Skip to content
Snippets Groups Projects
Commit 1e9dcf47 authored by Deucе's avatar Deucе :ok_hand_tone4:
Browse files

Clamp sixel repeat to 0x7fff per specification. 

This is the issue behind CVE-2022-24130 in xterm.
Reported against SyncTERM by Autumn Lamonte (Thanks!)
Discussion here: https://gitlab.com/klamonte/jexer/-/issues/105

Closes SyncTERM bug 79.
parent afd50716
Branches
Tags
1 merge request!463MRC mods by Codefenix (2024-10-20)
Pipeline #3464 passed
Stage: build
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 0 deletions
src/conio/cterm.c
+ 2
0
View file @ 1e9dcf47
...@@ -1759,6 +1759,8 @@ static void parse_sixel_string(struct cterminal *cterm, bool finish) ...@@ -1759,6 +1759,8 @@ static void parse_sixel_string(struct cterminal *cterm, bool finish)
if (!*p) if (!*p)
continue; continue;
cterm->sx_repeat = strtoul(p, &p, 10); cterm->sx_repeat = strtoul(p, &p, 10);
if (cterm->sx_repeat > 0x7fff)
cterm->sx_repeat = 0x7fff;
break; break;
case '#': // Colour Introducer case '#': // Colour Introducer
p++; p++;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment