Package: xboard Version: 4.2.7-7.1 Severity: normal Tags: patch Yesterday I was editing a game which I was reading about in a book. After I finished placing all the moves in the game I tried the "save game" option. I wanted to save it to ~/chess/game1.pgn, but I mistakenly typed ~ /chess/game1.pgn (note the space). Xboard didn't take it very well, it segfaulted on me :-(. Very annoying.
Today I decided to take a look at xboard's code. I don't know what this logic is all about, but I think it might make paths with spaces buggy: p = strrchr(buf, ' '); if (p == NULL) { index = 0; } else { *p++ = NULLCHAR; index = atoi(p); } However, I didn't touch it. Who knows what mystery it might hide, right? The patch I written changes another function, ExpandPathName, this one I think I got completely figured out. What I did was to make it expand ~ if the next character is white space. This way we avoid the segmentation fault altogether. It gives the user a nice error. I assume there are not many nice ways to interpret a path like: ~ /chess/game1.pgn Perhaps ~/ /chess/game1.pgn? I'm not sure anyone has their system layout like that. So I think an error -- which my patch accomplishes -- is good enough. I wrote the patch for xboard 4.2.7, hence the version, but it does work in all the versions I've tested (4.4.3 and 4.5~git20100118-1). By the way, the bug applies to all those versions. Finally, I'm not very good with reportbug program, so I might take a few tries before I send the patch (hopefully not). -- System Information: Debian Release: 5.0.5 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-x86_64-linode11 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash
diff -ru xboard-4.2.7.old/xboard.c xboard-4.2.7.new/xboard.c --- xboard-4.2.7.old/xboard.c 2003-11-19 06:42:18.000000000 -0200 +++ xboard-4.2.7.new/xboard.c 2010-09-16 17:07:39.000000000 -0300 @@ -7136,7 +7136,7 @@ } if (*s == '~') { - if (*(s+1) == '/') { + if (*(s+1) == '/' || isspace(*(s+1)) || *(s+1) == '\0') { strcpy(d, getpwuid(getuid())->pw_dir); strcat(d, s+1); }