Package: screen Version: 5.0.1-2 Severity: important Tags: patch Dear maintainer,
When using a padding escape in the caption, for example with the following in the screenrc file, an uninitialized byte is included in the output, causing a bad character to be printed or even truncating the line. This is a minimal 'screenrc' file to test: caption always "XXXX%-50=YYYYY" The attached patch fixes the behaviour by correctly setting the buffer length after padding. The bug was tracked using valgrind and following the logic. Regards, -- Package-specific info: File Existence and Permissions ------------------------------ drwxr-xr-x 43 root root 1160 May 16 10:38 /run lrwxrwxrwx 1 root root 4 Aug 9 2015 /var/run -> /run -rwxr-xr-x 1 root root 482016 May 15 20:00 /usr/bin/screen -rw-r--r-- 1 root root 29 Jun 19 2017 /etc/tmpfiles.d/screen-cleanup.conf lrwxrwxrwx 1 root root 9 Aug 9 2015 /lib/systemd/system/screen-cleanup.service -> /dev/null -rwxr-xr-x 1 root root 1222 Apr 2 2017 /etc/init.d/screen-cleanup lrwxrwxrwx 1 root root 24 May 29 2018 /etc/rcS.d/S17screen-cleanup -> ../init.d/screen-cleanup File contents ------------- ### /etc/tmpfiles.d/screen-cleanup.conf ______________________________________________________________________ d /run/screen 1777 root utmp ______________________________________________________________________ -- System Information: Debian Release: forky/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 7.0.4+deb14-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages screen depends on: ii debianutils 5.23.2 ii libc6 2.42-16 ii libpam0g 1.7.0-5+b2 ii libtinfo6 6.6+20251231-1+b1 screen recommends no packages. Versions of packages screen suggests: pn byobu | screenie | iselect <none> ii ncurses-term 6.6+20251231-1 -- no debconf information
Description: Fixes uninitialized buffer with padding escapes After a padding escape (i.e. '%10=' or '%030='), the returned buffer has the last byte not initialized, affecting the rendering. Return earlier so the advancing of the pointer is skipped, as it is not needed after the actual filling character. Author: Daniel Serpell --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ --- a/winmsg.c +++ b/winmsg.c @@ -314,6 +314,7 @@ *lastpad = wmbc->p - winmsg->buf; wmbc->trunc.pos = -1; wmbc->trunc.ellip = false; + return; /* wmbc->p already correctly positioned by wmbc_putchar */ } } else if (padlen) { *wmbc->p = CHRPAD; /* internal pad representation */
