Package: gtkterm
Version: 0.99.5-1
When sending hexadecimal characters, gtkterm crashes.
There is an overflow in the Send_Hexadecimal function. The "written"
array holds only 3 chars, which is not enough to hold the 0 at the end.
Suggested patch attached.
Ubuntu 9.04
gtkterm 0.99.5-1ubuntu2
diff -rBNu gtkterm-0.99.5-orig/src/widgets.c gtkterm-0.99.5/src/widgets.c
--- gtkterm-0.99.5-orig/src/widgets.c 2005-09-22 21:13:00.000000000 +0100
+++ gtkterm-0.99.5/src/widgets.c 2009-07-21 09:53:13.000000000 +0100
@@ -54,7 +54,7 @@
#endif
#if defined (__FreeBSD__) || defined (__FreeBSD_kernel__) \
|| defined (__NetBSD__) || defined (__NetBSD_kernel__) \
- || defined (__OpenBSD__) || defined (__OpenBSD_kernel__)
+ || defined (__OpenBSD__) || defined (__OpenBSD_kernel__)
# include <sys/ttycom.h> /* For control signals */
#endif
#include <vte/vte.h>
@@ -156,7 +156,7 @@
};
static gchar *translate_menu(const gchar *path, gpointer data)
-{
+{
return _(path);
}
@@ -174,7 +174,7 @@
{
show_index = gtk_check_menu_item_get_active(GTK_CHECK_MENU_ITEM(widget));
set_view(HEXADECIMAL_VIEW);
- return FALSE;
+ return FALSE;
}
gint hexadecimal_chars_to_display(gpointer *pointer, guint param, GtkWidget *widget)
@@ -216,7 +216,7 @@
{
if(!gtk_check_menu_item_get_active(GTK_CHECK_MENU_ITEM(widget)))
return FALSE;
-
+
set_view(param);
return FALSE;
@@ -267,10 +267,10 @@
gtk_signal_connect(GTK_OBJECT(Fenetre), "destroy", (GtkSignalFunc)gtk_main_quit, NULL);
gtk_signal_connect(GTK_OBJECT(Fenetre), "delete_event", (GtkSignalFunc)gtk_main_quit, NULL);
gtk_window_set_title(GTK_WINDOW(Fenetre), "GtkTerm");
-
+
Boite = gtk_vbox_new(FALSE, 0);
gtk_container_add(GTK_CONTAINER(Fenetre), Boite);
-
+
accel_group = gtk_accel_group_new();
item_factory = gtk_item_factory_new(GTK_TYPE_MENU_BAR, "<main>", accel_group);
gtk_item_factory_set_translate_func(item_factory, translate_menu, "<main>", NULL);
@@ -290,7 +290,7 @@
gtk_check_menu_item_set_active(GTK_CHECK_MENU_ITEM(hex_len_menu), TRUE);
gtk_box_pack_start(GTK_BOX(Boite), Menu, FALSE, TRUE, 0);
-
+
BoiteH = gtk_hbox_new(FALSE, 0);
gtk_box_pack_start(GTK_BOX(Boite), BoiteH, TRUE, TRUE, 0);
@@ -373,7 +373,7 @@
return;
while(i < size)
- {
+ {
while(gtk_events_pending()) gtk_main_iteration();
vte_terminal_get_cursor_position(VTE_TERMINAL(display), &column, &row);
@@ -395,12 +395,12 @@
/* Print hexadecimal characters */
data[0] = 0;
-
+
while(bytes < bytes_per_line && i < size)
{
gint avance=0;
gchar ascii[1];
-
+
sprintf(data_byte, "%02X ", (guchar)string[i]);
vte_terminal_feed(VTE_TERMINAL(display), data_byte, 3);
@@ -410,17 +410,17 @@
sprintf(data_byte, "%c[%dC", 27, avance);
vte_terminal_feed(VTE_TERMINAL(display), data_byte, strlen(data_byte));
- /* Print ascii characters */
+ /* Print ascii characters */
ascii[0] = (string[i] > 0x1F) ? string[i] : '.';
vte_terminal_feed(VTE_TERMINAL(display), ascii, 1);
- /* Move backward */
+ /* Move backward */
sprintf(data_byte, "%c[%dD", 27, avance + 1);
vte_terminal_feed(VTE_TERMINAL(display), data_byte, strlen(data_byte));
if(bytes == bytes_per_line / 2 - 1)
vte_terminal_feed(VTE_TERMINAL(display), "- ", strlen("- "));
-
+
bytes++;
i++;
@@ -431,8 +431,8 @@
total_bytes += bytes;
}
- }
-
+ }
+
}
}
@@ -441,7 +441,7 @@
int pos;
GString *buffer_tmp;
gchar *in_buffer;
-
+
buffer_tmp = g_string_new(string);
in_buffer=buffer_tmp->str;
@@ -449,12 +449,12 @@
for(pos=size; pos>0; pos--)
{
in_buffer--;
- if(*in_buffer=='\r' && *(in_buffer+1) != '\n')
+ if(*in_buffer=='\r' && *(in_buffer+1) != '\n')
{
g_string_insert_c(buffer_tmp, pos, '\n');
size += 1;
}
- if(*in_buffer=='\n' && *(in_buffer-1) != '\r')
+ if(*in_buffer=='\n' && *(in_buffer-1) != '\r')
{
g_string_insert_c(buffer_tmp, pos-1, '\r');
size += 1;
@@ -543,7 +543,7 @@
if(stat & TIOCM_DTR)
gtk_widget_set_sensitive(GTK_WIDGET(signals[5]), TRUE);
else
- gtk_widget_set_sensitive(GTK_WIDGET(signals[5]), FALSE);
+ gtk_widget_set_sensitive(GTK_WIDGET(signals[5]), FALSE);
}
gint signaux(GtkWidget *widget, guint param)
@@ -578,15 +578,15 @@
void show_message(gchar *message, gint type_msg)
{
GtkWidget *Fenetre_msg;
-
+
if(type_msg==MSG_ERR)
{
- Fenetre_msg =
+ Fenetre_msg =
gtk_message_dialog_new(GTK_WINDOW(Fenetre), GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR, GTK_BUTTONS_OK, message);
}
else if(type_msg==MSG_WRN)
{
- Fenetre_msg =
+ Fenetre_msg =
gtk_message_dialog_new(GTK_WINDOW(Fenetre), GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_WARNING, GTK_BUTTONS_OK, message);
}
else
@@ -604,7 +604,7 @@
guchar val;
guint val_read;
guint sent = 0;
- gchar written[3];
+ gchar written[4];
gchar *all_written;
text = (gchar *)gtk_entry_get_text(GTK_ENTRY(widget));
@@ -620,7 +620,7 @@
{
val = (guchar)val_read;
send_serial(&val, 1);
- sprintf(written, "%02X ", val);
+ snprintf(written, sizeof(written), "%02X ", val);
strcat(all_written, written);
sent++;
}
@@ -646,7 +646,7 @@
{
/* time in ms */
gtk_statusbar_push(GTK_STATUSBAR(StatusBar), id, text);
- gtk_timeout_add(time, (GtkFunction)pop_message, NULL);
+ gtk_timeout_add(time, (GtkFunction)pop_message, NULL);
}
gboolean pop_message(void)
