summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornoname <noname@inventati.org>2014-04-23 02:08:13 +0400
committerRoberto E. Vargas Caballero <k0ga@shike2.com>2014-04-25 17:17:48 +0200
commit80b32af794b659cb15745cfb2a19fce0829c42c7 (patch)
tree3991d7b4a03f0eafda64222adb8b7dc1868cb48a
parent16ac85bf5422a7e925743f6134572d3ac1a25188 (diff)
downloadst-80b32af794b659cb15745cfb2a19fce0829c42c7.tar.gz
st-80b32af794b659cb15745cfb2a19fce0829c42c7.zip
Simplify tdeletechar and tinsertblank and fix memory corruption.
Current CSI parsing code uses strtol to parse arguments and allows them to be negative. Negative argument is not properly handled in tdeletechar and tinsertblank and results in memory corruption in memmove. Reproduce with printf '\e[-500@' Patch also removes special handling for corner case and simplifies the code. Removed term.dirty[term.c.y] = 1 because tclearregion sets dirty flag.
-rw-r--r--st.c30
1 files changed, 12 insertions, 18 deletions
diff --git a/st.c b/st.c
index 60243a7..263abaa 100644
--- a/st.c
+++ b/st.c
@@ -1586,37 +1586,31 @@ tclearregion(int x1, int y1, int x2, int y2) {
void
tdeletechar(int n) {
- int src = term.c.x + n;
- int dst = term.c.x;
- int size = term.col - src;
+ int dst, src, size;
- term.dirty[term.c.y] = 1;
+ LIMIT(n, 0, term.col - term.c.x);
- if(src >= term.col) {
- tclearregion(term.c.x, term.c.y, term.col-1, term.c.y);
- return;
- }
+ dst = term.c.x;
+ src = term.c.x + n;
+ size = term.col - src;
memmove(&term.line[term.c.y][dst], &term.line[term.c.y][src],
- size * sizeof(Glyph));
+ size * sizeof(Glyph));
tclearregion(term.col-n, term.c.y, term.col-1, term.c.y);
}
void
tinsertblank(int n) {
- int src = term.c.x;
- int dst = src + n;
- int size = term.col - dst;
+ int dst, src, size;
- term.dirty[term.c.y] = 1;
+ LIMIT(n, 0, term.col - term.c.x);
- if(dst >= term.col) {
- tclearregion(term.c.x, term.c.y, term.col-1, term.c.y);
- return;
- }
+ dst = term.c.x + n;
+ src = term.c.x;
+ size = term.col - dst;
memmove(&term.line[term.c.y][dst], &term.line[term.c.y][src],
- size * sizeof(Glyph));
+ size * sizeof(Glyph));
tclearregion(src, term.c.y, dst - 1, term.c.y);
}