Patch from Pascal Stumpf <Pascal.Stumpf@cubes.de>
The official POSIX name for this signal is SIGCHLD. Linux probably
has SIGCLD only for SysV compatibility, but BSD does not.
Patch from Pascal Stumpf <Pascal.Stumpf@cubes.de>:
So here are all the patches that deal with the fact that modern
compilers assume different scoping rules for variables declared in for
loops. On Linux, -fpermissive has been added as a compiler flag to
compensate for this old C code, but I think it is the wrong approach.
Sorry, couldn't help sneaking in a || defined(CSRG_BASED) and some casts
needed for other reasons ...
Patch from Pascal Stumpf <Pascal.Stumpf@cubes.de>
Most is just copied from the existing imake installation in
/usr/X11R6. Additionally:
* Allow overriding CDESharedRev, X11ProjectRoot and ProjectRoot
* Add a new define to be able to override MINCLUDESRC too
(this allows me to build CDE without symlinking any include directories)
don't use the idiom
char foo[BUFSIZ];
snprintf(foo, BUFSIZ, ....);
but
char foo[BUFSIZ];
snprintf(foo, sizeo foo, ....);
because this will automatically catch situations where the size of foo
is later changed, e.g. like foo[BUFSIZ + 8];
Fix another use of sprintf.
Patch from Robert Tomsick <robert+cde@tomsick.net>:
I believe this fixes vulnerability #3 from CERT CA-1999-11.[1] The other
uses of sprintf in DtAction seem to be safe.
[1] https://www.cert.org/advisories/CA-1999-11.html
Patch from Douglas Mencken <dougmencken@gmail.com>:
"%wc" is Microsoft extension, not supported in every Std C Library. So
if we don't want to print "%wc%wc%wc%wc%..." instead of real chars, we
shall not use it.
Before:
%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wcession[28326]:
_Tt_s_session::s_init(): 1051 (TT_ERR_INTERNAL)!
%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wcession[28326]: waitpid():
No child processes
%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wc%wcession[28326]: child
ttsession exited with status 1
After:
/usr/dt/bin/ttsession[12397]: _Tt_s_session::s_init(): 1051 (TT_ERR_INTERNAL)!
/usr/dt/bin/ttsession[12397]: waitpid(): No child processes
/usr/dt/bin/ttsession[12397]: child ttsession exited with status 1
Patch from Frederic Koehler <f.koehler427@gmail.com>:
These implicit definitions cause segfaults on x64 because
the implicit return type is a 32-bit signed int, rather than a pointer
type.
Patch from Frederic Koehler <f.koehler427@gmail.com>:
Define a final fallback for loading default window manager font;
before exiting, forcefully try to load "fixed" font. This is sufficient
to allow systems where fontList is set to an empty list to startup dtwm,
for now.
dtlogin's genauth routines were trying to open and read /dev/mem on
linux and (presumably) bsd systems in order to obtain random data used
in creating an auth key.
This is bad for a variety of reasons. Newer linux kernels (at least
on 3.2) issue the following warning to the kernel logs:
"Program dtlogin tried to access /dev/mem between 100000->102000."
Now on linux we will use /dev/urandom, and on CSRG_BASED (bsd) systems
we will use /dev/random to obtain some entropy.
With Aaron's fixes to dtdbcache fixing a potential coredump, the
comment block in the write_db() function regarding tmpnam() no longer
applies, and the tmpnam_buf variable is no longer used.
So, remove them :)
Patch from Ulrich Wilkens <mail@uwilkens.de>
I have a little patch for a problem that I found when I tried to
compile dthelp on 64bit FreeBSD. It could also be a problem on other
64bit systems. The problem is that the program context compiles but
fails running with segmentation fault.
context uses the function m_malloc() which is missing a correct
prototype sometimes. Then it's treated to return int instead of void *
. On 64bit systems this cuts off the higher 32 bits because void * is
64bit whereas int is only 32bit.
Patch from Douglas Mencken <dougmencken@gmail.com>:
The issue is that MESSAGE tries to invoke catgets with NULL first
parameter, which is dereferenced inside catgets (Std C Library
function) without checking, from catgets.c source:
if (catalog->name_ptr[idx + 0] == (u_int32_t) set
&& catalog->name_ptr[idx + 1] == (u_int32_t) message)
On the other hand, there's a special value: -1 (cast to nl_catd),
which must be used instead of 0 (NULL) in the case when we are unable
to provide real catalog_desc, from catgets.c source:
/* Be generous if catalog which failed to be open is used. */
if (catalog_desc == (nl_catd) -1 || ++set <= 0 || message < 0)
return (char *) string;
In dtlogin, you can select the language to switch to by selecting it
via Options->Language. Unfortunately this was also including '.' and
'..', since this list is built dynamically by scanning a directory.
Now we screen out '.' and '..'.
The TOG copyrights were being removed after a rebuild, leaving behind
the scary "RESTRICTED" copyright text that was originally there.
The issue was that the TOG copyrights were not properly embedded
within a 'DTB_USER_CODE_START' code block.
dtcodegen does not preserve any code outside DT_USER_CODE START and
END blocks.
Additionally, these objects are built with -merge by dtcodgen, so the
existing 'RESTRICTED' header within the codeblocks was being retained.
It is amazing what mayhem can be caused by a bad define :)
The reason most of the CDE programs were not actually using their
localized catalogs was because their use was being disabled by this
line.
Certain programs like dtwm and dthelp/libDtHelp did their own
localization handling and did not use the results of this define.
This is why they worked properly, and most everything else did not :)
