>Number:         19160
>Category:       bin
>Synopsis:       wsmoused crashes when selecting empty lines
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Nov 25 03:30:00 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Julio Merino
>Release:        NetBSD 1.6K
>Organization:
>Environment:
	
	
System: NetBSD darkstar.local 1.6K NetBSD 1.6K (DARKSTAR) #133: Sun Nov 17 21:31:10 CET 2002 sysbuild@darkstar.local:/var/sysbuild/kernel/DARKSTAR i386
Architecture: i386
Machine: i386
>Description:
	If you select an empty line using the wsmoused daemon, the program
	will enter an infinite loop, throwing error messages like this:

	sys_ioctl: _IOWR('W', 85, 16) returned -1: pid=9998 comm=wsmoused

	There is a function which checks line length, but it currently only
	checks for non space characters. Therefore, when it reaches the left
	margin of the screen, it keeps calling the kernel to read the
	character at nonexisting positions.
>How-To-Repeat:
	Start wsmoused, select an empty line.
>Fix:
	This solves the problem:

Index: selection.c
===================================================================
RCS file: /cvsroot/basesrc/usr.sbin/wsmoused/selection.c,v
retrieving revision 1.2
diff -u -u -r1.2 selection.c
--- selection.c	2002/07/04 20:50:29	1.2
+++ selection.c	2002/11/25 11:25:19
@@ -116,7 +116,7 @@
 		if (ioctl(m->tty_fd, WSDISPLAYIO_GETWSCHAR, &ch) == -1)
 			warn("ioctl(WSDISPLAYIO_GETWSCHAR) failed");
 		ch.col--;
-	} while (isspace((unsigned char)ch.letter));
+	} while (isspace((unsigned char)ch.letter) && ch.col >= 0);
 	return ch.col + 2;
 }
 
>Release-Note:
>Audit-Trail:
>Unformatted: