| Andrew Geissler | 6aa7eec | 2023-03-03 12:41:14 -0600 | [diff] [blame^] | 1 | CVE: CVE-2022-46663 |
| 2 | Upstream-Status: Backport |
| 3 | Signed-off-by: Ross Burton <ross.burton@arm.com> |
| 4 | |
| 5 | From a78e1351113cef564d790a730d657a321624d79c Mon Sep 17 00:00:00 2001 |
| 6 | From: Mark Nudelman <markn@greenwoodsoftware.com> |
| 7 | Date: Fri, 7 Oct 2022 19:25:46 -0700 |
| 8 | Subject: [PATCH] End OSC8 hyperlink on invalid embedded escape sequence. |
| 9 | |
| 10 | --- |
| 11 | line.c | 4 ++-- |
| 12 | 1 file changed, 2 insertions(+), 2 deletions(-) |
| 13 | |
| 14 | diff --git a/line.c b/line.c |
| 15 | index 236c49ae..cba7bdd1 100644 |
| 16 | --- a/line.c |
| 17 | +++ b/line.c |
| 18 | @@ -633,8 +633,8 @@ ansi_step(pansi, ch) |
| 19 | /* Hyperlink ends with \7 or ESC-backslash. */ |
| 20 | if (ch == '\7') |
| 21 | return ANSI_END; |
| 22 | - if (pansi->prev_esc && ch == '\\') |
| 23 | - return ANSI_END; |
| 24 | + if (pansi->prev_esc) |
| 25 | + return (ch == '\\') ? ANSI_END : ANSI_ERR; |
| 26 | pansi->prev_esc = (ch == ESC); |
| 27 | return ANSI_MID; |
| 28 | } |