Attached is the patch which fixes a problem with gaim. It properly
sanitizes all input from xserver events.
BTW, woody version of xlockmore also has the same problem. The patch
applies to it, though with some fuzziness. Looking through diff between
woody and sarge versions I couldn't see any other problems. So it can be
fixed with just the same patch.
diff -Nru xlockmore-5.13/xlock/xlock.c xlockmore-fixed/xlock/xlock.c
--- xlockmore-5.13/xlock/xlock.c 2004-06-17 10:20:30.000000000 +0800
+++ xlockmore-fixed/xlock/xlock.c 2005-05-23 14:37:13.000000000 +0800
@@ -2145,7 +2145,7 @@
/* next line for -geometry */
if (event.xvisibility.state !=
VisibilityUnobscured) {
/* window was restacked or exposed */
- if (!debug && !inwindow)
+ if (!debug && !inwindow &&
event.xvisibility.window)
XRaiseWindow(dsp,
event.xvisibility.window);
call_refresh_hook((LockStruct *) NULL,
mode_info(dsp,
screen, Scr[screen].window, False));
@@ -2161,7 +2161,8 @@
break;
/* window config changed */
if (!debug && !inwindow) {
- XRaiseWindow(dsp,
event.xconfigure.window);
+ if (event.xconfigure.window)
+ XRaiseWindow(dsp,
event.xconfigure.window);
fixColormap(mode_info(dsp, screen,
Scr[screen].window, False), ncolors,
saturation, mono, install,
inroot, inwindow, verbose);
}
@@ -2760,7 +2761,7 @@
/* fall through on last expose event of the
series */
case VisibilityNotify:
- if (!debug && !inwindow) {
+ if (!debug && !inwindow && event.xany.window) {
XRaiseWindow(display,
event.xany.window);
}
for (screen = startscreen; screen < screens;
screen++) {
@@ -2770,7 +2771,7 @@
break;
case ConfigureNotify:
- if (!debug && !inwindow) {
+ if (!debug && !inwindow &&
event.xconfigure.window) {
XRaiseWindow(display,
event.xconfigure.window);
}
