Please accept dwm-tools

[Daniel Baumann]

Hi,

slock in dwm-tools does have a potential buffer overflow. Upload for sid
is already done, the one for testing is ready too. Please allow me to
upload it, debdiff is attached.

-- 
Address:        Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email:          [EMAIL PROTECTED]
Internet:       http://people.panthera-systems.net/~daniel-baumann/

diff -u dwm-tools-2/debian/changelog dwm-tools-2/debian/changelog
--- dwm-tools-2/debian/changelog
+++ dwm-tools-2/debian/changelog
@@ -1,3 +1,9 @@
+dwm-tools (2-3) testing; urgency=high
+
+  * Applied 98-slock-bo.patch from slock 0.4 to fix potential buffer overflow.
+
+ -- Daniel Baumann <[EMAIL PROTECTED]>  Sat, 13 Jan 2007 15:46:00 +0100
+
 dwm-tools (2-2) testing; urgency=medium
 
   * Applied 99-utf.patch from dmenu 1.6 to fix utf support (Closes: #402816).
diff -u dwm-tools-2/debian/patches/00list dwm-tools-2/debian/patches/00list
--- dwm-tools-2/debian/patches/00list
+++ dwm-tools-2/debian/patches/00list
@@ -1 +1,2 @@
+98-slock-bo
 99-dmenu-utf
only in patch2:
unchanged:
--- dwm-tools-2.orig/debian/patches/98-slock-bo.dpatch
+++ dwm-tools-2/debian/patches/98-slock-bo.dpatch
@@ -0,0 +1,28 @@
+#!/bin/sh /usr/share/dpatch/dpatch-run
+## 98-slock-bo.dpatch by Anselm R. Garbe <[EMAIL PROTECTED]>
+##
+## DP: Fixes potential buffer overflow (taken from slock 0.4).
+
[EMAIL PROTECTED]@
+
+diff -Naur dwm-tools-2.orig/slock-0.3/slock.c dwm-tools-2/slock-0.3/slock.c
+--- dwm-tools-2.orig/slock-0.3/slock.c	2006-11-03 10:35:35.000000000 +0000
++++ dwm-tools-2/slock-0.3/slock.c	2007-01-13 13:10:33.000000000 +0000
+@@ -102,7 +102,7 @@
+ 	while(running && !XNextEvent(dpy, &ev))
+ 		if(ev.type == KeyPress) {
+ 			buf[0] = 0;
+-			num = XLookupString(&ev.xkey, buf, sizeof(buf), &ksym, 0);
++			num = XLookupString(&ev.xkey, buf, sizeof buf, &ksym, 0);
+ 			if(IsFunctionKey(ksym) || IsKeypadKey(ksym)
+ 					|| IsMiscFunctionKey(ksym) || IsPFKey(ksym)
+ 					|| IsPrivateKeypadKey(ksym))
+@@ -122,7 +122,7 @@
+ 					--len;
+ 				break;
+ 			default:
+-				if(num && !iscntrl((int) buf[0])) {
++				if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) { 
+ 					memcpy(passwd + len, buf, num);
+ 					len += num;
+ 				}