From de5ef8c4f18dc98a0e2bd646e3dcc1192575cace Mon Sep 17 00:00:00 2001
From: Christophe CURIS <christophe.curis@free.fr>
Date: Sat, 15 Nov 2014 19:40:48 +0100
Subject: [PATCH] wmaker: make parsing on display name less prone to crash in
 SetupEnvironment (Coverity #50096)

When creating the environment variable for the sub-process that wmaker can
create, Coverity pointed that if was possible to crash if the name of the
display did not contain the ':', which is probably ok in most case, but we
can't be sure about what it could contain in special cases.

This patch adds a proper check so, at least, it would not crash if the case
were to arise.

Signed-off-by: Christophe CURIS <christophe.curis@free.fr>
Signed-off-by: Carlos R. Mafra <crmafra@gmail.com>
---
 src/main.c | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/src/main.c b/src/main.c
index 4c8ee9b3..67808039 100644
--- a/src/main.c
+++ b/src/main.c
@@ -246,9 +246,22 @@ void SetupEnvironment(WScreen * scr)
 		int len = strlen(DisplayName) + 64;
 		tmp = wmalloc(len);
 		snprintf(tmp, len, "DISPLAY=%s", XDisplayName(DisplayName));
-		ptr = strchr(strchr(tmp, ':'), '.');
-		if (ptr)
-			*ptr = 0;
+
+		/* Search from the end to be compatible with ipv6 address */
+		ptr = strrchr(tmp, ':');
+		if (ptr == NULL) {
+			static Bool message_already_displayed = False;
+
+			if (!message_already_displayed)
+				wwarning(_("the display name has an unexpected syntax: \"%s\""),
+				         XDisplayName(DisplayName));
+			message_already_displayed = True;
+		} else {
+			/* If found, remove the screen specification from the display variable */
+			ptr = strchr(ptr, '.');
+			if (ptr)
+				*ptr = 0;
+		}
 		snprintf(buf, sizeof(buf), ".%i", scr->screen);
 		strcat(tmp, buf);
 		putenv(tmp);