Security Bugfix
http://www.securityfocus.com/archive/1/345844/2003-11-24/2003-11-30/0

Index: ansi.c
--- ansi.c.orig	2003-09-08 16:24:44.000000000 +0200
+++ ansi.c	2003-11-27 20:08:53.000000000 +0100
@@ -559,7 +559,7 @@
 	    {
 	    case '0': case '1': case '2': case '3': case '4':
 	    case '5': case '6': case '7': case '8': case '9':
-	      if (curr->w_NumArgs < MAXARGS)
+	      if (curr->w_NumArgs >= 0 && curr->w_NumArgs < MAXARGS)
 		{
 		  if (curr->w_args[curr->w_NumArgs] < 100000000)
 		    curr->w_args[curr->w_NumArgs] =
Index: resize.c
--- resize.c.orig	2003-09-08 16:26:31.000000000 +0200
+++ resize.c	2003-11-27 20:09:49.000000000 +0100
@@ -682,6 +682,17 @@
   if (wi == 0)
     he = hi = 0;
 
+  if (wi > 1000)
+    {
+      Msg(0, "Window width too large, truncated");
+      wi = 1000;
+    }
+  if (he > 1000)
+    {
+      Msg(0, "Window height too large, truncated");
+      he = 1000;
+    }
+
   if (p->w_width == wi && p->w_height == he && p->w_histheight == hi)
     {
       debug("ChangeWindowSize: No change.\n");
Index: configure.in
--- configure.in.orig	2003-06-03 13:58:24.000000000 +0200
+++ configure.in	2004-05-27 12:43:38.909016000 +0200
@@ -206,7 +206,7 @@
 
 AC_CHECKING(for Solaris 2.x)
 AC_EGREP_CPP(yes,
-[#if defined(SVR4) && defined(sun)
+[#if defined(__SVR4) && defined(__sun)
   yes
 #endif
 ], LIBS="$LIBS -lsocket -lnsl -lkstat")
@@ -270,7 +270,7 @@
 dnl     multiuser screen sessions
 AC_CHECKING(seteuid)
 AC_TRY_LINK(,[
-#if defined(linux) || defined(NeXT) || defined(_AUX_SOURCE) || defined(AUX) || defined(ultrix) || (defined(sun) && defined(SVR4)) || defined(ISC) || defined(sony_news)
+#if defined(linux) || defined(NeXT) || defined(_AUX_SOURCE) || defined(AUX) || defined(ultrix) || (defined(__sun) && defined(__SVR4)) || defined(ISC) || defined(sony_news)
 seteuid_is_broken(0);
 #else
 seteuid(0);
@@ -815,7 +815,7 @@
 AC_TRY_LINK([
 #include <time.h> /* to get time_t on SCO */
 #include <sys/types.h>
-#if defined(SVR4) && !defined(DGUX)
+#if defined(__SVR4) && !defined(DGUX)
 #include <utmpx.h>
 #define utmp utmpx
 #else
@@ -832,7 +832,7 @@
 AC_TRY_LINK([
 #include <time.h>
 #include <sys/types.h>
-#if defined(SVR4) && !defined(DGUX)
+#if defined(__SVR4) && !defined(DGUX)
 #include <utmpx.h>
 #define utmp utmpx
 #else
@@ -848,7 +848,7 @@
 AC_TRY_COMPILE([
 #include <time.h>
 #include <sys/types.h>
-#if defined(SVR4) && !defined(DGUX)
+#if defined(__SVR4) && !defined(DGUX)
 #include <utmpx.h>
 #define utmp utmpx
 #else
@@ -979,7 +979,7 @@
 #include <sys/types.h>
 #include <sys/param.h>
 ],[
-#if !defined(LOADAV_GETLOADAVG) && ((defined(hp300) && !defined(__hpux)) || defined(sun) || (defined(ultrix) && defined(mips)) || defined(_SEQUENT_) || defined(sgi) || (defined(SVR4) && !defined(__hpux)) || defined(sony_news) || (!defined(__osf__) && defined(__alpha)) || defined(_IBMR2) || defined(_AUX_SOURCE) || defined(AUX) || defined(m88k))
+#if !defined(LOADAV_GETLOADAVG) && ((defined(hp300) && !defined(__hpux)) || defined(__sun) || (defined(ultrix) && defined(mips)) || defined(_SEQUENT_) || defined(sgi) || (defined(__SVR4) && !defined(__hpux)) || defined(sony_news) || (!defined(__osf__) && defined(__alpha)) || defined(_IBMR2) || defined(_AUX_SOURCE) || defined(AUX) || defined(m88k))
 loadtype=long
 # if defined(apollo) || defined(_IBMR2) || defined(_AUX_SOURCE) || defined(AUX)
 loadscale=65536
@@ -992,7 +992,7 @@
 loadtype=int
 loadscale=1024
 #   else
-#    if defined(MIPS) || defined(SVR4) || defined(m88k)
+#    if defined(MIPS) || defined(__SVR4) || defined(m88k)
 loadscale=256
 #    else /* not MIPS */
 loadscale=1000 	/* our default value */
Index: configure
--- configure.orig	2003-12-05 14:46:53.000000000 +0100
+++ configure	2004-05-27 12:45:06.186001000 +0200
@@ -3911,7 +3911,7 @@
 cat confdefs.h >>conftest.$ac_ext
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h.  */
-#if defined(SVR4) && defined(sun)
+#if defined(__SVR4) && defined(__sun)
   yes
 #endif
 
