[Qemu-devel] [PATCH] TextConsole: saturate escape parameter in TTY_STATE

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] [PATCH] TextConsole: saturate escape parameter in TTY_STATE_CSI
@ 2012-09-17  9:10 Laszlo Ersek
  2012-09-17 11:56 ` Markus Armbruster
  2012-09-22 16:13 ` [Qemu-devel] [Qemu-trivial] " Stefan Hajnoczi
  0 siblings, 2 replies; 3+ messages in thread
From: Laszlo Ersek @ 2012-09-17  9:10 UTC (permalink / raw)
  To: qemu-devel, qemu-trivial, armbru, lersek

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
---
 Build tested.
 console.c |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/console.c b/console.c
index c1ed5e0..67080f4 100644
--- a/console.c
+++ b/console.c
@@ -938,8 +938,11 @@ static void console_putchar(TextConsole *s, int ch)
     case TTY_STATE_CSI: /* handle escape sequence parameters */
         if (ch >= '0' && ch <= '9') {
             if (s->nb_esc_params < MAX_ESC_PARAMS) {
-                s->esc_params[s->nb_esc_params] =
-                    s->esc_params[s->nb_esc_params] * 10 + ch - '0';
+                int *param = &s->esc_params[s->nb_esc_params];
+                int digit = (ch - '0');
+
+                *param = (*param <= (INT_MAX - digit) / 10) ?
+                         *param * 10 + digit : INT_MAX;
             }
         } else {
             if (s->nb_esc_params < MAX_ESC_PARAMS)
-- 
1.7.1

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] [PATCH] TextConsole: saturate escape parameter in TTY_STATE_CSI
  2012-09-17  9:10 [Qemu-devel] [PATCH] TextConsole: saturate escape parameter in TTY_STATE_CSI Laszlo Ersek
@ 2012-09-17 11:56 ` Markus Armbruster
  2012-09-22 16:13 ` [Qemu-devel] [Qemu-trivial] " Stefan Hajnoczi
  1 sibling, 0 replies; 3+ messages in thread
From: Markus Armbruster @ 2012-09-17 11:56 UTC (permalink / raw)
  To: Laszlo Ersek; +Cc: qemu-trivial, qemu-devel

Laszlo Ersek <lersek@redhat.com> writes:

> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
> ---
>  Build tested.
>  console.c |    7 +++++--
>  1 files changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/console.c b/console.c
> index c1ed5e0..67080f4 100644
> --- a/console.c
> +++ b/console.c
> @@ -938,8 +938,11 @@ static void console_putchar(TextConsole *s, int ch)
>      case TTY_STATE_CSI: /* handle escape sequence parameters */
>          if (ch >= '0' && ch <= '9') {
>              if (s->nb_esc_params < MAX_ESC_PARAMS) {
> -                s->esc_params[s->nb_esc_params] =
> -                    s->esc_params[s->nb_esc_params] * 10 + ch - '0';
> +                int *param = &s->esc_params[s->nb_esc_params];
> +                int digit = (ch - '0');
> +
> +                *param = (*param <= (INT_MAX - digit) / 10) ?
> +                         *param * 10 + digit : INT_MAX;
>              }
>          } else {
>              if (s->nb_esc_params < MAX_ESC_PARAMS)

Before this patch, silent integer overflow.  Exact behavior depends on
hosts int type.  For instance, \e[4294967296 is the same as \e[0 with 32
bit int, but with 64 bit int.

What does a real vt100 do?  I don't have one anymore.  For what it's
worth, both xterm and Xfce Terminal appear to saturate at some "big"
number ("big" compared to the argument values that are actually useful;
INT_MAX should do fine).  In particular, \e[4294967296 does *not* behave
like \e[0.

Therefore, changing QEMU to saturate makes sense.

Reviewed-by: Markus Armbruster <armbru@redhat.com>

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] [Qemu-trivial] [PATCH] TextConsole: saturate escape parameter in TTY_STATE_CSI
  2012-09-17  9:10 [Qemu-devel] [PATCH] TextConsole: saturate escape parameter in TTY_STATE_CSI Laszlo Ersek
  2012-09-17 11:56 ` Markus Armbruster
@ 2012-09-22 16:13 ` Stefan Hajnoczi
  1 sibling, 0 replies; 3+ messages in thread
From: Stefan Hajnoczi @ 2012-09-22 16:13 UTC (permalink / raw)
  To: Laszlo Ersek; +Cc: qemu-trivial, qemu-devel, armbru

On Mon, Sep 17, 2012 at 11:10:03AM +0200, Laszlo Ersek wrote:
> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
> ---
>  Build tested.
>  console.c |    7 +++++--
>  1 files changed, 5 insertions(+), 2 deletions(-)

Thanks, applied to the trivial patches tree:
https://github.com/stefanha/qemu/commits/trivial-patches

Stefan

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2012-09-22 16:13 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-09-17  9:10 [Qemu-devel] [PATCH] TextConsole: saturate escape parameter in TTY_STATE_CSI Laszlo Ersek
2012-09-17 11:56 ` Markus Armbruster
2012-09-22 16:13 ` [Qemu-devel] [Qemu-trivial] " Stefan Hajnoczi

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).