1
0
Fork 0
mirror of git://git.code.sf.net/p/cdesktopenv/code synced 2025-03-09 15:50:02 +00:00

emacs: fix crash due to read before start of buffer

It's amazing what can happen when you compile ksh using standard
malloc (i.e. with AST vmalloc disabled) on OpenBSD. Its security
hardening provokes crashes that reveal decades-old unsolved bugs.
This one is an attempt to access one byte before the beginning of
the command line buffer when the cursor is at the beginning of it.
On this system configuration, it provoked an instant crash whenever
you moved the cursor back to the beginning of the command line,
e.g. with ^A or the cursor keys.

src/cmd/ksh93/edit/emacs.c: draw():
- Check that the cursor is actually past the first position of the
  command line buffer before trying to read the position
  immediately before it. If not, zero the value.
This commit is contained in:
Martijn Dekker 2021-02-20 21:09:01 +00:00
parent 500757d78b
commit 9ccb9572f3

View file

@ -1445,7 +1445,10 @@ static void draw(register Emacs_t *ep,Draw_t option)
*****************************************/
i = *(logcursor-1); /* last character inserted */
if(logcursor > sptr)
i = *(logcursor-1); /* last character inserted */
else
i = 0;
#if SHOPT_EDPREDICT
if(option==FINAL)
{