From 466191d66923323da159eb2aad78d2c2a9f7f879 Mon Sep 17 00:00:00 2001
From: Frederic Koehler <f.koehler427@gmail.com>
Date: Thu, 16 Aug 2012 21:04:56 -0400
Subject: [PATCH] dtcreate: Fix major buffer overflow

This code always buffer overflowed, because exactly 2 bytes
less than were used were allocated. This led to dtcreate
crashing when hitting "Find Set..."
---
 cde/programs/dtcreate/cmncbs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cde/programs/dtcreate/cmncbs.c b/cde/programs/dtcreate/cmncbs.c
index dc356a71..05a8b11c 100644
--- a/cde/programs/dtcreate/cmncbs.c
+++ b/cde/programs/dtcreate/cmncbs.c
@@ -106,7 +106,7 @@ void activateCB_open_FindSet (Widget find_set_button, XtPointer cdata,
 
   pre = GETMESSAGE(3, 10, "Create Action");
   suf = GETMESSAGE(6, 18, "Find Set");
-  dialog_title = XtMalloc(strlen(pre) + strlen(suf) + 2);
+  dialog_title = XtMalloc(strlen(pre) + strlen(suf) + 4);
   sprintf(dialog_title, "%s - %s", pre, suf);
 
 #ifdef DEBUG
-- 
2.25.1