From 1584fc227673264661250d3a8d673c168ac9512d Mon Sep 17 00:00:00 2001
From: "Thomas E. Dickey" <dickey@invisible-island.net>
Date: Sun, 30 Jan 2022 19:31:01 +0000
Subject: [PATCH] backport-CVE-2022-14130

---
 COPYING                  |  4 +-
 MANIFEST                 |  2 +-
 graphics_sixel.c         | 26 ++++++++----
 package/debian/copyright |  2 +-
 ptyx.h                   |  6 +--
 terminfo                 | 87 ++++++++++++++++++++++++++--------------
 xterm.appdata.xml        |  2 +-
 xterm.log.html           |  4 +-
 8 files changed, 86 insertions(+), 47 deletions(-)

diff --git a/COPYING b/COPYING
index 0656380..20d1d62 100644
--- a/COPYING
+++ b/COPYING
@@ -1,7 +1,7 @@
---- $XTermId: COPYING,v 1.3 2020/01/12 22:53:35 tom Exp $
+--- $XTermId: COPYING,v 1.5 2022/01/30 19:30:32 tom Exp $
 -------------------------------------------------------------------------------
 
-Copyright 1996-2019,2020 by Thomas E. Dickey
+Copyright 1996-2021,2022 by Thomas E. Dickey
 
                         All Rights Reserved
 
diff --git a/MANIFEST b/MANIFEST
index e7a1b67..1d1996f 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -1,4 +1,4 @@
-MANIFEST for xterm-363, version xterm-363
+MANIFEST for xterm-363, version xterm-370
 --------------------------------------------------------------------------------
 MANIFEST                        this file
 256colres.h                     resource-definitions for 256-color mode
diff --git a/graphics_sixel.c b/graphics_sixel.c
index 304fa8f..6a1b9c8 100644
--- a/graphics_sixel.c
+++ b/graphics_sixel.c
@@ -1,8 +1,8 @@
-/* $XTermId: graphics_sixel.c,v 1.28 2020/08/06 20:32:33 Ben.Wong Exp $ */
+/* $XTermId: graphics_sixel.c,v 1.30 2022/01/30 19:25:32 tom Exp $ */
 
 /*
- * Copyright 2014-2016,2020 by Ross Combs
- * Copyright 2014-2016,2020 by Thomas E. Dickey
+ * Copyright 2014-2021,2022 by Ross Combs
+ * Copyright 2014-2021,2022 by Thomas E. Dickey
  *
  *                         All Rights Reserved
  *
@@ -149,7 +149,7 @@ init_sixel_background(Graphic *graphic, SixelContext const *context)
     graphic->color_registers_used[context->background] = 1;
 }
 
-static void
+static Boolean
 set_sixel(Graphic *graphic, SixelContext const *context, int sixel)
 {
     const int mh = graphic->max_height;
@@ -183,8 +183,10 @@ set_sixel(Graphic *graphic, SixelContext const *context, int sixel)
 	    }
 	} else {
 	    TRACE(("sixel pixel %d out of bounds\n", pix));
+	    return False;
 	}
     }
+    return True;
 }
 
 static void
@@ -462,8 +464,12 @@ parse_sixel(XtermWidget xw, ANSI *params, char const *string)
 		init_sixel_background(graphic, &context);
 		graphic->valid = 1;
 	    }
-	    if (sixel)
-		set_sixel(graphic, &context, sixel);
+	    if (sixel) {
+		if (!set_sixel(graphic, &context, sixel)) {
+		    context.col = 0;
+		    break;
+		}
+	    }
 	    context.col++;
 	} else if (ch == '$') {	/* DECGCR */
 	    /* ignore DECCRNLM in sixel mode */
@@ -531,8 +537,12 @@ parse_sixel(XtermWidget xw, ANSI *params, char const *string)
 	    if (sixel) {
 		int i;
 		for (i = 0; i < Pcount; i++) {
-		    set_sixel(graphic, &context, sixel);
-		    context.col++;
+		    if (set_sixel(graphic, &context, sixel)) {
+			context.col++;
+		    } else {
+			context.col = 0;
+			break;
+		    }
 		}
 	    } else {
 		context.col += Pcount;
diff --git a/package/debian/copyright b/package/debian/copyright
index 1ea0b28..97493e0 100644
--- a/package/debian/copyright
+++ b/package/debian/copyright
@@ -35,7 +35,7 @@ authorization.
 Files: * */*
 License: MIT-X11
 
