[pve-devel] [PATCH vncterm] fix bound checking on cursor move

Dominik Csapak d.csapak at proxmox.com
Fri May 5 14:19:06 CEST 2017 

changing most of the vt struct fields to unsigned, to avoid undefined
behaviour and use gotoxy for moving the cursor to correctly bound check
the cursor position

Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
 vncterm.c | 20 ++++----------------
 vncterm.h | 14 +++++++-------
 2 files changed, 11 insertions(+), 23 deletions(-)

diff --git a/vncterm.c b/vncterm.c
index 3ca00ba..70fccef 100644
--- a/vncterm.c
+++ b/vncterm.c
@@ -1405,10 +1405,7 @@ vncterm_putchar (vncTerm *vt, unicode ch)
       if (vt->esc_buf[0] == 0) {
 	vt->esc_buf[0] = 1;
       }
-      vt->cy -= vt->esc_buf[0];
-      if (vt->cy < 0) {
-	vt->cy = 0;
-      }
+      vncterm_gotoxy (vt, vt->cx, vt->cy - vt->esc_buf[0]);
       break;
     case 'B':
     case 'e':
@@ -1416,10 +1413,7 @@ vncterm_putchar (vncTerm *vt, unicode ch)
       if (vt->esc_buf[0] == 0) {
 	vt->esc_buf[0] = 1;
       }
-      vt->cy += vt->esc_buf[0];
-      if (vt->cy >= vt->height) {
-	vt->cy = vt->height - 1;
-      }
+      vncterm_gotoxy (vt, vt->cx, vt->cy + vt->esc_buf[0]);
       break;
     case 'C':
     case 'a':
@@ -1427,20 +1421,14 @@ vncterm_putchar (vncTerm *vt, unicode ch)
       if (vt->esc_buf[0] == 0) {
 	vt->esc_buf[0] = 1;
       }
-      vt->cx += vt->esc_buf[0];
-      if (vt->cx >= vt->width) {
-	vt->cx = vt->width - 1;
-      }
+      vncterm_gotoxy (vt, vt->cx + vt->esc_buf[0], vt->cy);
       break;
     case 'D':
       /* move cursor left */
       if (vt->esc_buf[0] == 0) {
 	vt->esc_buf[0] = 1;
       }
-      vt->cx -= vt->esc_buf[0];
-      if (vt->cx < 0) {
-	vt->cx = 0;
-      }
+      vncterm_gotoxy (vt, vt->cx - vt->esc_buf[0], vt->cy);
       break;
     case 'G':
     case '`':
diff --git a/vncterm.h b/vncterm.h
index ffb5f21..8f7d837 100644
--- a/vncterm.h
+++ b/vncterm.h
@@ -48,19 +48,19 @@ typedef struct vncTerm {
   // cursor
   TextAttributes cur_attrib;
   TextAttributes cur_attrib_saved;
-  int tty_state; // 0 - normal, 1 - ESC, 2 - CSI
+  unsigned int tty_state; // 0 - normal, 1 - ESC, 2 - CSI
   int cx; // cursor x position
   int cy; // cursor y position
   int cx_saved; // saved cursor x position
   int cy_saved; // saved cursor y position
-  int esc_buf[MAX_ESC_PARAMS];
-  int esc_count;
-  int esc_ques;
-  int esc_has_par;
+  unsigned int esc_buf[MAX_ESC_PARAMS];
+  unsigned int esc_count;
+  unsigned int esc_ques;
+  unsigned int esc_has_par;
   char osc_textbuf[4096];
   char osc_cmd;
-  int region_top;
-  int region_bottom;
+  unsigned int region_top;
+  unsigned int region_bottom;
 
   unsigned int charset:1; // G0 or G1
   unsigned int charset_saved:1; // G0 or G1
-- 
2.11.0

More information about the pve-devel mailing list