commit 26b2bf93ef72b2e53dac5a97de8551bbfcf22e80
parent fc6f0eef6a35fad0aa71319c3813e153e7b96e44
Author: Conrad Parker <conrad@metadecks.org>
Date: Wed, 30 Mar 2011 16:18:31 +0900
Fix overflow of supported_targets array
Patch by Hans de Goede:
I'm one of the developers of spice (a remote virtual machine viewing protocol ala vnc / rdp).
One of the features of spice is copy / paste between the guest and the client, while testing
copy and paste with xsel, the spice-client crashed with a BadAtom error. This is caused
by the spice-client getting the TARGETS property, and then for debugging purposes doing a
XGetAtomName on all reported target Atoms. xsel however claims to send 9 targets, but
only send 8 Atoms + 1 piece of random data from memory.
Diffstat:
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/xsel.c b/xsel.c
@@ -66,7 +66,7 @@ static Atom compound_text_atom; /* The COMPOUND_TEXT atom */
* NB. We do not currently serve COMPOUND_TEXT; we can retrieve it but do not
* perform charset conversion.
*/
-#define MAX_NUM_TARGETS 8
+#define MAX_NUM_TARGETS 9
static int NUM_TARGETS;
static Atom supported_targets[MAX_NUM_TARGETS];
@@ -2159,6 +2159,11 @@ main(int argc, char *argv[])
supported_targets[s++] = XA_STRING;
NUM_TARGETS++;
+ if (NUM_TARGETS > MAX_NUM_TARGETS) {
+ exit_err ("internal error num-targets (%d) > max-num-targets (%d)\n",
+ NUM_TARGETS, MAX_NUM_TARGETS);
+ }
+
/* Get the COMPOUND_TEXT atom.
* NB. We do not currently serve COMPOUND_TEXT; we can retrieve it but
* do not perform charset conversion.
