less/cve-2022-46663.patch

From a78e1351113cef564d790a730d657a321624d79c Mon Sep 17 00:00:00 2001
From: Mark Nudelman <markn@greenwoodsoftware.com>
Date: Fri, 7 Oct 2022 19:25:46 -0700
Subject: [PATCH] End OSC8 hyperlink on invalid embedded escape sequence.

---
 line.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Index: less-608/line.c
===================================================================
--- less-608.orig/line.c	2022-07-22 19:26:24.000000000 +0000
+++ less-608/line.c	2023-02-07 15:08:11.503178583 +0000
@@ -633,8 +633,8 @@ ansi_step(pansi, ch)
 		/* Hyperlink ends with \7 or ESC-backslash. */
 		if (ch == '\7')
 			return ANSI_END;
-		if (pansi->prev_esc && ch == '\\')
-			return ANSI_END;
+		if (pansi->prev_esc)
+            return (ch == '\\') ? ANSI_END : ANSI_ERR;
 		pansi->prev_esc = (ch == ESC);
 		return ANSI_MID;
 	}
Accepting request 1063645 from home:psimons:branches:Base:System Fix CVE-2022-46663. OBS-URL: https://build.opensuse.org/request/show/1063645 OBS-URL: https://build.opensuse.org/package/show/Base:System/less?expand=0&rev=92 2023-02-08 13:53:32 +00:00			`From a78e1351113cef564d790a730d657a321624d79c Mon Sep 17 00:00:00 2001`
			`From: Mark Nudelman <markn@greenwoodsoftware.com>`
			`Date: Fri, 7 Oct 2022 19:25:46 -0700`
			`Subject: [PATCH] End OSC8 hyperlink on invalid embedded escape sequence.`

			`---`
			`line.c \| 4 ++--`
			`1 file changed, 2 insertions(+), 2 deletions(-)`

			`Index: less-608/line.c`
			`===================================================================`
			`--- less-608.orig/line.c 2022-07-22 19:26:24.000000000 +0000`
			`+++ less-608/line.c 2023-02-07 15:08:11.503178583 +0000`
			`@@ -633,8 +633,8 @@ ansi_step(pansi, ch)`
			`/* Hyperlink ends with \7 or ESC-backslash. */`
			`if (ch == '\7')`
			`return ANSI_END;`
			`- if (pansi->prev_esc && ch == '\\')`
			`- return ANSI_END;`
			`+ if (pansi->prev_esc)`
			`+ return (ch == '\\') ? ANSI_END : ANSI_ERR;`
			`pansi->prev_esc = (ch == ESC);`
			`return ANSI_MID;`
			`}`