From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:59922) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TFizW-0004Oh-OG for qemu-devel@nongnu.org; Sun, 23 Sep 2012 06:00:47 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1TFizV-0007f4-LD for qemu-devel@nongnu.org; Sun, 23 Sep 2012 06:00:46 -0400 Received: from mail-wi0-f175.google.com ([209.85.212.175]:51494) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TFizV-0007cW-8T for qemu-devel@nongnu.org; Sun, 23 Sep 2012 06:00:45 -0400 Received: by mail-wi0-f175.google.com with SMTP id c10so120249wiw.10 for ; Sun, 23 Sep 2012 03:00:44 -0700 (PDT) From: Stefan Hajnoczi Date: Sun, 23 Sep 2012 11:00:16 +0100 Message-Id: <1348394420-28298-11-git-send-email-stefanha@gmail.com> In-Reply-To: <1348394420-28298-1-git-send-email-stefanha@gmail.com> References: <1348394420-28298-1-git-send-email-stefanha@gmail.com> Subject: [Qemu-devel] [PATCH 10/14] TextConsole: saturate escape parameter in TTY_STATE_CSI List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Anthony Liguori Cc: Stefan Hajnoczi , Laszlo Ersek , qemu-devel@nongnu.org From: Laszlo Ersek Signed-off-by: Laszlo Ersek Reviewed-by: Markus Armbruster Signed-off-by: Stefan Hajnoczi --- console.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/console.c b/console.c index a8bcc42..3f3d254 100644 --- a/console.c +++ b/console.c @@ -938,8 +938,11 @@ static void console_putchar(TextConsole *s, int ch) case TTY_STATE_CSI: /* handle escape sequence parameters */ if (ch >= '0' && ch <= '9') { if (s->nb_esc_params < MAX_ESC_PARAMS) { - s->esc_params[s->nb_esc_params] = - s->esc_params[s->nb_esc_params] * 10 + ch - '0'; + int *param = &s->esc_params[s->nb_esc_params]; + int digit = (ch - '0'); + + *param = (*param <= (INT_MAX - digit) / 10) ? + *param * 10 + digit : INT_MAX; } } else { if (s->nb_esc_params < MAX_ESC_PARAMS) -- 1.7.10.4