Bug#929294: xye: Garbage characters are displayed instead of hints

[Ben Longbons]

Package: xye
Version: 0.12.2+dfsg-8
Severity: normal

Dear Maintainer,

In xye.cpp, the following function:

    const char* hint::GetActiveText()
    {
        string res;
        if (active==(hint*)(1))
            res = globaltext;
        else if (active) 
            res=active->text;

        return res.c_str();
    }

returns an invalidated pointer when compiled under the GCC 5 "new ABI".
This was safe on the old ABI, since it used CoW instead of SSO and the
strings the local was copied from are still alive.

Changing the return type to `string` is one fix, or you could
change both branches to `return existing_string.c_str();` directly.

Looking at the rest of the code, there are a lot of cases where a
borrowed pointer from a global or member is returned, both of which are
safe cases.

- Ben


-- System Information:
Debian Release: 10.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-5-amd64 (SMP w/12 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages xye depends on:
ii  libc6            2.28-10
ii  libgcc1          1:8.3.0-6
ii  libsdl-image1.2  1.2.12-10
ii  libsdl-ttf2.0-0  2.0.11-6
ii  libsdl1.2debian  1.2.15+dfsg2-4
ii  libstdc++6       8.3.0-6
ii  xye-data         0.12.2+dfsg-8

xye recommends no packages.

xye suggests no packages.

-- no debconf information