pool/st
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity
Files
factory
st/compose-buffer-overflow.patch
Dan Čermák c6e8b0f057 Accepting request 1058820 from home:dirkmueller:Factory 
- update to 0.9:
  * avoid potential UB when using isprint()
  * make underlines and strikethroughs respect `chscale`
  * Delay redrawals on palette changes
  * 10/SGR mouse: use alt as meta key instead of super/windows key
  * Fix mousereport
  * Fix overtyping wide characters.
  * Fix null pointer access in strhandle
  * Add support for OSC color sequences
  * Fix possible rare crash when Xutf8TextPropertyToTextList fails
  * fix a problem that the standard streams are unexpectedly closed
  * Add 14th bit to XK_SWITCH_MOD bitmask
  * fix: correctly encode mouse buttons >= 8 in X10 and SGR mode
  * ST: Add WM_ICON_NAME property support
- add compose-buffer-overflow.patch

OBS-URL: https://build.opensuse.org/request/show/1058820
OBS-URL: https://build.opensuse.org/package/show/X11:terminals/st?expand=0&rev=9
2023-01-17 12:59:29 +00:00

46 lines
1.2 KiB
Diff
Raw Permalink Blame History

fix buffer overflow when handling long composed input
To reproduce the issue:
"
If you already have the multi-key enabled on your system, then add this line
to your ~/.XCompose file:
[...]
<question> <T> <E> <S> <T> <question> :
"1234567890123456789012345678901234567890123456789012345678901234567890"
"
Reported by and an initial patch by Andy Gozas <andy@gozas.me>, thanks!
Adapted the patch, for now st (like dmenu) handles a fixed amount of composed
characters, or otherwise ignores it. This is done for simplicity sake.
--- a/x.c
+++ b/x.c
@@ -1833,7 +1833,7 @@ void
kpress(XEvent *ev)
{
XKeyEvent *e = &ev->xkey;
- KeySym ksym;
+ KeySym ksym = NoSymbol;
char buf[64], *customkey;
int len;
Rune c;
@@ -1843,10 +1843,13 @@ kpress(XEvent *ev)
if (IS_SET(MODE_KBDLOCK))
return;
- if (xw.ime.xic)
+ if (xw.ime.xic) {
len = XmbLookupString(xw.ime.xic, e, buf, sizeof buf, &ksym, &status);
- else
+ if (status == XBufferOverflow)
+ return;
+ } else {
len = XLookupString(e, buf, sizeof buf, &ksym, NULL);
+ }
/* 1. shortcuts */
for (bp = shortcuts; bp < shortcuts + LEN(shortcuts); bp++) {
if (ksym == bp->keysym && match(bp->mod, e->state)) {
Reference in New Issue View Git Blame Copy Permalink