packages/xterm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
xterm/backport-CVE-2022-24130.patch
xingxing f663aef052 fix CVE-2022-24130 
(cherry picked from commit 19b21ff29bf8413d75d75a3f8831bf5a5f01ba3f)
2022-02-23 15:31:54 +08:00

318 lines
7.8 KiB
Diff
Raw Blame History

From dc3ed827ae4c948ddb024fec329d223b7390d829 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Wed, 23 Feb 2022 11:30:50 +0800
Subject: [PATCH] backport-CVE-2022-14130
---
MANIFEST | 2 +-
graphics_sixel.c | 24 +++++++++++----
package/debian/copyright | 2 +-
ptyx.h | 4 +--
terminfo | 63 ++++++++++++++++++++++++++--------------
xterm.appdata.xml | 2 +-
xterm.log.html | 4 +--
7 files changed, 67 insertions(+), 34 deletions(-)
diff --git a/MANIFEST b/MANIFEST
index 3c91d9d..1b9bd60 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -1,4 +1,4 @@
-MANIFEST for xterm-334, version xterm-334
+MANIFEST for xterm-334, version xterm-370
--------------------------------------------------------------------------------
MANIFEST this file
256colres.h resource-definitions for 256-color mode
diff --git a/graphics_sixel.c b/graphics_sixel.c
index d066911..158e451 100644
--- a/graphics_sixel.c
+++ b/graphics_sixel.c
@@ -1,7 +1,8 @@
-/* $XTermId: graphics_sixel.c,v 1.18 2016/06/05 20:04:01 tom Exp $ */
+/* $XTermId: graphics_sixel.c,v 1.30 2022/01/30 19:25:32 tom Exp $ */
/*
- * Copyright 2014,2016 by Ross Combs
+* Copyright 2014-2021,2022 by Ross Combs
+ * Copyright 2014-2021,2022 by Thomas E. Dickey
*
* All Rights Reserved
*
@@ -141,7 +142,7 @@ init_sixel_background(Graphic *graphic, SixelContext const *context)
graphic->color_registers_used[context->background] = 1;
}
-static void
+static Boolean
set_sixel(Graphic *graphic, SixelContext const *context, int sixel)
{
const int mh = graphic->max_height;
@@ -175,8 +176,10 @@ set_sixel(Graphic *graphic, SixelContext const *context, int sixel)
}
} else {
TRACE(("sixel pixel %d out of bounds\n", pix));
+ return False;
}
}
+ return True;
}
static void
@@ -451,7 +454,12 @@ parse_sixel(XtermWidget xw, ANSI *params, char const *string)
init_sixel_background(graphic, &context);
graphic->valid = 1;
}
- set_sixel(graphic, &context, sixel);
+ if (sixel) {
+ if (!set_sixel(graphic, &context, sixel)) {
+ context.col = 0;
+ break;
+ }
+ }
context.col++;
} else if (ch == '$') { /* DECGCR */
/* ignore DECCRNLM in sixel mode */
@@ -529,8 +537,12 @@ parse_sixel(XtermWidget xw, ANSI *params, char const *string)
graphic->valid = 1;
}
for (i = 0; i < Pcount; i++) {
- set_sixel(graphic, &context, sixel);
- context.col++;
+ if (set_sixel(graphic, &context, sixel)) {
+ context.col++;
+ } else {
+ context.col = 0;
+ break;
+ }
}
} else if (ch == '#') { /* DECGCI */
ANSI color_params;
diff --git a/package/debian/copyright b/package/debian/copyright
index ddf3bff..9c0d62b 100644
--- a/package/debian/copyright
+++ b/package/debian/copyright
@@ -35,7 +35,7 @@ authorization.
Files: * */*
License: MIT-X11
-Copyright 1996-2017,2018 by Thomas E. Dickey
+Copyright 1996-2021,2022 by Thomas E. Dickey
(date ranges vary, depending on when the respective files were first changed
significantly, and run through the most recent change date).
diff --git a/ptyx.h b/ptyx.h
index 9f7f74c..8ccc95c 100644
--- a/ptyx.h
+++ b/ptyx.h
@@ -1,7 +1,7 @@
-/* $XTermId: ptyx.h,v 1.905 2018/08/10 18:40:07 tom Exp $ */
+/* $XTermId: ptyx.h,v 1.1047 2022/01/30 19:29:37 tom Exp $ */
/*
- * Copyright 1999-2017,2018 by Thomas E. Dickey
+* Copyright 1999-2021,2022 by Thomas E. Dickey
*
* All Rights Reserved
*
diff --git a/terminfo b/terminfo
index ee558e4..cf8985e 100644
--- a/terminfo
+++ b/terminfo
@@ -1,10 +1,10 @@
-# $XTermId: terminfo,v 1.177 2017/12/25 21:08:55 tom Exp $
+# $XTermId: terminfo,v 1.202 2022/01/30 19:29:59 tom Exp $
#
# Updates/notes/new entries (e.g., xterm-8bit, xterm-16color, xterm-256color)
# - Thomas E. Dickey
#
#------------------------------------------------------------------------------
-# Copyright 1996-2016,2017 by Thomas E. Dickey
+# Copyright 1996-2021,2022 by Thomas E. Dickey
#
# All Rights Reserved
#
@@ -1038,7 +1038,8 @@ xterm-basic|modern xterm terminal emulator - common,
%t;4
%;
%?
- %p1%p3%|
+ %p1
+ %p3%|
%t;7
%;
%?
