Avoid buffer overrun in kpress() and remove limit on shortcut strings.
authorMark Edgar <medgar123@gmail.com>
Sat, 5 Oct 2013 09:45:44 +0000 (11:45 +0200)
committerRoberto E. Vargas Caballero <k0ga@shike2.com>
Mon, 7 Oct 2013 19:03:51 +0000 (21:03 +0200)
st.c

diff --git a/st.c b/st.c
index 331509fdb6834ca10f97b6c81a1be4332f94c56d..16bf68bf04804ab651140c71f24e6361bf81fd66 100644 (file)
--- a/st.c
+++ b/st.c
@@ -264,7 +264,7 @@ typedef struct {
 typedef struct {
        KeySym k;
        uint mask;
-       char s[ESC_BUF_SIZ];
+       char *s;
        /* three valued logic variables: 0 indifferent, 1 on, -1 off */
        signed char appkey;    /* application keypad */
        signed char appcursor; /* application cursor */
@@ -3585,26 +3585,27 @@ kpress(XEvent *ev) {
        /* 2. custom keys from config.h */
        if((customkey = kmap(ksym, e->state))) {
                len = strlen(customkey);
-               memcpy(buf, customkey, len);
-       /* 3. composed string from input method */
-       } else {
-               if(len == 0)
-                       return;
+               ttywrite(customkey, len);
+               if(IS_SET(MODE_ECHO))
+                       techo(customkey, len);
+               return;
+       }
 
-               if(len == 1 && e->state & Mod1Mask) {
-                       if(IS_SET(MODE_8BIT)) {
-                               if(*buf < 0177) {
-                                       c = *buf | 0x80;
-                                       len = utf8encode(&c, buf);
-                               }
-                       } else {
-                               buf[1] = buf[0];
-                               buf[0] = '\033';
-                               len = 2;
+       /* 3. composed string from input method */
+       if(len == 0)
+               return;
+       if(len == 1 && e->state & Mod1Mask) {
+               if(IS_SET(MODE_8BIT)) {
+                       if(*buf < 0177) {
+                               c = *buf | 0x80;
+                               len = utf8encode(&c, buf);
                        }
+               } else {
+                       buf[1] = buf[0];
+                       buf[0] = '\033';
+                       len = 2;
                }
        }
-
        ttywrite(buf, len);
        if(IS_SET(MODE_ECHO))
                techo(buf, len);