Backport fix for CVE-2011-1709 from the 2.32.2 release.

As I understand it this only happens with GLib 2.28. git-svn-id: svn://creme-brulee.marcuscom.com/ports/trunk@16019 df743ca5-7f9a-e211-a948-0013205c9059
author: kwm <kwm@df743ca5-7f9a-e211-a948-0013205c9059> 2011-06-02 19:58:25 +0800
committer: kwm <kwm@df743ca5-7f9a-e211-a948-0013205c9059> 2011-06-02 19:58:25 +0800
commit: e8bf40e496dbf74e2ee91a95bf04886ad32a23f4 (patch)
tree: 26558e38dafffdf2318eb68bd26e54a98fb1d67a /x11/gdm/files/patch-gui_simple-greeter_gdm-user.c
parent: 6c90da75235f2adc2c2cf2c590fb85459cdde03a (diff)
download: marcuscom-ports-e8bf40e496dbf74e2ee91a95bf04886ad32a23f4.tar.gz
marcuscom-ports-e8bf40e496dbf74e2ee91a95bf04886ad32a23f4.tar.zst
marcuscom-ports-e8bf40e496dbf74e2ee91a95bf04886ad32a23f4.zip
1 files changed, 34 insertions, 0 deletions
diff --git a/x11/gdm/files/patch-gui_simple-greeter_gdm-user.c b/x11/gdm/files/patch-gui_simple-greeter_gdm-user.c
new file mode 100644
index 000000000..e5fb649c6
--- /dev/null
+++ b/x11/gdm/files/patch-gui_simple-greeter_gdm-user.c
@@ -0,0 +1,34 @@
+--- gui/simple-greeter/gdm-user.c.orig	2009-12-16 17:52:36.000000000 -0500
++++ gui/simple-greeter/gdm-user.c	2009-12-18 21:43:38.000000000 -0500
+@@ -425,6 +425,7 @@ _gdm_user_update (GdmUser             *u
+         /* Display Name */
+         if (pwent->pw_gecos && pwent->pw_gecos[0] != '\0') {
+                 gchar *first_comma = NULL;
++                gchar *ampersand;
+                 gchar *valid_utf8_name = NULL;
+ 
+                 if (g_utf8_validate (pwent->pw_gecos, -1, NULL)) {
+@@ -449,6 +450,23 @@ _gdm_user_update (GdmUser             *u
+                         g_free (real_name);
+                         real_name = NULL;
+                 }
++
++                while (real_name != NULL && (ampersand = strchr (real_name, '&')) != NULL) {
++                        gchar *temp_real_name1;
++                        gchar *temp_real_name2;
++                        gchar *temp_name;
++
++                        temp_real_name1 = g_strndup (real_name,
++                                        (ampersand - real_name));
++                        temp_real_name2 = g_strdup (ampersand + 1);
++                        temp_name = g_strdup (pwent->pw_name);
++                        temp_name[0] = toupper (temp_name[0]);
++                        g_free (real_name);
++                        real_name = g_strdup_printf ("%s%s%s", temp_real_name1, temp_name, temp_real_name2);
++                        g_free (temp_real_name1);
++                        g_free (temp_real_name2);
++                        g_free (temp_name);
++                }
+         } else {
+                 real_name = NULL;
+         }
author	kwm <kwm@df743ca5-7f9a-e211-a948-0013205c9059>	2011-06-02 19:58:25 +0800
committer	kwm <kwm@df743ca5-7f9a-e211-a948-0013205c9059>	2011-06-02 19:58:25 +0800
commit	e8bf40e496dbf74e2ee91a95bf04886ad32a23f4 (patch)
tree	26558e38dafffdf2318eb68bd26e54a98fb1d67a /x11/gdm/files/patch-gui_simple-greeter_gdm-user.c
parent	6c90da75235f2adc2c2cf2c590fb85459cdde03a (diff)
download	marcuscom-ports-e8bf40e496dbf74e2ee91a95bf04886ad32a23f4.tar.gz marcuscom-ports-e8bf40e496dbf74e2ee91a95bf04886ad32a23f4.tar.zst marcuscom-ports-e8bf40e496dbf74e2ee91a95bf04886ad32a23f4.zip