[src/trunk]: src/lib/libedit Apply revisions 1.21, 1.22 from OpenBSD:

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/lib/libedit Apply revisions 1.21, 1.22 from OpenBSD:
From: christos <christos%NetBSD.org@localhost>
Date: Mon, 08 Nov 2021 07:05:30 +0000

details:   https://anonhg.NetBSD.org/src/rev/2b41bfc2eb91
branches:  trunk
changeset: 994178:2b41bfc2eb91
user:      christos <christos%NetBSD.org@localhost>
date:      Tue Oct 23 16:49:13 2018 +0000

description:
Apply revisions 1.21, 1.22 from OpenBSD:

In re_fastputc(), set lastline to the new line, not the previous
line so it gets initialized properly.  Fixes a crash in bc with
MALLOC_OPTIONS=UJ.  OK deraadt@, committing on behalf of yasuoka@

Initialize "old" screen buffer lines before use; otherwise, they would
never get NUL-terminated and cause read buffer overruns.
This fixes for example segfaults in sftp(1) that could be triggered
by typing in an extremely long string (more than one line - the longer,
the likelier to crash), then hitting backspace once.
Problem reported and patch OK'ed by sthen@.

XXX: pullup-8

diffstat:

 lib/libedit/refresh.c |  17 +++++++++++------
 1 files changed, 11 insertions(+), 6 deletions(-)

diffs (53 lines):

diff -r b0905befb2f6 -r 2b41bfc2eb91 lib/libedit/refresh.c
--- a/lib/libedit/refresh.c     Tue Oct 23 15:44:42 2018 +0000
+++ b/lib/libedit/refresh.c     Tue Oct 23 16:49:13 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: refresh.c,v 1.54 2017/06/30 20:26:52 kre Exp $ */
+/*     $NetBSD: refresh.c,v 1.55 2018/10/23 16:49:13 christos Exp $    */
 
 /*-
  * Copyright (c) 1992, 1993
@@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)refresh.c  8.1 (Berkeley) 6/4/93";
 #else
-__RCSID("$NetBSD: refresh.c,v 1.54 2017/06/30 20:26:52 kre Exp $");
+__RCSID("$NetBSD: refresh.c,v 1.55 2018/10/23 16:49:13 christos Exp $");
 #endif
 #endif /* not lint && not SCCSID */
 
@@ -1090,7 +1090,10 @@
 static void
 re_fastputc(EditLine *el, wint_t c)
 {
-       int w = wcwidth(c);
+       wchar_t *lastline;
+       int w;
+
+       w = wcwidth(c);
        while (w > 1 && el->el_cursor.h + w > el->el_terminal.t_size.h)
            re_fastputc(el, ' ');
 
@@ -1112,17 +1115,19 @@
                 */
                if (el->el_cursor.v + 1 >= el->el_terminal.t_size.v) {
                        int i, lins = el->el_terminal.t_size.v;
-                       wchar_t *firstline = el->el_display[0];
 
+                       lastline = el->el_display[0];
                        for(i = 1; i < lins; i++)
                                el->el_display[i - 1] = el->el_display[i];
 
-                       re__copy_and_pad(firstline, L"", (size_t)0);
-                       el->el_display[i - 1] = firstline;
+                       el->el_display[i - 1] = lastline;
                } else {
                        el->el_cursor.v++;
                        el->el_refresh.r_oldcv++;
+                       lastline = el->el_display[++el->el_refresh.r_oldcv];
                }
+               re__copy_and_pad(lastline, L"", (size_t)el->el_terminal.t_size.h);
+
                if (EL_HAS_AUTO_MARGINS) {
                        if (EL_HAS_MAGIC_MARGINS) {
                                terminal__putc(el, ' ');

Prev by Date: [src/trunk]: src Tidy up a bit.
Next by Date: [src/trunk]: src/sys/dev/usb remove the 'wd* at umass?' for the non-standardi...
Previous by Thread: [src/trunk]: src Tidy up a bit.
Next by Thread: [src/trunk]: src/sys/dev/usb remove the 'wd* at umass?' for the non-standardi...
Indexes:

Home | Main Index | Thread Index | Old Index