[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 5b8541: console: fix cell overflow
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-commits] [qemu/qemu] 5b8541: console: fix cell overflow |
|
Date: |
Thu, 04 Jul 2019 09:11:51 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 5b8541c6c70db776d0701bb5ce5862ae15779fb5
https://github.com/qemu/qemu/commit/5b8541c6c70db776d0701bb5ce5862ae15779fb5
Author: Gerd Hoffmann <address@hidden>
Date: 2019-07-03 (Wed, 03 Jul 2019)
Changed paths:
M ui/console.c
Log Message:
-----------
console: fix cell overflow
Linux terminal behavior (coming from vt100 I think) is somewhat strange
when it comes to line wraps: When a character is printed to the last
char cell of a line the cursor does NOT jump to the next line but stays
where it is. The line feed happens when the next character is printed.
So the valid range for the cursor position is not 0 .. width-1 but
0 .. width, where x == width represents the state where the line is
full but the cursor didn't jump to the next line yet.
The code for the 'clear from start of line' control sequence (ESC[1K)
fails to handle this corner case correctly and may call
console_clear_xy() with x == width. That will incorrectly clear the
first char cell of the next line, or in case the cursor happens to be on
the last line overflow the cell buffer by one character (three bytes).
Add a check to the loop to fix that.
Didn't spot any other places with the same problem. But it's easy to
miss that corner case, so also allocate one extra cell as precaution, so
in case we have simliar issues lurking elsewhere it at least wouldn't be
a buffer overflow.
v2: squashed in additional checks suggested by Christophe de Dinechin.
Reported-by: Alexander Oleinik <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Christophe de Dinechin <address@hidden>
Message-id: address@hidden
Commit: c3e1d838cfa5aac1a6210c8ddf182d0ef7d95dd8
https://github.com/qemu/qemu/commit/c3e1d838cfa5aac1a6210c8ddf182d0ef7d95dd8
Author: Peter Maydell <address@hidden>
Date: 2019-07-04 (Thu, 04 Jul 2019)
Changed paths:
M ui/console.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/kraxel/tags/ui-20190704-pull-request'
into staging
ui: terminal emulation fix.
# gpg: Signature made Thu 04 Jul 2019 08:04:31 BST
# gpg: using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <address@hidden>" [full]
# gpg: aka "Gerd Hoffmann <address@hidden>" [full]
# gpg: aka "Gerd Hoffmann (private) <address@hidden>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138
* remotes/kraxel/tags/ui-20190704-pull-request:
console: fix cell overflow
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/234e256511e5...c3e1d838cfa5
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 5b8541: console: fix cell overflow,
Peter Maydell <=