Commit feeee4b5 authored by Christian Persch's avatar Christian Persch
Browse files

emulation: Limit integer arguments to 65535

To guard against malicious sequences containing excessively big numbers,
limit all parsed numbers to 16 bit range. Doing this here in the parsing
routine is a catch-all guard; this doesn't preclude enforcing
more stringent limits in the handlers themselves.

https://bugzilla.gnome.org/show_bug.cgi?id=676090
parent a9d6a347
......@@ -550,7 +550,7 @@ _vte_table_extract_numbers(GValueArray **array,
if (G_UNLIKELY (*array == NULL)) {
*array = g_value_array_new(1);
}
g_value_set_long(&value, total);
g_value_set_long(&value, CLAMP (total, 0, G_MAXUSHORT));
g_value_array_append(*array, &value);
} while (i++ < arginfo->length);
g_value_unset(&value);
......
......@@ -557,7 +557,7 @@ vte_sequence_handler_multiple(VteTerminal *terminal,
GValueArray *params,
VteTerminalSequenceHandler handler)
{
vte_sequence_handler_multiple_limited(terminal, params, handler, G_MAXLONG);
vte_sequence_handler_multiple_limited(terminal, params, handler, G_MAXUSHORT);
}
static void
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment