Skip to content
Snippets Groups Projects
Commit 1e9dcf47 authored by Deucе's avatar Deucе :ok_hand_tone4:
Browse files

Clamp sixel repeat to 0x7fff per specification. 

This is the issue behind CVE-2022-24130 in xterm.
Reported against SyncTERM by Autumn Lamonte (Thanks!)
Discussion here: https://gitlab.com/klamonte/jexer/-/issues/105

Closes SyncTERM bug 79.
parent afd50716
No related branches found
No related tags found
1 merge request!463MRC mods by Codefenix (2024-10-20)
Pipeline #3464 passed
Stage: build
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 0 deletions
src/conio/cterm.c
+ 2
0
View file @ 1e9dcf47
......@@ -1759,6 +1759,8 @@ static void parse_sixel_string(struct cterminal *cterm, bool finish)
if (!*p)
continue;
cterm->sx_repeat = strtoul(p, &p, 10);
if (cterm->sx_repeat > 0x7fff)
cterm->sx_repeat = 0x7fff;
break;
case '#': // Colour Introducer
p++;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment