Bug#500076: [gtk-chtheme] An unchecked fopen leads to SIGSEGV

Wed, 24 Sep 2008 13:59:16 -0700 

Package: gtk-chtheme
Version: 0.3.1-3
Tags: patch
Severity: normal

Hi, 

Like all gtk theme switching utility based on gtk-theme-switch, gtk-chtheme
includes some unchecked getenv() calls. Add to this an unchecked fopen or
fdopen, then it generates a SIGSEGV.

In "real" situation, try :

        HOME=/inexistant/or/cant_write_here gtk-chtheme

And save your settings. It's always reproducible, and the bug can be
triggered by 2 situations: 

        - can't write ~/gtkrc-2.0 
        - user $HOME doesn't exists

It shouldn't happen, but it's still possible by mistake (like "sudo
cp /etc/gtk/gtkrc-2.0 ~/.gtkrc-2.0" - it's stupid, but it happens).

I join a single patch against main.c and main.h that checks the calls for
fopen/fdopen in write mode. The others in read mode are not a problem,
they're handled properly.

This patch spawns a standard error message box, telling the user what happens
and then quits, since without a writable gtkrc the program is useless.

Regards.

-- 
François Wendling <[EMAIL PROTECTED]>
IRC : KnuckOne @ Freenode and OFTC

diff -ru gtk-chtheme-0.3.1.orig/main.c gtk-chtheme-0.3.1/main.c
--- gtk-chtheme-0.3.1.orig/main.c	2004-02-09 05:33:28.000000000 +0100
+++ gtk-chtheme-0.3.1/main.c	2008-09-24 21:22:21.000000000 +0200
@@ -21,6 +21,7 @@
 #include <stdio.h>				// fopen() fdopen() fprintf()
 #include <string.h>
 #include <fcntl.h>
+#include <errno.h>				// handles errors
 #include "main.h"
 #include "stock.h"
 #include "mainwin.h"
@@ -83,6 +84,9 @@
 		? fdopen(g_file_open_tmp("gtkrc.preview-XXXXXXXX", &tmp_rc, NULL), "w+")
 		: fopen(gtkrc, "w");
 
+	if (gtkrc_fh == NULL)
+		fopen_error_handler(errno);
+	
 	gchar *include_file = g_hash_table_lookup(hash, themename);
 
 	fprintf(gtkrc_fh,
@@ -234,3 +238,17 @@
 
 	return 0;
 }
+
+void fopen_error_handler(int error_number) {
+	GtkWidget *dialog = gtk_message_dialog_new (NULL,
+								  GTK_DIALOG_DESTROY_WITH_PARENT,
+								  GTK_MESSAGE_ERROR,
+								  GTK_BUTTONS_CLOSE,
+								  "Error while saving your preferences: %s\n%s",
+								   strerror(error_number), "\nQuitting.");
+	gtk_window_set_title(GTK_WINDOW(dialog), "Error");
+	gtk_dialog_run (GTK_DIALOG (dialog));
+	gtk_widget_destroy (dialog);
+	gtk_main_quit();
+	exit(1);
+}
diff -ru gtk-chtheme-0.3.1.orig/main.h gtk-chtheme-0.3.1/main.h
--- gtk-chtheme-0.3.1.orig/main.h	2004-02-07 04:47:04.000000000 +0100
+++ gtk-chtheme-0.3.1/main.h	2008-09-24 21:22:23.000000000 +0200
@@ -26,5 +26,5 @@
 void set_theme(gchar * newthemename, gboolean is_preview);
 gchar* get_theme(void);
 void apply_new_look(gboolean is_preview);
-
+void fopen_error_handler(int error_number);
 #endif

Reply via email to