Re: [hackers] Re: [ubase] [PATCH] Include sys/sysmacros.h when major is not defined in sys/types.h
On Mon, Nov 04, 2019 at 08:01:18AM +0100, Laslo Hunhold wrote: > Dimitris is the current maintainer, so you will have to talk to him, > but I'd say that nothing speaks against you maintaining it. I always > saw sbase and ubase to be siblings, so given you already maintain > sbase, it would make a lot of sense. :) He is in the mailing list, but I think he usually doesn't read it. Maybe a direct mail is better. Regards,
[hackers] [st] OSC 52 - copy to clipboard: don't limit to 382 bytes || Avi Halachmi (:avih)
commit 2e54a21b5ae249a6bcedab9db611ea86037a018b
Author: Avi Halachmi (:avih)
AuthorDate: Wed Oct 16 12:55:53 2019 +0300
Commit: Hiltjo Posthuma
CommitDate: Sun Nov 10 22:45:54 2019 +0100
OSC 52 - copy to clipboard: don't limit to 382 bytes
Strings which an application sends to the terminal in OSC, DCS, etc
are typically small (title, colors, etc) but one exception is OSC 52
which copies text to the clipboard, and is used for instance by tmux.
Previously st cropped these strings at 512 bytes, which for OSC 52
limited the copied text to 382 bytes (remaining buffer space before
base64). This made it less useful than it can be.
Now it's a dynamic growing buffer. It remains allocated after use,
resets to 512 when a new string starts, or leaked on exit.
Resetting/deallocating the buffer right after use (at strhandle) is
possible with some more code, however, it doesn't always end up used,
and to cover those cases too will require even more code, so resetting
only on new string is good enough for now.
diff --git a/st.c b/st.c
index 0c1acd4..3e48410 100644
--- a/st.c
+++ b/st.c
@@ -146,7 +146,8 @@ typedef struct {
/* ESC type [[ [] [;]] ] ESC '\' */
typedef struct {
char type; /* ESC type ... */
- char buf[STR_BUF_SIZ]; /* raw string */
+ char *buf; /* allocated raw string */
+ size_t siz;/* allocation size */
size_t len;/* raw string length */
char *args[STR_ARG_SIZ];
int narg; /* nb of args */
@@ -1948,7 +1949,10 @@ strdump(void)
void
strreset(void)
{
- memset(, 0, sizeof(strescseq));
+ strescseq = (STREscape){
+ .buf = xrealloc(strescseq.buf, STR_BUF_SIZ),
+ .siz = STR_BUF_SIZ,
+ };
}
void
@@ -2330,7 +2334,7 @@ tputc(Rune u)
if (term.esc_DCS && strescseq.len == 0 && u == 'q')
term.mode |= MODE_SIXEL;
- if (strescseq.len+len >= sizeof(strescseq.buf)) {
+ if (strescseq.len+len >= strescseq.siz) {
/*
* Here is a bug in terminals. If the user never sends
* some code to stop the str or esc command, then st
@@ -2344,7 +2348,10 @@ tputc(Rune u)
* term.esc = 0;
* strhandle();
*/
- return;
+ if (strescseq.siz > (SIZE_MAX - UTF_SIZ) / 2)
+ return;
+ strescseq.siz *= 2;
+ strescseq.buf = xrealloc(strescseq.buf, strescseq.siz);
}
memmove([strescseq.len], c, len);
[hackers] [st] STREscape: don't trim prematurely || Avi Halachmi (:avih)
commit 7ceb3d1f72eabfa678e5cfae176c57630ad98c43
Author: Avi Halachmi (:avih)
AuthorDate: Wed Oct 16 12:19:49 2019 +0300
Commit: Hiltjo Posthuma
CommitDate: Sun Nov 10 22:45:54 2019 +0100
STREscape: don't trim prematurely
STRescape holds strings in escape sequences such as OSC and DCS, and
its buffer is 512 bytes.
If the input is too big then trailing chars are ignored, but the test
was off-by-1 such that it took 510 chars instead of 511 (before a
terminating NULL is added).
