diff options
| author | Mark Edgar <medgar123@gmail.com> | 2013-10-05 11:45:44 +0200 |
|---|---|---|
| committer | Roberto E. Vargas Caballero <k0ga@shike2.com> | 2013-10-07 21:03:51 +0200 |
| commit | 939e149544e4da958c333f3b6d00991d459c2e34 (patch) | |
| tree | 030e8e35cef8ab3ff333da711287ce4d3909936c | |
| parent | 02ae3ce6fdc178ca6eb9b10b6447bb56a6513a27 (diff) | |
| download | st-939e149544e4da958c333f3b6d00991d459c2e34.tar.gz st-939e149544e4da958c333f3b6d00991d459c2e34.zip | |
Avoid buffer overrun in kpress() and remove limit on shortcut strings.
| -rw-r--r-- | st.c | 35 |
1 files changed, 18 insertions, 17 deletions
| @@ -264,7 +264,7 @@ typedef struct { | |||
| 264 | typedef struct { | 264 | typedef struct { |
| 265 | KeySym k; | 265 | KeySym k; |
| 266 | uint mask; | 266 | uint mask; |
| 267 | char s[ESC_BUF_SIZ]; | 267 | char *s; |
| 268 | /* three valued logic variables: 0 indifferent, 1 on, -1 off */ | 268 | /* three valued logic variables: 0 indifferent, 1 on, -1 off */ |
| 269 | signed char appkey; /* application keypad */ | 269 | signed char appkey; /* application keypad */ |
| 270 | signed char appcursor; /* application cursor */ | 270 | signed char appcursor; /* application cursor */ |
| @@ -3585,26 +3585,27 @@ kpress(XEvent *ev) { | |||
| 3585 | /* 2. custom keys from config.h */ | 3585 | /* 2. custom keys from config.h */ |
| 3586 | if((customkey = kmap(ksym, e->state))) { | 3586 | if((customkey = kmap(ksym, e->state))) { |
| 3587 | len = strlen(customkey); | 3587 | len = strlen(customkey); |
| 3588 | memcpy(buf, customkey, len); | 3588 | ttywrite(customkey, len); |
| 3589 | /* 3. composed string from input method */ | 3589 | if(IS_SET(MODE_ECHO)) |
| 3590 | } else { | 3590 | techo(customkey, len); |
| 3591 | if(len == 0) | 3591 | return; |
| 3592 | return; | 3592 | } |
| 3593 | 3593 | ||
| 3594 | if(len == 1 && e->state & Mod1Mask) { | 3594 | /* 3. composed string from input method */ |
| 3595 | if(IS_SET(MODE_8BIT)) { | 3595 | if(len == 0) |
| 3596 | if(*buf < 0177) { | 3596 | return; |
| 3597 | c = *buf | 0x80; | 3597 | if(len == 1 && e->state & Mod1Mask) { |
| 3598 | len = utf8encode(&c, buf); | 3598 | if(IS_SET(MODE_8BIT)) { |
| 3599 | } | 3599 | if(*buf < 0177) { |
| 3600 | } else { | 3600 | c = *buf | 0x80; |
| 3601 | buf[1] = buf[0]; | 3601 | len = utf8encode(&c, buf); |
| 3602 | buf[0] = '\033'; | ||
| 3603 | len = 2; | ||
| 3604 | } | 3602 | } |
| 3603 | } else { | ||
| 3604 | buf[1] = buf[0]; | ||
| 3605 | buf[0] = '\033'; | ||
| 3606 | len = 2; | ||
| 3605 | } | 3607 | } |
| 3606 | } | 3608 | } |
| 3607 | |||
| 3608 | ttywrite(buf, len); | 3609 | ttywrite(buf, len); |
| 3609 | if(IS_SET(MODE_ECHO)) | 3610 | if(IS_SET(MODE_ECHO)) |
| 3610 | techo(buf, len); | 3611 | techo(buf, len); |