$NetBSD: patch-ab,v 1.4 2008/04/03 22:36:52 tonnerre Exp $

Fix default display vulnerability (CVE-2008-1142).

--- src/init.C.orig	2007-08-01 19:35:02.000000000 +0200
+++ src/init.C
@@ -299,11 +299,13 @@ rxvt_term::init_resources (int argc, con
    * Open display, get options/resources and create the window
    */
 
-  if ((rs[Rs_display_name] = getenv ("DISPLAY")) == NULL)
-    rs[Rs_display_name] = ":0";
+  rs[Rs_display_name] = getenv ("DISPLAY");
 
   get_options (r_argc, r_argv);
 
+  if (!rs[Rs_display_name])
+    rxvt_fatal ("no display given and DISPLAY not set, aborting.\n");
+
   if (!(display = displays.get (rs[Rs_display_name])))
     rxvt_fatal ("can't open display %s, aborting.\n", rs[Rs_display_name]);
 