@@ -4042,7 +4042,7 @@
 main ()
 {
 
-#if defined(linux) || defined(NeXT) || defined(_AUX_SOURCE) || defined(AUX) || defined(ultrix) || (defined(sun) && defined(SVR4)) || defined(ISC) || defined(sony_news)
+#if defined(linux) || defined(NeXT) || defined(_AUX_SOURCE) || defined(AUX) || defined(ultrix) || (defined(__sun) && defined(__SVR4)) || defined(ISC) || defined(sony_news)
 seteuid_is_broken(0);
 #else
 seteuid(0);
@@ -5572,7 +5572,7 @@
 
 #include <time.h> /* to get time_t on SCO */
 #include <sys/types.h>
-#if defined(SVR4) && !defined(DGUX)
+#if defined(__SVR4) && !defined(DGUX)
 #include <utmpx.h>
 #define utmp utmpx
 #else
@@ -5624,7 +5624,7 @@
 
 #include <time.h>
 #include <sys/types.h>
-#if defined(SVR4) && !defined(DGUX)
+#if defined(__SVR4) && !defined(DGUX)
 #include <utmpx.h>
 #define utmp utmpx
 #else
@@ -5680,7 +5680,7 @@
 
 #include <time.h>
 #include <sys/types.h>
-#if defined(SVR4) && !defined(DGUX)
+#if defined(__SVR4) && !defined(DGUX)
 #include <utmpx.h>
 #define utmp utmpx
 #else
@@ -6316,7 +6316,7 @@
 
 _CUT_HERE_
 
-#if !defined(LOADAV_GETLOADAVG) && ((defined(hp300) && !defined(__hpux)) || defined(sun) || (defined(ultrix) && defined(mips)) || defined(_SEQUENT_) || defined(sgi) || (defined(SVR4) && !defined(__hpux)) || defined(sony_news) || (!defined(__osf__) && defined(__alpha)) || defined(_IBMR2) || defined(_AUX_SOURCE) || defined(AUX) || defined(m88k))
+#if !defined(LOADAV_GETLOADAVG) && ((defined(hp300) && !defined(__hpux)) || defined(__sun) || (defined(ultrix) && defined(mips)) || defined(_SEQUENT_) || defined(sgi) || (defined(__SVR4) && !defined(__hpux)) || defined(sony_news) || (!defined(__osf__) && defined(__alpha)) || defined(_IBMR2) || defined(_AUX_SOURCE) || defined(AUX) || defined(m88k))
 loadtype=long
 # if defined(apollo) || defined(_IBMR2) || defined(_AUX_SOURCE) || defined(AUX)
 loadscale=65536
@@ -6329,7 +6329,7 @@
 loadtype=int
 loadscale=1024
 #   else
-#    if defined(MIPS) || defined(SVR4) || defined(m88k)
+#    if defined(MIPS) || defined(__SVR4) || defined(m88k)
 loadscale=256
 #    else /* not MIPS */
 loadscale=1000 	/* our default value */
Index: misc.c
--- misc.c.orig	2004-05-27 13:32:29.762001000 +0200
+++ misc.c	2004-05-27 13:39:40.883005000 +0200
@@ -613,7 +613,7 @@
    */
 # endif /* NEEDSETENV */
 #else /* USESETENV */
-# if defined(linux) || defined(__convex__) || (BSD >= 199103)
+# if defined(linux) || defined(__sun) || defined(__convex__) || (BSD >= 199103)
   setenv(var, value, 1);
 # else
   setenv(var, value);
Index: os.h
--- os.h.orig	2002-01-08 16:42:33 +0100
+++ os.h	2005-11-08 11:01:37 +0100
@@ -25,6 +25,7 @@
 #include <stdio.h>
 #include <errno.h>
 
+#include <string.h>
 #include <sys/param.h>
 
 /* In strict ANSI mode, HP-UX machines define __hpux but not hpux */
@@ -161,7 +162,7 @@
 # define setregid(rgid, egid) setresgid(rgid, egid, -1)
 #endif
 
-#if defined(HAVE_SETEUID) || defined(HAVE_SETREUID)
+#if (defined(HAVE_SETEUID) || defined(HAVE_SETREUID)) && __FreeBSD_version < 500000
 # define USE_SETEUID
 #endif