Re: [hackers] [st][PATCH] in bracketed paste mode, filter escapes from pasted data

[Hiltjo Posthuma]

On Thu, Nov 02, 2017 at 10:42:05PM +0100, Jann Horn wrote:
> Browsers permit copied data to contain escape characters. To prevent
> malicious websites (or other sources of malicious text) from faking a
> bracketed paste end sequence, filter escape characters from pasted text in
> bracketed paste mode.
> 
> xterm unconditionally filters out a bunch of control characters, including
> \033, in pasted data (see removeControls() in button.c in the xterm
> sources), so I think that this change should be fine from a compatibility
> standpoint.
> ---
>  LICENSE |  1 +
>  x.c     | 22 ++++++++++++++++++++--
>  2 files changed, 21 insertions(+), 2 deletions(-)
> 
> diff --git a/LICENSE b/LICENSE
> index fa0c63e..ce7ee42 100644
> --- a/LICENSE
> +++ b/LICENSE
> @@ -11,6 +11,7 @@ MIT/X Consortium License
>  © 2013 Michael Forney <mforney at mforney dot org>
>  © 2013-2014 Markus Teich <markus dot teich at stusta dot mhn dot de>
>  © 2014-2015 Laslo Hunhold <dev at frign dot de>
> +© 2017 Google LLC
>  
>  Permission is hereby granted, free of charge, to any person obtaining a
>  copy of this software and associated documentation files (the "Software"),
> diff --git a/x.c b/x.c
> index 191e5dc..5e9efce 100644
> --- a/x.c
> +++ b/x.c
> @@ -318,7 +318,7 @@ selnotify(XEvent *e)
>  {
>       ulong nitems, ofs, rem;
>       int format;
> -     uchar *data, *last, *repl;
> +     uchar *data, *last, *repl, *readpos;
>       Atom type, incratom, property;
>  
>       incratom = XInternAtom(xw.dpy, "INCR", 0);
> @@ -385,9 +385,27 @@ selnotify(XEvent *e)
>                       *repl++ = '\r';
>               }
>  
> +             /*
> +              * In bracketed paste mode, we mark the pasted data by adding
> +              * escape sequences around it (see below), but we also want to
> +              * prevent the pasted data from prematurely signaling an end
> +              * of paste. Therefore, strip escape characters from the
> +              * pasted data.
> +              */
> +             if (IS_SET(MODE_BRCKTPASTE)) {
> +                     readpos = data;
> +                     repl = data;
> +                     while (readpos < last) {
> +                             if (*readpos != '\033')
> +                                     *repl++ = *readpos;
> +                             readpos++;
> +                     }
> +                     last = repl;
> +             }
> +
>               if (IS_SET(MODE_BRCKTPASTE) && ofs == 0)
>                       ttywrite("\033[200~", 6);
> -             ttysend((char *)data, nitems * format / 8);
> +             ttysend((char *)data, last - data);
>               if (IS_SET(MODE_BRCKTPASTE) && rem == 0)
>                       ttywrite("\033[201~", 6);
>               XFree(data);
> -- 
> 2.15.0.403.gc27cc4dac6-goog
> 
> 

This seems too specific to me (the browser use-case). It won't be applied.

-- 
Kind regards,
Hiltjo