aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHiltjo Posthuma <hiltjo@codemadness.org>2022-10-25 17:11:11 +0200
committerHiltjo Posthuma <hiltjo@codemadness.org>2022-10-25 17:11:11 +0200
commite5e959835b195c023d1f685ef4dbbcfc3b5120b2 (patch)
treeb289ec06a3774611210e1f2a5dc1581b1d3cdae6
parent68d1ad9b54e952e3079356aeab8ab37e44c56c2c (diff)
downloadst-e5e959835b195c023d1f685ef4dbbcfc3b5120b2.tar.zst
fix buffer overflow when handling long composed input
To reproduce the issue: " If you already have the multi-key enabled on your system, then add this line to your ~/.XCompose file: [...] <question> <T> <E> <S> <T> <question> : "1234567890123456789012345678901234567890123456789012345678901234567890" " Reported by and an initial patch by Andy Gozas <andy@gozas.me>, thanks! Adapted the patch, for now st (like dmenu) handles a fixed amount of composed characters, or otherwise ignores it. This is done for simplicity sake.
-rw-r--r--x.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/x.c b/x.c
index 2a3bd38..aa09997 100644
--- a/x.c
+++ b/x.c
@@ -1833,7 +1833,7 @@ void
kpress(XEvent *ev)
{
XKeyEvent *e = &ev->xkey;
- KeySym ksym;
+ KeySym ksym = NoSymbol;
char buf[64], *customkey;
int len;
Rune c;
@@ -1843,10 +1843,13 @@ kpress(XEvent *ev)
if (IS_SET(MODE_KBDLOCK))
return;
- if (xw.ime.xic)
+ if (xw.ime.xic) {
len = XmbLookupString(xw.ime.xic, e, buf, sizeof buf, &ksym, &status);
- else
+ if (status == XBufferOverflow)
+ return;
+ } else {
len = XLookupString(e, buf, sizeof buf, &ksym, NULL);
+ }
/* 1. shortcuts */
for (bp = shortcuts; bp < shortcuts + LEN(shortcuts); bp++) {
if (ksym == bp->keysym && match(bp->mod, e->state)) {