billiob pushed a commit to branch master. http://git.enlightenment.org/apps/terminology.git/commit/?id=2e75539fb922833023cd9c56026a87f395167fd7
commit 2e75539fb922833023cd9c56026a87f395167fd7 Author: Boris Faure <[email protected]> Date: Mon Nov 25 20:02:37 2019 +0100 termptyesc: handle invalid values for OSC + test - missing value is as if 0 - overflow - hex - negative value --- src/bin/termptyesc.c | 32 ++++++++++++++++++++++++++++---- tests/osc-invalid.sh | 33 +++++++++++++++++++++++++++++++++ tests/tests.results | 1 + 3 files changed, 62 insertions(+), 4 deletions(-) diff --git a/src/bin/termptyesc.c b/src/bin/termptyesc.c index 815cf7b..84f93f2 100644 --- a/src/bin/termptyesc.c +++ b/src/bin/termptyesc.c @@ -3387,22 +3387,44 @@ unhandled: } static int -_osc_arg_get(Eina_Unicode **ptr) +_osc_arg_get(Termpty *ty, Eina_Unicode **ptr) { Eina_Unicode *b = *ptr; int sum = 0; + if ((b == NULL) || (*b == '\0')) + { + *ptr = NULL; + sum = -ESC_ARG_NO_VALUE; + goto error; + } + while (*b >= '0' && *b <= '9') { sum *= 10; sum += *b - '0'; b++; + if (sum >= 65536) + { + sum = -ESC_ARG_ERROR; + goto error; + } } if (*b != ';') - sum = -1; + { + sum = -ESC_ARG_ERROR; + goto error; + } else b++; *ptr = b; + + return sum; + +error: + ERR("Invalid OSC argument"); + ty->decoding_error = EINA_TRUE; + *ptr = NULL; return sum; } @@ -3728,11 +3750,13 @@ _handle_esc_osc(Termpty *ty, const Eina_Unicode *c, const Eina_Unicode *ce) else return 0; - arg = _osc_arg_get(&p); + arg = _osc_arg_get(ty, &p); switch (arg) { - case -1: + case -ESC_ARG_ERROR: goto err; + case -ESC_ARG_NO_VALUE: + EINA_FALLTHROUGH; case 0: // title + icon name if (!*p) diff --git a/tests/osc-invalid.sh b/tests/osc-invalid.sh new file mode 100755 index 0000000..b9f5648 --- /dev/null +++ b/tests/osc-invalid.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +# fill space with E +printf '\033#8' +#set color +printf '\033[46;31;3m' + +# set title + icon +printf '\033]0;foobar\007' + +# set again title + icon with no command +printf '\033];no command\007' + +# set again title + icon with id as double +printf '\033]00;double\007' + +# set again title + icon with id as hex +printf '\033]0x0;hex\007' + +# set again title + icon with id as negative zero +printf '\033]-0;negative zero\007' + +# set again title + icon with id as negative value +printf '\033]-2;negative value\007' + +# set again title + icon with space +printf '\033] 0;with spaces\007' + +# set again title + icon with space +printf '\033]0 ;with spaces v2\007' + +# set again title + icon with overflow +printf '\033]99999999999999999999999999999999999999999999999999;overflow\007' diff --git a/tests/tests.results b/tests/tests.results index 356b5ad..1c6c915 100644 --- a/tests/tests.results +++ b/tests/tests.results @@ -122,3 +122,4 @@ osc-11-query.sh b762d503e40641ff896dac46391ad7a8 link_detection.sh bbe87a849586e8b922f26ad5d88146dc selection_with_tabs.sh 23557497a8f28ca246048bb2443b3dab selection_empty_lines.sh 7a90d9bfde9e9fb7f067f6c08eac57ff +osc-invalid.sh 0acecbe16bb3b257745787c40affdb90 --
