[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [screen-devel] GNU Screen v.4.8.0

From: Václav Doležal
Subject: Re: [screen-devel] GNU Screen v.4.8.0
Date: Thu, 13 Feb 2020 10:57:38 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2


Dne 05. 02. 20 v 21:45 Amadeusz Sławiński napsal(a):
> As last fix, fixes potential memory overwrite of quite big size (~768
> bytes), and even though I'm not sure about potential exploitability of
> that issue, I highly recommend everyone to upgrade as soon as possible.
> This issue is present at least since v.4.2.0 (haven't checked earlier).
> Thanks to pippin who brought this to my attention.

if I see correctly, this issue was introduced in v.4.7.0 in commit
  c5db181 ansi: add support for xterm OSC 11

note the deletion of
if (--typ2 < 0)
  typ2 = 0;

At least I can't reproduce this issue on v.4.6.2.

Václav Doležal

reply via email to

[Prev in Thread] Current Thread [Next in Thread]