mirrors/foot
1
0
Fork 0
mirror of https://codeberg.org/dnkl/foot.git synced 2026-02-05 04:06:08 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

url-mode: abort when running into un-allocated scrollback memory

Browse source 
When tagging URL cells (in preparation for rendering URL mode), we
loop the URL’s entire range, setting the `url` attribute of all cells,
and dirtying the rows.

It is possible to create URLs that are invalid, and wrap around the
scrollback, even though the scrollback hasn’t yet been filled. For
example, by starting an OSC-8 URL, moving the cursor, and then closing
the OSC-8 URL.

These URLs are invalid, but are still rendered just fine. “Fine” being
relative - they will typically fill the entire screen. But at least
that’s a very clear indication for the user that’s something is wrong.

The problem is when we hit un-allocated scrollback rows. We didn’t
check for NULL rows, and crashed.

This has now been fixed.
This commit is contained in:
Daniel Eklöf 2021-07-11 11:31:11 +02:00
parent d22ba73c41
commit f030c87ee6
No known key found for this signature in database
GPG key ID: 5BBD4992C116573F
2 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
CHANGELOG.md
View file

@ -53,6 +53,8 @@
URLs.
* Double free of URL while removing duplicated and/or overlapping URLs
in URL mode (https://codeberg.org/dnkl/foot/issues/627).
* Crash when an unclosed OSC-8 URL ran into un-allocated scrollback
rows.
### Security

5
url-mode.c
View file

@ -654,6 +654,11 @@ tag_cells_for_url(struct terminal *term, const struct url *url, bool value)
c = 0;
row = term->grid->rows[r];
if (row == NULL) {
/* Un-allocated scrollback. This most likely means a
* runaway OSC-8 URL. */
break;
}
row->dirty = true;
}
}