XFree86: xdm xdmcp code in wdm also

[brusso () PHYS HAWAII EDU (Brian Russo)]

wdm (wings display manager) - http://www.tcscs.com/wdm/, is basically xdm with WINGs handling the graphical elements.

The bulk of the core code is directly pulled from xdm, indeed the tarball of version 1.20 I pulled from the above URL, 
included xdm-3.3.2 code in a tarball - although the above URL mentioned :

" wdm-1.20 -- Feb 29, 2000
...
corrected by replacing some xdm-3.3.2 code with xdm-3.3.6. I think all the xdm stuff definitely should be udpated [sic] 
to the latest version. "

The included ChangeLog gives a bit more detail on this.

regardless, in ./wdm-1.20/xdm/xdmcp.c we find the same code:

   static char buf[256];
    XdmcpHeader header;
    ARRAY8      status;

    sprintf (buf, "Session %d failed for display %s: %s",
             sessionID, name, reason);
    Debug ("Send failed %d %s\n", sessionID, buf);

due to this direct importation of xdm code, it stands to reason that _any_ bug in xdm core code, will probably directly 
affect wdm in the same way.

Additionally, as it seems WDM releases are not regularly updated with xdm code, wdm may even be worse-off than a 
up-to-date version of xdm.

I do not fully understand this vulnerability really, but I thought you should be aware of this, send 
flames/comments/corrections/et al.

thanks

 - brian

> Just a minor one this. Discovered during a 5 minute pass of "xdm". I
> subsequently discovered "kdm" has copied the xdm core xdmcp code.
>
> xdmcp.c, send_failed()
>
> [...]
> static char buf[256];
> [...]
>     sprintf (buf, "Session %d failed for display %s: %s",
>              (int)sessionID, name, reason);
> Cheers
> Chris

--
+---------------------------------------------------------------+
| Brian Russo: Professional Slacker  <brusso () phys hawaii edu>
| University of Hawai'i at Manoa, Physics Dept.
+------------------------+