- powertop-1.7-strncpy.patch: Use strncpy() to avoid stack smash. Patch

from Till Maas. (#246796)

powertop-1.7-strncpy.patch

@@ -0,0 +1,78 @@
+diff -u powertop-1.7.orig/display.c powertop-1.7/display.c
+--- powertop-1.7.orig/display.c	2007-06-18 03:16:33.000000000 +0200
++++ powertop-1.7/display.c	2007-07-05 02:43:51.000000000 +0200
+@@ -44,7 +44,7 @@
+ static WINDOW *status_bar_window;
+ 
+ 
+-char status_bar_slots[10][40];
++char status_bar_slots[STATUS_BAR_NR_SLOTS][STATUS_BAR_SLOTSIZE + 1];
+ 
+ static void cleanup_curses(void) {
+ 	endwin();
+@@ -104,8 +104,8 @@
+ 	suggestion_window = subwin(stdscr, 3, maxx, maxy-4, 0);	
+ 	status_bar_window = subwin(stdscr, 1, maxx, maxy-1, 0);
+ 
+-	strcpy(status_bar_slots[0], _(" Q - Quit "));
+-	strcpy(status_bar_slots[1], _(" R - Refresh "));
++	strncpy(status_bar_slots[0], _(" Q - Quit "), STATUS_BAR_SLOTSIZE);
++	strncpy(status_bar_slots[1], _(" R - Refresh "), STATUS_BAR_SLOTSIZE);
+ 
+ 	werase(stdscr);
+ 	refresh();
+@@ -148,7 +148,7 @@
+ 	werase(status_bar_window);
+ 
+ 	x = 0;
+-	for (i=0; i<10; i++) {
++	for (i=0; i < STATUS_BAR_NR_SLOTS; i++) {
+ 		if (strlen(status_bar_slots[i])==0)
+ 			continue;
+ 		wattron(status_bar_window, A_REVERSE);
+Gemeinsame Unterverzeichnisse: powertop-1.7.orig/po und powertop-1.7/po.
+diff -u powertop-1.7.orig/powertop.h powertop-1.7/powertop.h
+--- powertop-1.7.orig/powertop.h	2007-06-17 08:21:37.000000000 +0200
++++ powertop-1.7/powertop.h	2007-07-05 02:39:53.000000000 +0200
+@@ -64,7 +64,10 @@
+ extern int topcstate;
+ extern int topfreq;  
+ 
+-extern char status_bar_slots[10][40];
++#define STATUS_BAR_NR_SLOTS 10
++#define STATUS_BAR_SLOTSIZE 40 
++char status_bar_slots[STATUS_BAR_NR_SLOTS][STATUS_BAR_SLOTSIZE + 1];
++
+ extern char suggestion_key;
+ extern suggestion_func *suggestion_activate; 
+ 
+diff -u powertop-1.7.orig/suggestions.c powertop-1.7/suggestions.c
+--- powertop-1.7.orig/suggestions.c	2007-06-08 07:33:13.000000000 +0200
++++ powertop-1.7/suggestions.c	2007-07-05 02:42:59.000000000 +0200
+@@ -70,7 +70,7 @@
+ 		ptr = next;
+ 	}
+ 	suggestions = NULL;
+-	strcpy(status_bar_slots[9],"");
++	strncpy(status_bar_slots[9], "", STATUS_BAR_SLOTSIZE);
+ 	suggestion_key = 255;
+ 	suggestion_activate = NULL;
+ 	total_weight = 0;
+@@ -103,7 +103,7 @@
+ 	int value, running = 0;
+ 	struct suggestion *ptr;
+ 
+-	strcpy(status_bar_slots[9],"");
++	strncpy(status_bar_slots[9], "", STATUS_BAR_SLOTSIZE);
+ 	suggestion_key = 255;
+ 	suggestion_activate = NULL;
+ 
+@@ -119,7 +119,7 @@
+ 		running += ptr->weight;
+ 		if (running > value) {
+ 			if (ptr->keystring)
+-				strcpy(status_bar_slots[9],ptr->keystring);
++	                        strncpy(status_bar_slots[9], ptr->keystring, STATUS_BAR_SLOTSIZE);
+ 			suggestion_key = ptr->key;
+ 			suggestion_activate = ptr->func;
+ 			show_suggestion(ptr->string);

powertop.spec

@@ -1,6 +1,6 @@
 Name:           powertop
 Version:        1.7
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Power consumption monitor
 
 Group:          Applications/System
@@ -13,6 +13,7 @@ BuildRequires: gettext
 BuildRequires: ncurses-devel
 
 Patch0: powertop-1.7-less-gpm-slander-plz.patch
+Patch1: powertop-1.7-strncpy.patch
 
 %description
 PowerTOP is a tool that finds the software component(s) that make your
@@ -21,6 +22,7 @@ computer use more power than necessary while it is idle.
 %prep
 %setup -q
 %patch0 -p1 -b .g-p-m
+%patch1 -p1 -b .strncpy
 
 %build
 export CFLAGS="$RPM_OPT_FLAGS"
@@ -41,6 +43,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man1/powertop.1*
 
 %changelog
+* Mon Jul 09 2007 Adam Jackson <ajax@redhat.com> 1.7-3
+- powertop-1.7-strncpy.patch: Use strncpy() to avoid stack smash. Patch from
+  Till Maas. (#246796)
+
 * Thu Jul 05 2007 Adam Jackson <ajax@redhat.com> 1.7-2
 - Don't suggest disabling g-p-m.  Any additional power consumption is more
   than offset by the ability to suspend.