Now the full size can be utilized.
diff --git a/st.c b/st.c
index a8f8232..50226d1 100644
--- a/st.c
+++ b/st.c
@@ -2330,7 +2330,7 @@ tputc(Rune u)
if (term.esc_DCS && strescseq.len == 0 && u == 'q')
term.mode |= MODE_SIXEL;
- if (strescseq.len+len >= sizeof(strescseq.buf)-1) {
+ if (strescseq.len+len >= sizeof(strescseq.buf)) {
/*
* Here is a bug in terminals. If the user never sends
* some code to stop the str or esc command, then st
[hackers] [st] base64dec: don't read out of bounds || Avi Halachmi (:avih)
commit ea4d933ed9d8ce16699c84892a29e070c70b2eb9
Author: Avi Halachmi (:avih)
AuthorDate: Wed Oct 16 11:17:23 2019 +0300
Commit: Hiltjo Posthuma
CommitDate: Sun Nov 10 22:45:54 2019 +0100
base64dec: don't read out of bounds
Previously, base64dec checked terminating input '\0' every 4 calls to
base64dec_getc, where the latter progressed one or more chars on each
call, and could read past '\0' in the way it was used.
The input to base64dec currently comes only from OSC 52 escape seq
(copy to clipboard), and reading past '\0' or even past the buffer
boundary was easy to trigger.
Also, even if we could trust external input to be valid base64, there
are different base64 standards, and not all of them require padding
to 4 bytes blocks (using trailing '=' chars).
It didn't affect short OSC 52 strings because the buffer is initialized
to 0's, so typically it did stop within the buffer, but if the string
was trimmed to fit (the buffer is 512 bytes) then it did also read past
the end of the buffer, and the decoded suffix ended up arbitrary.
This patch makes base64dec_getc not progress past '\0', and instead
produce fake trailing padding of '='.
Additionally, at base64dec, if padding is detected at the first or
second byte of a quartet, then we identify it as invalid and abort
(a valid quartet has at least two leading non-padding bytes).
diff --git a/st.c b/st.c
index ede7ae6..a8f8232 100644
--- a/st.c
+++ b/st.c
@@ -366,7 +366,7 @@ char
base64dec_getc(const char **src)
{
while (**src && !isprint(**src)) (*src)++;
- return *((*src)++);
+ return **src ? *((*src)++) : '='; /* emulate padding if string ends */
}
char *
@@ -384,6 +384,10 @@ base64dec(const char *src)
int c = base64_digits[(unsigned char) base64dec_getc()];
int d = base64_digits[(unsigned char) base64dec_getc()];
+ /* invalid input. 'a' can be -1, e.g. if src is "\n" (c-str) */
+ if (a == -1 || b == -1)
+ break;
+
*dst++ = (a << 2) | ((b & 0x30) >> 4);
if (c == -1)
break;
[hackers] [st] CSIEscape, STREscape: use size_t for buffer length || Hiltjo Posthuma
commit 289c52b7aa9b0e826bbea6f956755b3199b3ccac
Author: Hiltjo Posthuma
AuthorDate: Wed Oct 16 12:38:43 2019 +0300
Commit: Hiltjo Posthuma
CommitDate: Sun Nov 10 22:45:54 2019 +0100
CSIEscape, STREscape: use size_t for buffer length
diff --git a/st.c b/st.c
index 50226d1..0c1acd4 100644
--- a/st.c
+++ b/st.c
@@ -135,7 +135,7 @@ typedef struct {
/* ESC '[' [[ [] [;]] []] */
typedef struct {
char buf[ESC_BUF_SIZ]; /* raw string */
- int len; /* raw string length */
+ size_t len;/* raw string length */
char priv;
int arg[ESC_ARG_SIZ];
int narg; /* nb of args */
@@ -147,7 +147,7 @@ typedef struct {
typedef struct {
char type; /* ESC type ... */
char buf[STR_BUF_SIZ]; /* raw string */
- int len; /* raw string length */
+ size_t len;/* raw string length */
char *args[STR_ARG_SIZ];
int narg; /* nb of args */
} STREscape;
@@ -1803,7 +1803,7 @@ csihandle(void)
void
csidump(void)
{
- int i;
+ size_t i;
uint c;
fprintf(stderr, "ESC[");
@@ -1921,7 +1921,7 @@ strparse(void)
void
strdump(void)
{
- int i;
+ size_t i;
uint c;
fprintf(stderr, "ESC%c", strescseq.type);
