Re: xpdf segs fault

On Sun, Oct 30, 2022 at 11:04:20PM +0100, Theo Buehler wrote:
> On Sun, Oct 30, 2022 at 09:00:53PM +0100, Walter Alejandro Iglesias wrote:
> > Hello,
> >
> > I suppose I have to report this bug here.
> >
> > As far as I was aware Xpdf search dialog didn't support non ascii
> > characters (as it also the case with mupdf). Lately I been using the
> > xpopple version under debian, and I realized it now lets you do utf8
> > searches.
> >
> > Happy with this xpdf improvement I tried to do the same under openbsd (I
> > assume openbsd xpdf port is not the xpopple version, right?), it let me
> > type some utf8 characters (spanish keyboard) in its search dialog but
> > when I type characters with tilde Xpdf segs fault.
>
> It's a pretty bad out-of-bounds access in motif. The diff below makes
> things work for me. Searching for spanish words with accents in xpdf
> works for me with this diff.

Forgot one last tweak (<= vs <). This is better:

Index: Makefile
===================================================================
RCS file: /cvs/ports/x11/motif/Makefile,v
retrieving revision 1.8
diff -u -p -r1.8 Makefile
--- Makefile 11 Mar 2022 20:16:47 -0000 1.8
+++ Makefile 30 Oct 2022 22:00:43 -0000
@@ -1,6 +1,7 @@
COMMENT= Motif toolkit

DISTNAME= motif-2.3.8
+REVISION= 0

SHARED_LIBS += Xm 6.1 # 4.4
SHARED_LIBS += Mrm 4.1 # 4.4
Index: patches/patch-lib_Xm_VirtKeys_c
===================================================================
RCS file: patches/patch-lib_Xm_VirtKeys_c
diff -N patches/patch-lib_Xm_VirtKeys_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-lib_Xm_VirtKeys_c 30 Oct 2022 22:05:54 -0000
@@ -0,0 +1,24 @@
+Check bounds before accessing the keycaps table.
+
+Index: lib/Xm/VirtKeys.c
+--- lib/Xm/VirtKeys.c.orig
++++ lib/Xm/VirtKeys.c
+@@ -558,10 +558,16 @@ FindVirtKey(Display *dpy,
+ XmDisplay xmDisplay = (XmDisplay) XmGetXmDisplay( dpy);
+ XmVKeyBinding keyBindings = xmDisplay->display.bindings;
+ KeyCode min_kcode;
+- int ks_per_kc;
++ int min_kc, max_kc, ks_per_kc;
+ KeySym *ks_table = XtGetKeysymTable( dpy, &min_kcode, &ks_per_kc);
+ KeySym *kc_map = &ks_table[(keycode - min_kcode) * ks_per_kc];
+- Modifiers EffectiveSMMask = EffectiveStdModMask( dpy, kc_map, ks_per_kc);
++ Modifiers EffectiveSMMask;
++
++ XDisplayKeycodes(dpy, &min_kc, &max_kc);
++ if (keycode < min_kcode || (keycode - min_kcode) * ks_per_kc >= max_kc)
++ return;
++
++ EffectiveSMMask = EffectiveStdModMask( dpy, kc_map, ks_per_kc);
+
+ /* Get the modifiers from the actual event */
+ Modifiers VirtualStdMods = 0;