qemu/ui
Gerd Hoffmann 5b8541c6c7 console: fix cell overflow
Linux terminal behavior (coming from vt100 I think) is somewhat strange
when it comes to line wraps:  When a character is printed to the last
char cell of a line the cursor does NOT jump to the next line but stays
where it is.  The line feed happens when the next character is printed.

So the valid range for the cursor position is not 0 .. width-1 but
0 .. width, where x == width represents the state where the line is
full but the cursor didn't jump to the next line yet.

The code for the 'clear from start of line' control sequence (ESC[1K)
fails to handle this corner case correctly and may call
console_clear_xy() with x == width.  That will incorrectly clear the
first char cell of the next line, or in case the cursor happens to be on
the last line overflow the cell buffer by one character (three bytes).

Add a check to the loop to fix that.

Didn't spot any other places with the same problem.  But it's easy to
miss that corner case, so also allocate one extra cell as precaution, so
in case we have simliar issues lurking elsewhere it at least wouldn't be
a buffer overflow.

v2: squashed in additional checks suggested by Christophe de Dinechin.

Reported-by: Alexander Oleinik <alxndr@bu.edu>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Christophe de Dinechin <dinechin@redhat.com>
Message-id: 20190701075301.14165-1-kraxel@redhat.com
2019-07-03 10:57:12 +02:00
..
icons ui: install logo icons to $prefix/share/icons 2019-01-21 09:43:13 +01:00
keycodemapdb@6b3d716e2b ui: update keycodemapdb to get py3 fixes 2018-02-05 19:53:55 -02:00
shader opengl: add flipping vertex shader 2017-10-17 10:25:42 +02:00
Makefile.objs iconv: detect and make curses depend on it 2019-03-13 08:29:01 +01:00
cocoa.m ui/cocoa: Fix mouse grabbing in fullscreen mode for relative input device 2019-06-13 11:23:22 +01:00
console-gl.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
console.c console: fix cell overflow 2019-07-03 10:57:12 +02:00
curses.c Include qemu/module.h where needed, drop it from qemu-common.h 2019-06-12 13:18:33 +02:00
curses_keys.h curses: support wide input 2019-03-11 08:39:02 +01:00
cursor.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
cursor_hidden.xpm ui: move files to ui/ and include/ui/ 2012-12-19 08:31:30 +01:00
cursor_left_ptr.xpm ui: move files to ui/ and include/ui/ 2012-12-19 08:31:30 +01:00
egl-context.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
egl-headless.c Include qemu/module.h where needed, drop it from qemu-common.h 2019-06-12 13:18:33 +02:00
egl-helpers.c egl-helpers: add modifier support to egl_dmabuf_import_texture() 2019-06-07 11:52:35 +02:00
gtk-egl.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
gtk-gl-area.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
gtk.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
input-keymap.c ui: darwin: gtk: Add missing input keymap 2018-06-14 09:52:23 +02:00
input-legacy.c ui: use local path for local headers 2018-06-01 19:20:38 +03:00
input-linux.c Include qemu/module.h where needed, drop it from qemu-common.h 2019-06-12 13:18:33 +02:00
input.c input: avoid malloc for mouse events 2019-01-14 11:04:35 +00:00
kbd-state.c kbd-state: fix autorepeat handling 2019-05-17 13:21:40 +02:00
keymaps.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
keymaps.h Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
qemu-pixman.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
qemu-x509.h ui: move files to ui/ and include/ui/ 2012-12-19 08:31:30 +01:00
qemu.desktop ui: fix icon display for GTK frontend under GNOME Shell with Wayland 2019-01-21 09:43:13 +01:00
sdl2-2d.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
sdl2-gl.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
sdl2-input.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
sdl2.c Include qemu/module.h where needed, drop it from qemu-common.h 2019-06-12 13:18:33 +02:00
shader.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
spice-app.c Include qemu/module.h where needed, drop it from qemu-common.h 2019-06-12 13:18:33 +02:00
spice-core.c Include qemu/module.h where needed, drop it from qemu-common.h 2019-06-12 13:18:33 +02:00
spice-display.c egl-helpers: add modifier support to egl_get_fd_for_texture(). 2019-06-07 11:52:35 +02:00
spice-input.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
trace-events trace-events: Fix attribution of trace points to source 2019-03-22 16:18:07 +00:00
vgafont.h ui: move files to ui/ and include/ui/ 2012-12-19 08:31:30 +01:00
vnc-auth-sasl.c authz: delete existing ACL implementation 2019-02-26 15:32:19 +00:00
vnc-auth-sasl.h authz: delete existing ACL implementation 2019-02-26 15:32:19 +00:00
vnc-auth-vencrypt.c authz: delete existing ACL implementation 2019-02-26 15:32:19 +00:00
vnc-auth-vencrypt.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
vnc-enc-hextile-template.h ui: vnc: finish removing TABs 2019-02-05 16:50:18 +01:00
vnc-enc-hextile.c ui: Clean up includes 2016-02-04 17:01:04 +00:00
vnc-enc-tight.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
vnc-enc-tight.h Clean up header guards that don't match their file name 2016-07-12 16:19:16 +02:00
vnc-enc-zlib.c ui: Clean up includes 2016-02-04 17:01:04 +00:00
vnc-enc-zrle.c rename included C files to foo.inc.c, remove osdep.h 2018-05-11 14:33:40 +02:00
vnc-enc-zrle.h Clean up header guards that don't match their file name 2016-07-12 16:19:16 +02:00
vnc-enc-zrle.inc.c rename included C files to foo.inc.c, remove osdep.h 2018-05-11 14:33:40 +02:00
vnc-enc-zywrle-template.c avoid TABs in files that only contain a few 2019-01-11 15:46:56 +01:00
vnc-enc-zywrle.h ui: vnc: finish removing TABs 2019-02-05 16:50:18 +01:00
vnc-jobs.c vnc: fix memleak of the "vnc-worker-output" name 2018-08-24 08:40:10 +02:00
vnc-jobs.h ui/vnc: Drop unused vnc_has_job() and vnc_jobs_clear() 2017-02-08 14:59:36 +01:00
vnc-palette.c all: Remove unnecessary glib.h includes 2016-06-07 18:19:24 +03:00
vnc-palette.h Include qapi/qmp/qlist.h exactly where needed 2018-02-09 13:52:15 +01:00
vnc-stubs.c vnc: add qapi/error.h include to stubs 2018-02-16 12:23:21 +01:00
vnc-ws.c authz: delete existing ACL implementation 2019-02-26 15:32:19 +00:00
vnc-ws.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
vnc.c Include qemu/module.h where needed, drop it from qemu-common.h 2019-06-12 13:18:33 +02:00
vnc.h Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
vnc_keysym.h ui: add next and prior keysyms 2017-07-27 14:23:09 +02:00
x_keymap.c ui: fix keymap detection under Xwayland 2018-04-10 11:21:54 +02:00
x_keymap.h ui: convert GTK and SDL1 frontends to keycodemapdb 2018-01-25 15:02:00 +01:00