From bf98199cf1bea244378538d60838f81cb3a34b49 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Wed, 2 May 2012 18:12:13 +0800
Subject: [PATCH 1/4] Add NUL-termination to some uses of strncpy.

* lib-src/pop.c (pop_stat, pop_list, pop_multi_first, pop_last):
NUL-terminate the error buffer.

* src/w32font.c (fill_in_logfont): NUL-terminate a string (Bug#11372).
---
 lib-src/ChangeLog | 5 +++++
 lib-src/pop.c     | 8 +++++++-
 src/ChangeLog     | 4 ++++
 src/w32font.c     | 7 +++++--
 4 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/lib-src/ChangeLog b/lib-src/ChangeLog
index e58b291ec89..8e07193ae0c 100644
--- a/lib-src/ChangeLog
+++ b/lib-src/ChangeLog
@@ -1,3 +1,8 @@
+2012-05-02  Jim Meyering  <meyering@redhat.com>
+
+	* lib-src/pop.c (pop_stat, pop_list, pop_multi_first, pop_last):
+	NUL-terminate the error buffer (Bug#11372).
+
 2012-04-15  Chong Yidong  <cyd@gnu.org>
 
 	* emacsclient.c (decode_options): Move -t -n corner case handling
diff --git a/lib-src/pop.c b/lib-src/pop.c
index 37494d17a44..c4c7f2b4e2f 100644
--- a/lib-src/pop.c
+++ b/lib-src/pop.c
@@ -346,6 +346,7 @@ pop_stat (popserver server, int *count, int *size)
       if (0 == strncmp (fromserver, "-ERR", 4))
 	{
 	  strncpy (pop_error, fromserver, ERROR_MAX);
+	  pop_error[ERROR_MAX-1] = '\0';
 	}
       else
 	{
@@ -447,7 +448,10 @@ pop_list (popserver server, int message, int **IDs, int **sizes)
       if (strncmp (fromserver, "+OK ", 4))
 	{
 	  if (! strncmp (fromserver, "-ERR", 4))
-	    strncpy (pop_error, fromserver, ERROR_MAX);
+	    {
+	      strncpy (pop_error, fromserver, ERROR_MAX);
+	      pop_error[ERROR_MAX-1] = '\0';
+	    }
 	  else
 	    {
 	      strcpy (pop_error,
@@ -687,6 +691,7 @@ pop_multi_first (popserver server, const char *command, char **response)
   if (0 == strncmp (*response, "-ERR", 4))
     {
       strncpy (pop_error, *response, ERROR_MAX);
+      pop_error[ERROR_MAX-1] = '\0';
       return (-1);
     }
   else if (0 == strncmp (*response, "+OK", 3))
@@ -860,6 +865,7 @@ pop_last (popserver server)
   if (! strncmp (fromserver, "-ERR", 4))
     {
       strncpy (pop_error, fromserver, ERROR_MAX);
+      pop_error[ERROR_MAX-1] = '\0';
       return (-1);
     }
   else if (strncmp (fromserver, "+OK ", 4))
diff --git a/src/ChangeLog b/src/ChangeLog
index e2eb95f60d0..8aa1707cd30 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,7 @@
+2012-05-02  Jim Meyering  <meyering@redhat.com>
+
+	* w32font.c (fill_in_logfont): NUL-terminate a string (Bug#11372).
+
 2012-04-29  Eli Zaretskii  <eliz@gnu.org>
 
 	* xdisp.c (pos_visible_p): If already at a newline from the
diff --git a/src/w32font.c b/src/w32font.c
index dab9f4c61b4..8badace9635 100644
--- a/src/w32font.c
+++ b/src/w32font.c
@@ -2045,8 +2045,11 @@ fill_in_logfont (FRAME_PTR f, LOGFONT *logfont, Lisp_Object font_spec)
         /* Font families are interned, but allow for strings also in case of
            user input.  */
       else if (SYMBOLP (tmp))
-        strncpy (logfont->lfFaceName,
-		 SDATA (ENCODE_SYSTEM (SYMBOL_NAME (tmp))), LF_FACESIZE);
+	{
+	  strncpy (logfont->lfFaceName,
+		   SDATA (ENCODE_SYSTEM (SYMBOL_NAME (tmp))), LF_FACESIZE);
+	  logfont->lfFaceName[LF_FACESIZE-1] = '\0';
+	}
     }
 
   tmp = AREF (font_spec, FONT_ADSTYLE_INDEX);

From c635b6d5458afe1e86f044a407a0331ee75dc816 Mon Sep 17 00:00:00 2001
From: Glenn Morris <rgm@gnu.org>
Date: Wed, 2 May 2012 07:17:25 -0400
Subject: [PATCH 2/4] Auto-commit of generated files.

