strlen(dispbuf), dispbuf,
+                                 (unsigned short) dispbuflen, dispbuf,
                                  N_AUTH_PROTOS, authnames, authnameslen);
 }
 
@@ -245,17 +250,21 @@ int _xcb_get_auth_info(int fd, xcb_auth_info_t *info, int display)
     char sockbuf[sizeof(struct sockaddr) + MAXPATHLEN];
     unsigned int socknamelen = sizeof(sockbuf);   /* need extra space */
     struct sockaddr *sockname = (struct sockaddr *) &sockbuf;
+    int gotsockname = 0;
     Xauth *authptr = 0;
     int ret = 1;
 
+    /* Some systems like hpux or Hurd do not expose peer names
+     * for UNIX Domain Sockets, but this is irrelevant,
+     * since compute_auth() ignores the peer name in this
+     * case anyway.*/
     if (getpeername(fd, sockname, &socknamelen) == -1)
     {
-        if (getsockname(fd, sockname, &socknamelen) == -1)
-            return 0;  /* can only authenticate sockets */
         if (sockname->sa_family != AF_UNIX)
-            return 0;
-        /* Some systems like hpux or Hurd do not expose peer names
-         * for UNIX Domain Sockets.  We do not need it anyway.  */
+            return 0;   /* except for AF_UNIX, sockets should have peernames */
+        if (getsockname(fd, sockname, &socknamelen) == -1)
+            return 0;   /* can only authenticate sockets */
+        gotsockname = 1;
     }
 
     authptr = get_authptr(sockname, socknamelen, display);
@@ -263,14 +272,28 @@ int _xcb_get_auth_info(int fd, xcb_auth_info_t *info, int display)
         return 0;   /* cannot find good auth data */
 
     info->namelen = memdup(&info->name, authptr->name, authptr->name_length);
-    if(info->namelen)
-	ret = compute_auth(info, authptr, sockname);
+    if (!info->namelen)
+        goto no_auth;   /* out of memory */
+
+    if (!gotsockname && getsockname(fd, sockname, &socknamelen) == -1)
+    {
+        free(info->name);
+        goto no_auth;   /* can only authenticate sockets */
+    }
+
+    ret = compute_auth(info, authptr, sockname);
     if(!ret)
     {
-	free(info->name);
-	info->name = 0;
-	info->namelen = 0;
+        free(info->name);
+        goto no_auth;   /* cannot build auth record */
     }
+
     XauDisposeAuth(authptr);
     return ret;
+
+ no_auth:
+    info->name = 0;
+    info->namelen = 0;
+    XauDisposeAuth(authptr);
+    return 0;
 }