Package: xsok / 1.02-19

Metadata

Package Version Patches format
xsok 1.02-19 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
build_tweaks.patch | (download)

Makefile | 2 1 + 1 - 0 !
src/Imakefile | 22 11 + 11 - 0 !
src/X-gfx.c | 2 1 + 1 - 0 !
src/Xaw-help.c | 2 1 + 1 - 0 !
src/move.c | 11 5 + 6 - 0 !
src/score.c | 3 2 + 1 - 0 !
6 files changed, 21 insertions(+), 21 deletions(-)

 random hacks to build + install xsok.

config.patch | (download)

src/Tableau.h | 4 2 + 2 - 0 !
src/XSok.ad | 1 1 + 0 - 0 !
2 files changed, 3 insertions(+), 2 deletions(-)

 configuration changes / fixes.

overflow.patch | (download)

src/loadsave.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 prevent buffer overflow from the environment.

wm_delete.patch | (download)

src/X-sok.h | 5 4 + 1 - 0 !
src/Xaw-help.c | 14 11 + 3 - 0 !
src/Xaw-main.c | 48 39 + 9 - 0 !
src/xsok.h | 2 1 + 1 - 0 !
4 files changed, 55 insertions(+), 14 deletions(-)

 support icccm ... or at least wm_delete_window.

undo_nowrap.patch | (download)

src/commands.c | 3 0 + 3 - 0 !
1 file changed, 3 deletions(-)

 do not let undo wrap around to the original end of the game.
 This behavior was not a bug, but it is unintuitive and undocumented.

drag_segfault.patch | (download)

src/mousemove.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 avoid segfault when trying to drag the player with the middle button.
 Dragging the player does nothing, you're supposed to drag a box,
 but at least it shouldn't crash.

manpage.patch | (download)

src/xsok.man | 24 12 + 12 - 0 !
1 file changed, 12 insertions(+), 12 deletions(-)

 small manpage fixes.

no_gunzip.patch | (download)

lib/Makefile | 26 8 + 18 - 0 !
src/Imakefile | 4 2 + 2 - 0 !
src/parse.c | 26 6 + 20 - 0 !
src/xfopen.c | 1 1 + 0 - 0 !
4 files changed, 17 insertions(+), 40 deletions(-)

 remove all traces of gzipped data files, and opening thereof.
 This is a setgid program; no need to be calling external binaries.
 Also rip out artificial 7-char limit on game types, which is related.

security_paranoia.patch | (download)

src/X-gfx.c | 4 2 + 2 - 0 !
src/X-sound_SUN.c | 3 2 + 1 - 0 !
src/Xaw-help.c | 8 4 + 4 - 0 !
src/Xaw-main.c | 9 5 + 4 - 0 !
src/commands.c | 3 2 + 1 - 0 !
src/loadsave.c | 13 8 + 5 - 0 !
src/messages.c | 4 2 + 2 - 0 !
src/parse.c | 6 3 + 3 - 0 !
src/showscore.c | 7 4 + 3 - 0 !
src/tools.c | 5 3 + 2 - 0 !
src/username.c | 20 10 + 10 - 0 !
11 files changed, 45 insertions(+), 37 deletions(-)

 replace some sprintf with snprintf, and strcpy with strncpy.
 I haven't attempted to prove that any of these are exploitable,
 but it looks as though some may well be.
 .
 Note also that I haven't done any kind of formal audit.

do not use global variable as counter.patch | (download)

src/commands.c | 7 4 + 3 - 0 !
1 file changed, 4 insertions(+), 3 deletions(-)

 do not use global variable as counter

Debian-Bug: https://bugs.debian.org/382550