---
 autogen/configure | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/autogen/configure b/autogen/configure
index c6b78090d21..7c954129fca 100755
--- a/autogen/configure
+++ b/autogen/configure
@@ -14415,9 +14415,8 @@ $as_echo "$emacs_cv_freebsd_terminfo" >&6; }
     ;;
 
   netbsd)
-    if test $ac_cv_search_tputs = -lterminfo; then
+    if  "x$LIBS_TERMCAP" = "x-lterminfo" ; then
       TERMINFO=yes
-      LIBS_TERMCAP="-lterminfo"
     else
       LIBS_TERMCAP="-ltermcap"
     fi

From 687d464f5c60cfe135436dab3dc29620ea8d1f95 Mon Sep 17 00:00:00 2001
From: Chong Yidong <cyd@gnu.org>
Date: Wed, 2 May 2012 21:06:08 +0800
Subject: [PATCH 3/4] Backport Bug#11374 fix from trunk

---
 lib-src/ChangeLog     |  5 ++++-
 lib-src/emacsclient.c | 40 ++++++++++++++++++++++------------------
 2 files changed, 26 insertions(+), 19 deletions(-)

diff --git a/lib-src/ChangeLog b/lib-src/ChangeLog
index 8e07193ae0c..90fd722141b 100644
--- a/lib-src/ChangeLog
+++ b/lib-src/ChangeLog
@@ -1,4 +1,7 @@
-2012-05-02  Jim Meyering  <meyering@redhat.com>
+2012-05-02  Jim Meyering  <jim@meyering.net>
+
+	* emacsclient.c (send_to_emacs): Avoid invalid strcpy upon partial
+	send (Bug#11374).
 
 	* lib-src/pop.c (pop_stat, pop_list, pop_multi_first, pop_last):
 	NUL-terminate the error buffer (Bug#11372).
diff --git a/lib-src/emacsclient.c b/lib-src/emacsclient.c
index 48b4384d487..931f6d10c5c 100644
--- a/lib-src/emacsclient.c
+++ b/lib-src/emacsclient.c
@@ -119,6 +119,8 @@ char *(getcwd) (char *, size_t);
 # define IF_LINT(Code) /* empty */
 #endif
 
+#define min(x, y) (((x) < (y)) ? (x) : (y))
+
 
 /* Name used to invoke this program.  */
 const char *progname;
@@ -783,33 +785,35 @@ sock_err_message (const char *function_name)
 static void
 send_to_emacs (HSOCKET s, const char *data)
 {
-  while (data)
+  size_t dlen;
+
+  if (!data)
+    return;
+
+  dlen = strlen (data);
+  while (*data)
     {
-      size_t dlen = strlen (data);
-      if (dlen + sblen >= SEND_BUFFER_SIZE)
-	{
-	  int part = SEND_BUFFER_SIZE - sblen;
-	  strncpy (&send_buffer[sblen], data, part);
-	  data += part;
-	  sblen = SEND_BUFFER_SIZE;
-	}
-      else if (dlen)
-	{
-	  strcpy (&send_buffer[sblen], data);
-	  data = NULL;
-	  sblen += dlen;
-	}
-      else
-	break;
+      size_t part = min (dlen, SEND_BUFFER_SIZE - sblen);
+      memcpy (&send_buffer[sblen], data, part);
+      data += part;
+      sblen += part;
 
       if (sblen == SEND_BUFFER_SIZE
 	  || (sblen > 0 && send_buffer[sblen-1] == '\n'))
 	{
 	  int sent = send (s, send_buffer, sblen, 0);
+	  if (sent < 0)
+	    {
+	      message (TRUE, "%s: failed to send %d bytes to socket: %s\n",
+		       progname, sblen, strerror (errno));
+	      fail ();
+	    }
 	  if (sent != sblen)
-	    strcpy (send_buffer, &send_buffer[sent]);
+	    memmove (send_buffer, &send_buffer[sent], sblen - sent);
 	  sblen -= sent;
 	}
+
+      dlen -= part;
     }
 }
 

From be4e7c155b6922dd6105f4be57164210c3441f37 Mon Sep 17 00:00:00 2001
From: Chong Yidong <cyd@gnu.org>
Date: Wed, 2 May 2012 21:06:50 +0800
Subject: [PATCH 4/4] Backport 2012-05-02T11:33:49Z!lekktu@gmail.com from trunk

---
 lib-src/ChangeLog     | 4 ++++
 lib-src/emacsclient.c | 3 +++
 2 files changed, 7 insertions(+)

diff --git a/lib-src/ChangeLog b/lib-src/ChangeLog
index 90fd722141b..3a1212c5031 100644
--- a/lib-src/ChangeLog
+++ b/lib-src/ChangeLog
@@ -1,3 +1,7 @@
+2012-05-02  Juanma Barranquero  <lekktu@gmail.com>
+
+	* emacsclient.c (min): Undef before redefining it.
+
 2012-05-02  Jim Meyering  <jim@meyering.net>
 
 	* emacsclient.c (send_to_emacs): Avoid invalid strcpy upon partial
diff --git a/lib-src/emacsclient.c b/lib-src/emacsclient.c
index 931f6d10c5c..c2b0a80c670 100644
--- a/lib-src/emacsclient.c
+++ b/lib-src/emacsclient.c
@@ -119,6 +119,9 @@ char *(getcwd) (char *, size_t);
 # define IF_LINT(Code) /* empty */
 #endif
 
+#ifdef min
+#undef min
+#endif
 #define min(x, y) (((x) < (y)) ? (x) : (y))