From 6613abc26a853293c12f4e146a27606f02c8dd03 Mon Sep 17 00:00:00 2001
From: Andreas Henriksson <andreas@fatal.se>
Date: Mon, 28 May 2018 21:19:22 +0200
Subject: [PATCH] setmetamode: use unsigned int type for KDGKBMETA / KDSKBMETA

alsauser@pragmasoft.com reported that he detected a stack smash
and analyzed the problem as allocating too little space for
the resulting put_user after calling ioctl KDGKBMETA.
The ometa variable should be defined as unsigned int.

While at it and for correctness, also nmeta and thus the
val member of the struct meta where changed to unsigned
int as it seems the kernel wants to take this type
(but should be harmless to use char).

Original bug report at https://bugs.debian.org/872623
---
 src/setmetamode.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/setmetamode.c b/src/setmetamode.c
index 8d75b94..adec0e9 100644
--- a/src/setmetamode.c
+++ b/src/setmetamode.c
@@ -50,7 +50,7 @@ report(int meta)
 
 struct meta {
 	char *name;
-	int val;
+	unsigned int val;
 } metas[] = {
 	{ "metabit", K_METABIT },
 	{ "meta", K_METABIT },
@@ -64,7 +64,7 @@ struct meta {
 
 int main(int argc, char **argv)
 {
-	char ometa, nmeta;
+	unsigned int ometa, nmeta;
 	struct meta *mp;
 
 	set_progname(argv[0]);
-- 
2.21.0.windows.1