Hello
I had been noticing st 0.6 terminals sometimes disappearing on openbsd.
I managed to reproduce the crash quite consistently by trying to select
and copy the output of: man ls | head -10.
Debugged the coredump and saw that linelen is always zero before the
crash - in which case I think there is an underflow in this line: last =
&term.line[y][MIN(lastx, linelen-1)]; that was resulting in memory
corruption which caused the subsequent last->mode to segment fault.
Attached is a patch that I believe fixes it.
From 8910d7c17b6f7d5a45d6ccec703c53c95aeceebc Mon Sep 17 00:00:00 2001
From: rain1 <[email protected]>
Date: Tue, 19 Apr 2016 02:40:17 +0100
Subject: [PATCH] * st.c: Fix a corruption issue that happened due to an
overflow when the line length is zero inside getsel.
---
st.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/st.c b/st.c
index 02bcf19..c3b8812 100644
--- a/st.c
+++ b/st.c
@@ -968,6 +968,11 @@ getsel(void) {
for(y = sel.nb.y; y <= sel.ne.y; y++) {
linelen = tlinelen(y);
+ if(!linelen) {
+ *ptr++ = '\n';
+ continue;
+ }
+
if(sel.type == SEL_RECTANGULAR) {
gp = &term.line[y][sel.nb.x];
lastx = sel.ne.x;
--
2.7.0