@@ -1354,7 +1355,8 @@ xterm-bold|xterm with bold instead of underline (X Window System),
%t;1
%;
%?
- %p1%p3%|
+ %p1
+ %p3%|
%t;7
%;
m,
@@ -1631,7 +1633,8 @@ xterm-16color|xterm with 16 colors,
setab=\E[
%?
%p1%{8}%<
- %t%p1%{40}%+
+ %t
+ %p1%{40}%+
%e
%p1%{92}%+
%;
@@ -1639,13 +1642,15 @@ xterm-16color|xterm with 16 colors,
setaf=\E[
%?
%p1%{8}%<
- %t%p1%{30}%+
+ %t
+ %p1%{30}%+
%e
%p1%{82}%+
%;
%dm,
setb=
- %p1%{8}%/%{6}%*%{4}%+\E[%d%p1%{8}%m%Pa
+ %p1%{8}%/%{6}%*%{4}%+\E[%d
+ %p1%{8}%m%Pa
%?%ga%{1}%=
%t4
%e%ga%{3}%=
@@ -1658,7 +1663,8 @@ xterm-16color|xterm with 16 colors,
%;
m,
setf=
- %p1%{8}%/%{6}%*%{3}%+\E[%d%p1%{8}%m%Pa
+ %p1%{8}%/%{6}%*%{3}%+\E[%d
+ %p1%{8}%m%Pa
%?%ga%{1}%=
%t4
%e%ga%{3}%=
@@ -1690,16 +1696,21 @@ xterm+256color|xterm 256-color feature,
colors#0x100,
pairs#0x10000,
initc=\E]4;
- %p1%d;rgb\:%p2%{255}%*%{1000}%/%2.2X/%p3%{255}%*%{1000}%/%2.2X/%p4%{255}%*%{1000}%/%2.2X\E\\,
+ %p1%d;rgb:
+ %p2%{255}%*%{1000}%/%2.2X/
+ %p3%{255}%*%{1000}%/%2.2X/
+ %p4%{255}%*%{1000}%/%2.2X\E\\,
oc=\E]104\007,
rs1=\Ec\E]104\007,
setab=\E[
%?
%p1%{8}%<
- %t4%p1%d
+ %t4
+ %p1%d
%e
%p1%{16}%<
- %t10%p1%{8}%-%d
+ %t10
+ %p1%{8}%-%d
%e48;5;
%p1%d
%;
@@ -1707,10 +1718,12 @@ xterm+256color|xterm 256-color feature,
setaf=\E[
%?
%p1%{8}%<
- %t3%p1%d
+ %t3
+ %p1%d
%e
%p1%{16}%<
- %t9%p1%{8}%-%d
+ %t9
+ %p1%{8}%-%d
%e38;5;
%p1%d
%;
@@ -1746,17 +1759,23 @@ xterm+direct|xterm with direct-color indexing,
setab=\E[
%?
%p1%{8}%<
- %t4%p1%d
- %e48\:2\:\:
- %p1%{65536}%/%d\:%p1%{256}%/%{255}%&%d\:%p1%{255}%&%d
+ %t4
+ %p1%d
+ %e48:2::
+ %p1%{65536}%/%d:
+ %p1%{256}%/%{255}%&%d:
+ %p1%{255}%&%d
%;
m,
setaf=\E[
%?
%p1%{8}%<
- %t3%p1%d
- %e38\:2\:\:
- %p1%{65536}%/%d\:%p1%{256}%/%{255}%&%d\:%p1%{255}%&%d
+ %t3
+ %p1%d
+ %e38:2::
+ %p1%{65536}%/%d:
+ %p1%{256}%/%{255}%&%d:
+ %p1%{255}%&%d
%;
m,
setb@,
@@ -1938,7 +1957,8 @@ xterm-8bit|xterm terminal emulator with 8-bit controls (X Window System),
%t;4
%;
%?
- %p1%p3%|
+ %p1
+ %p3%|
%t;7
%;
%?
@@ -2166,7 +2186,8 @@ xterm-xf86-v44|xterm terminal emulator (XFree86 4.4 Window System),
%t;4
%;
%?
- %p1%p3%|
+ %p1
+ %p3%|
%t;7
%;
%?
diff --git a/xterm.appdata.xml b/xterm.appdata.xml
index ebe4976..ef8ef4d 100644
--- a/xterm.appdata.xml
+++ b/xterm.appdata.xml
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!-- Copyright 2014,2016 Thomas Dickey <dickey@invisible-island.net> -->
+<!-- Copyright 2014-2021,2022 Thomas Dickey <dickey@invisible-island.net> -->
<component type="desktop">
<id>xterm.desktop</id>
<metadata_license>CC-BY-3.0</metadata_license>
diff --git a/xterm.log.html b/xterm.log.html
index a912a6d..bda08d3 100644
--- a/xterm.log.html
+++ b/xterm.log.html
@@ -30,7 +30,7 @@
* sale, use or other dealings in this Software without prior written *
* authorization. *
*****************************************************************************
- $XTermId: xterm.log.html,v 1.1892 2018/08/13 00:45:25 tom Exp $
+$XTermId: xterm.log.html,v 1.2384 2022/01/30 19:30:18 tom Exp $
-->
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">
@@ -53,7 +53,7 @@
<body>
<hr>
- <p>Copyright &copy; 1997-2017,2018 by <a href=
+ <p>Copyright &copy; 1997-2021,2022 by <a href=
"mailto:dickey@invisible-island.net">Thomas E. Dickey</a></p>
<hr>
--
2.27.0
Reference in New Issue View Git Blame Copy Permalink