diff options
| author | ed <ed@FreeBSD.org> | 2015-09-14 09:12:28 +0000 |
|---|---|---|
| committer | ed <ed@FreeBSD.org> | 2015-09-14 09:12:28 +0000 |
| commit | 20b0edd21b38b16dcf60f6e49b50506e4dd82bbe (patch) | |
| tree | 79e595b2854d93d7666b536e800f444653237bc8 /sys/dev | |
| parent | 95285c2f6de264d18e28b5b0cd636a1708dd4b75 (diff) | |
| download | FreeBSD-src-20b0edd21b38b16dcf60f6e49b50506e4dd82bbe.zip FreeBSD-src-20b0edd21b38b16dcf60f6e49b50506e4dd82bbe.tar.gz | |
MFC r286798 and r286827:
Stop parsing digits if the value already exceeds UINT_MAX / 100.
There is no need for us to support parsing values that are larger than
the maximum terminal window size. In this case that would be the maximum
of unsigned short.
The problem with parsing larger values is that they can cause integer
overflows when adjusting the cursor position, leading to all sorts of
failing assertions.
MFC r286981 and r287098:
Don't truncate cursor arithmetic to 16 bits.
When updating the row number when the cursor position escape sequence is
issued, we should make sure to store the intermediate result in a 32-bit
integer. If we fail to do this, the cursor may be set above the origin
region, which is bad.
This could cause libteken to crash when INVARIANTS is enabled, due to
the strict set of assertions that libteken has.
PR: 202326, 202540, 202612
Submitted by: kwcu csie org
Diffstat (limited to 'sys/dev')
0 files changed, 0 insertions, 0 deletions
