mirrors/foot
1
0
Fork 0
mirror of https://codeberg.org/dnkl/foot.git synced 2026-05-29 21:38:03 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

sixel: clamp max width/height in 'CSI ? 2 ; 3 ; W ; H S'

Browse source 
This ensures the user cannot raise the maximum sixel size, where
width*height cannot be represented as an integer.

Note, we should consider moving all sixel width/height variables from
int to size_t. But, since it doesn't make any sense with overly large
sixel images, clamping the max width/height is enough. Add a
static_assert() that checks SIXEL_MAX_WIDTH * SIXEL_MAX_HEIGHT doesn't
overflow.

Closes #2343
This commit is contained in:
Daniel Eklöf 2026-05-22 11:18:15 +02:00
parent 4bf60d0fbc
commit 92187d2e4e
No known key found for this signature in database
GPG key ID: 5BBD4992C116573F
3 changed files with 14 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

3
CHANGELOG.md
View file

@ -82,10 +82,13 @@
* DECCRA not clamping or verifying the destination rectangle
([#2352][2352]).
* Empty selection clearing the clipboard ([#2327][2327]).
* Sixel image max size not clamped, causing foot to crash on very
large sixel images ([#2343][2343]).
[2353]: https://codeberg.org/dnkl/foot/issues/2353
[2352]: https://codeberg.org/dnkl/foot/issues/2352
[2327]: https://codeberg.org/dnkl/foot/issues/2327
[2343]: https://codeberg.org/dnkl/foot/issues/2343
### Security

8
sixel.c
View file

@ -2207,9 +2207,11 @@ sixel_geometry_reset(struct terminal *term)
void
sixel_geometry_set(struct terminal *term, unsigned width, unsigned height)
{
LOG_DBG("sixel geometry set to %ux%u", width, height);
term->sixel.max_width = width;
term->sixel.max_height = height;
const unsigned new_width = min(width, SIXEL_MAX_WIDTH);
const unsigned new_height = min(height, SIXEL_MAX_HEIGHT);
LOG_DBG("sixel geometry set to %ux%u", new_width, new_height);
term->sixel.max_width = new_width;
term->sixel.max_height = new_height;
sixel_geometry_report_current(term);
}

8
sixel.h
View file

@ -2,10 +2,14 @@
#include "terminal.h"
#define SIXEL_MAX_COLORS 1024u
#define SIXEL_MAX_WIDTH 10000u
#define SIXEL_MAX_COLORS 1024u
#define SIXEL_MAX_WIDTH 10000u
#define SIXEL_MAX_HEIGHT 10000u
static_assert(SIXEL_MAX_WIDTH * SIXEL_MAX_HEIGHT ==
(size_t)SIXEL_MAX_WIDTH * SIXEL_MAX_HEIGHT,
"sixel max size triggers integer overflow");
typedef void (*sixel_put)(struct terminal *term, uint8_t c);
void sixel_fini(struct terminal *term);