Hi, this merges latest bugfixes from upstream to our version of less. No new features introduced. Upstream commits and issues are linked as references.
brac.c: Signed integer overflow with huge files. https://github.com/gwsw/less/pull/210 https://github.com/gwsw/less/commit/e6eb4c8ddd7f4e7135facad6c30d80886148ca70 command.c: A prompt should not be shown if explicitly requested to not show one. Reproducible by entering "-<CTRL + SHIFT + P>+e" within less. This should not yield any status output (CTRL + SHIFT + P suppresses the prompt). https://github.com/gwsw/less/commit/93fee11541b6837a0063e728e60c50da7929924b decode.c: Out of boundary accesses and endless loop with user-specified lesskey file possible (-k option). https://github.com/gwsw/less/pull/199 https://github.com/gwsw/less/pull/203 https://github.com/gwsw/less/commit/7318ae5ce310fe8a8784a8b0c80132099b11862c https://github.com/gwsw/less/commit/d07da7152ecc2086809965646e1b8b7a95b6452c optfunc.c, http to https: Upstream changed URL to https, we should do the same. https://github.com/gwsw/less/commit/a8b4980c8403f6f41ef5e534e6b8ad3b919604a3 optfunc.c: Increase buffer to stay compatible with upstream. Our TABSTOP_MAX is large enough to prevent overflow of the buffer already, but keep it in sync in case we reduce TABSTOP_MAX to 32 just like upstream does by default. https://github.com/gwsw/less/commit/6a860ee977eea7bfa065789ea4319ecab5af703c option.c: prchar has a larger buffer than propt uses internally. This does not lead to an overflow, we could just truncate custom formatter outputs. https://github.com/gwsw/less/commit/1d95a137938f347c78bdefa91bde6d7e3678bba0 Okay? Tobias Index: brac.c =================================================================== RCS file: /cvs/src/usr.bin/less/brac.c,v retrieving revision 1.9 diff -u -p -u -p -r1.9 brac.c --- brac.c 9 Nov 2015 16:39:13 -0000 1.9 +++ brac.c 9 Oct 2021 10:58:27 -0000 @@ -75,6 +75,8 @@ match_brac(int obrac, int cbrac, int for nest = 0; while ((c = (*chget)()) != EOI) { if (c == obrac) { + if (nest == INT_MAX) + break; nest++; } else if (c == cbrac && --nest < 0) { /* Index: command.c =================================================================== RCS file: /cvs/src/usr.bin/less/command.c,v retrieving revision 1.32 diff -u -p -u -p -r1.32 command.c --- command.c 3 Sep 2019 23:08:42 -0000 1.32 +++ command.c 9 Oct 2021 10:58:28 -0000 @@ -264,6 +264,7 @@ is_erase_char(int c) static int mca_opt_first_char(int c) { + int no_prompt = (optflag & OPT_NO_PROMPT); int flag = (optflag & ~OPT_NO_PROMPT); if (flag == OPT_NO_TOGGLE) { switch (c) { @@ -277,12 +278,14 @@ mca_opt_first_char(int c) switch (c) { case '+': /* "-+" = UNSET. */ - optflag = (flag == OPT_UNSET) ? OPT_TOGGLE : OPT_UNSET; + optflag = no_prompt | + ((flag == OPT_UNSET) ? OPT_TOGGLE : OPT_UNSET); mca_opt_toggle(); return (MCA_MORE); case '!': /* "-!" = SET */ - optflag = (flag == OPT_SET) ? OPT_TOGGLE : OPT_SET; + optflag = no_prompt | + ((flag == OPT_SET) ? OPT_TOGGLE : OPT_SET); mca_opt_toggle(); return (MCA_MORE); case CONTROL('P'): Index: decode.c =================================================================== RCS file: /cvs/src/usr.bin/less/decode.c,v retrieving revision 1.19 diff -u -p -u -p -r1.19 decode.c --- decode.c 28 Jun 2019 13:35:01 -0000 1.19 +++ decode.c 9 Oct 2021 10:58:28 -0000 @@ -563,6 +563,7 @@ static int new_lesskey(char *buf, int len, int sysvar) { char *p; + char *end; int c; int n; @@ -575,21 +576,28 @@ new_lesskey(char *buf, int len, int sysv buf[len-1] != C2_END_LESSKEY_MAGIC) return (-1); p = buf + 4; + end = buf + len; for (;;) { c = *p++; switch (c) { case CMD_SECTION: n = gint(&p); + if (n < 0 || p + n >= end) + return (-1); add_fcmd_table(p, n); p += n; break; case EDIT_SECTION: n = gint(&p); + if (n < 0 || p + n >= end) + return (-1); add_ecmd_table(p, n); p += n; break; case VAR_SECTION: n = gint(&p); + if (n < 0 || p + n >= end) + return (-1); add_var_table((sysvar) ? &list_sysvar_tables : &list_var_tables, p, n); p += n; @@ -663,7 +671,8 @@ lesskey(char *filename, int sysvar) * Figure out if this is an old-style (before version 241) * or new-style lesskey file format. */ - if (buf[0] != C0_LESSKEY_MAGIC || buf[1] != C1_LESSKEY_MAGIC || + if (len < 4 || + buf[0] != C0_LESSKEY_MAGIC || buf[1] != C1_LESSKEY_MAGIC || buf[2] != C2_LESSKEY_MAGIC || buf[3] != C3_LESSKEY_MAGIC) return (old_lesskey(buf, (int)len)); return (new_lesskey(buf, (int)len, sysvar)); Index: optfunc.c =================================================================== RCS file: /cvs/src/usr.bin/less/optfunc.c,v retrieving revision 1.17 diff -u -p -u -p -r1.17 optfunc.c --- optfunc.c 17 Mar 2018 13:29:12 -0000 1.17 +++ optfunc.c 9 Oct 2021 10:58:28 -0000 @@ -420,7 +420,7 @@ opt__V(int type, char *s) putstr("to the extent permitted by law.\n"); putstr("For information about the terms of redistribution,\n"); putstr("see the file named README in the less distribution.\n"); - putstr("Homepage: http://www.greenwoodsoftware.com/less\n";); + putstr("Homepage: https://www.greenwoodsoftware.com/less\n";); putstr("\n"); quit(QUIT_OK); break; @@ -436,7 +436,7 @@ opt_x(int type, char *s) extern int tabstops[]; extern int ntabstops; extern int tabdefault; - char tabs[60+(4*TABSTOP_MAX)]; + char tabs[60 + 11 * TABSTOP_MAX]; int i; PARG p; Index: option.c =================================================================== RCS file: /cvs/src/usr.bin/less/option.c,v retrieving revision 1.17 diff -u -p -u -p -r1.17 option.c --- option.c 17 Mar 2018 14:03:36 -0000 1.17 +++ option.c 9 Oct 2021 10:58:28 -0000 @@ -55,7 +55,7 @@ opt_desc(struct loption *o) char * propt(int c) { - static char buf[8]; + static char buf[33]; (void) snprintf(buf, sizeof (buf), "-%s", prchar(c)); return (buf);
