Subject: trackballs: crashes when $USER contains "%n%n%n%n%n%n"
Package: trackballs
Version: 1.0.0-7
Severity: normal
Tags: patch
Hello,
trackballs crashes when the USER environment variable contains strings like
"%n%n%n%n%n%n". It is caused by a bad snprintf() call. I have attached a patch.
[EMAIL PROTECTED]:~$ USER='%n%n%n%n%n%n' /usr/games/trackballs -w
Welcome to Trackballs.
Using /usr/share/games/trackballs as gamedata dir
Warning: Rescaling images before loading them as textures.
Attempting to open mixer...failed
Couldn't open audio: Couldn't open
/usr/share/games/trackballs/icons/trackballs-32x32.png
Try shutting down artsd/esd or run trackballs through artsdsp/esddsp
Fatal signal: Segmentation Fault (SDL Parachute Deployed)
[EMAIL PROTECTED]:~$
// Ulf H�rnhammar
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages trackballs depends on:
ii guile-1.6-lib 1.6.7-1 Main Guile libraries
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libgcc1 1:3.4.3-6 GCC support library
ii libguile-ltdl 1.6.7-1 Guile's patched version of libtool
ii libqthreads-1 1.6.7-1 QuickThreads library for Guile
ii libsdl-image1 1.2.3-6 image loading library for Simple D
ii libsdl-mixer1 1.2.6-1 mixer library for Simple DirectMed
ii libsdl-ttf2.0 2.0.6-5 ttf library for Simple DirectMedia
ii libsdl1.2debi 1.2.7+1.2.8cvs20041007-4.1 Simple DirectMedia Layer
ii libstdc++5 1:3.3.5-8 The GNU Standard C++ Library v3
ii trackballs-da 1.0.0-7 Data files for trackballs
ii xlibmesa-gl [ 4.3.0.dfsg.1-10 Mesa 3D graphics library [XFree86]
ii xlibmesa-glu 4.3.0.dfsg.1-10 Mesa OpenGL utility library [XFree
ii zlib1g 1:1.2.2-3 compression library - runtime
-- no debconf information
--- src/gamer.cc.old 2003-03-12 22:29:15.000000000 +0100
+++ src/gamer.cc 2005-03-02 02:11:10.000000000 +0100
@@ -31,7 +31,7 @@ using namespace std;
Gamer::Gamer() {
sprintf(name,"John Doe");
- if(NULL != getenv("USER")) snprintf(name,20,getenv("USER"));
+ if(NULL != getenv("USER")) snprintf(name,20,"%s",getenv("USER"));
for(int i=0;i<Settings::settings->nLevelSets;i++)
levels[i] = new KnownLevel[256];
