[xsrc-public/netbsd-9]: xsrc-public/external/mit/xterm/dist Pull up following...

To: source-changes-hg%NetBSD.org@localhost
Subject: [xsrc-public/netbsd-9]: xsrc-public/external/mit/xterm/dist Pull up following...
From: martin <martin%NetBSD.org@localhost>
Date: Thu, 03 Feb 2022 14:41:38 +0000

details:   https://anonhg.NetBSD.org/xsrc-public/rev/649d2a1f52a5
branches:  netbsd-9
changeset: 6951:649d2a1f52a5
user:      martin <martin%NetBSD.org@localhost>
date:      Thu Feb 03 14:19:04 2022 +0000

description:
Pull up following revision(s) (requested by mrg in ticket #1425):

        xsrc/external/mit/xterm/dist/graphics_sixel.c: revision 1.2 (patch)

apply upstream fix for CVE-2022-24130.

diffstat:

 external/mit/xterm/dist/graphics_sixel.c |  29 +++++++++++++++++++++--------
 1 files changed, 21 insertions(+), 8 deletions(-)

diffs (76 lines):

diff -r 24f43736a975 -r 649d2a1f52a5 external/mit/xterm/dist/graphics_sixel.c
--- a/external/mit/xterm/dist/graphics_sixel.c  Mon Oct 04 15:42:40 2021 +0000
+++ b/external/mit/xterm/dist/graphics_sixel.c  Thu Feb 03 14:19:04 2022 +0000
@@ -1,8 +1,8 @@
 /* $XTermId: graphics_sixel.c,v 1.28 2020/08/06 20:32:33 Ben.Wong Exp $ */
 
 /*
- * Copyright 2014-2016,2020 by Ross Combs
- * Copyright 2014-2016,2020 by Thomas E. Dickey
+ * Copyright 2014-2021,2022 by Ross Combs
+ * Copyright 2014-2021,2022 by Thomas E. Dickey
  *
  *                         All Rights Reserved
  *
@@ -149,7 +149,7 @@
     graphic->color_registers_used[context->background] = 1;
 }
 
-static void
+static Boolean
 set_sixel(Graphic *graphic, SixelContext const *context, int sixel)
 {
     const int mh = graphic->max_height;
@@ -170,7 +170,10 @@
           ((color != COLOR_HOLE)
            ? (unsigned) graphic->color_registers[color].b : 0U)));
     for (pix = 0; pix < 6; pix++) {
-       if (context->col < mw && context->row + pix < mh) {
+       if (context->col >= 0 &&
+           context->col < mw &&
+           context->row + pix >= 0 &&
+           context->row + pix < mh) {
            if (sixel & (1 << pix)) {
                if (context->col + 1 > graphic->actual_width) {
                    graphic->actual_width = context->col + 1;
@@ -183,8 +186,10 @@
            }
        } else {
            TRACE(("sixel pixel %d out of bounds\n", pix));
+           return False;
        }
     }
+    return True;
 }
 
 static void
@@ -462,8 +467,12 @@
                init_sixel_background(graphic, &context);
                graphic->valid = 1;
            }
-           if (sixel)
-               set_sixel(graphic, &context, sixel);
+           if (sixel) {
+               if (!set_sixel(graphic, &context, sixel)) {
+                   context.col = 0;
+                   break;
+               }
+           }
            context.col++;
        } else if (ch == '$') { /* DECGCR */
            /* ignore DECCRNLM in sixel mode */
@@ -531,8 +540,12 @@
            if (sixel) {
                int i;
                for (i = 0; i < Pcount; i++) {
-                   set_sixel(graphic, &context, sixel);
-                   context.col++;
+                   if (set_sixel(graphic, &context, sixel)) {
+                       context.col++;
+                   } else {
+                       context.col = 0;
+                       break;
+                   }
                }
            } else {
                context.col += Pcount;

Prev by Date: [src/trunk]: src/sys/fs/udf Revere modification of initializer; it can lead t...
Next by Date: [xsrc-public/netbsd-8]: xsrc-public/external/mit/xterm/dist Pull up following...
Previous by Thread: [src/trunk]: src/sys/fs/udf Revere modification of initializer; it can lead t...
Next by Thread: [xsrc-public/netbsd-8]: xsrc-public/external/mit/xterm/dist Pull up following...
Indexes:

Home | Main Index | Thread Index | Old Index