-Copyright 1996-2019,2020 by Thomas E. Dickey
+Copyright 1996-2021,2022 by Thomas E. Dickey
 
 (date ranges vary, depending on when the respective files were first changed
 significantly, and run through the most recent change date).
diff --git a/ptyx.h b/ptyx.h
index 0d9dc0e..e682f56 100644
--- a/ptyx.h
+++ b/ptyx.h
@@ -1,7 +1,7 @@
-/* $XTermId: ptyx.h,v 1.1026 2020/12/25 15:15:37 tom Exp $ */
+/* $XTermId: ptyx.h,v 1.1047 2022/01/30 19:29:37 tom Exp $ */
 
 /*
- * Copyright 1999-2019,2020 by Thomas E. Dickey
+ * Copyright 1999-2021,2022 by Thomas E. Dickey
  *
  *                         All Rights Reserved
  *
@@ -777,7 +777,7 @@ typedef enum {
 #endif
 
 #ifndef OPT_SHIFT_FONTS
-#define OPT_SHIFT_FONTS 1 /* true if xterm interprets fontsize-shifting */
+#define OPT_STATUS_LINE	0 /* true if xterm supports status-line controls */
 #endif
 
 #ifndef OPT_SUNPC_KBD
diff --git a/terminfo b/terminfo
index 268686e..2aac86b 100644
--- a/terminfo
+++ b/terminfo
@@ -1,10 +1,10 @@
-# $XTermId: terminfo,v 1.190 2020/12/11 09:23:14 tom Exp $
+# $XTermId: terminfo,v 1.202 2022/01/30 19:29:59 tom Exp $
 #
 # Updates/notes/new entries (e.g., xterm-8bit, xterm-16color, xterm-256color)
 # - Thomas E. Dickey
 #
 #------------------------------------------------------------------------------
-# Copyright 1996-2019,2020 by Thomas E. Dickey
+# Copyright 1996-2021,2022 by Thomas E. Dickey
 #
 #                         All Rights Reserved
 #
@@ -147,6 +147,7 @@ xterm-new|modern xterm terminal emulator,
 # Left/right margins are supported in xterm since patch #279 (2012/05/10)
 vt420+lrmm|VT420 left/right margins,
 	mgc=\E[?69l,
+	smglp=\E[?69h\E[%i%p1%ds,
 	smglr=\E[?69h\E[%i%p1%d;%p2%ds,
 
 # These "ansi+XXX" blocks were added in ncurses 5.0:
@@ -920,7 +921,9 @@ xterm+sm+1006|xterm SGR-mouse,
 			l
 		%;,
 	xm=\E[<%i
-		%p3%d;%p1%d;%p2%d;
+		%p3%d;
+		%p1%d;
+		%p2%d;
 		%?
 			%p4
 			%tM
@@ -942,11 +945,13 @@ xterm+x11mouse|X11 xterm mouse protocol,
 	xm=\E[M
 		%?
 			%p4
-			%t%p3
+			%t
+			%p3
 		%e%{3}
 		%;
 		%'\s'%+%c
-		%p2%'!'%+%c%p1%'!'%+%c,
+		%p2%'!'%+%c
+		%p1%'!'%+%c,
 
 # This chunk is used for building the VT220/Sun/PC keyboard variants.
 xterm-basic|modern xterm terminal emulator - common,
@@ -1085,7 +1090,8 @@ xterm-basic|modern xterm terminal emulator - common,
 			%t;4
 		%;
 		%?
-			%p1%p3%|
+			%p1
+			%p3%|
 			%t;7
 		%;
 		%?
@@ -1442,7 +1448,8 @@ xterm-bold|xterm with bold instead of underline (X Window System),
 			%t;1
 		%;
 		%?
-			%p1%p3%|
+			%p1
+			%p3%|
 			%t;7
 		%;
 		m,
@@ -1802,7 +1809,8 @@ xterm-16color|xterm with 16 colors,
 	setab=\E[
 		%?
 			%p1%{8}%<
-			%t%p1%{40}%+
+			%t
+			%p1%{40}%+
 		%e
 			%p1%{92}%+
 		%;
@@ -1810,13 +1818,15 @@ xterm-16color|xterm with 16 colors,
 	setaf=\E[
 		%?
 			%p1%{8}%<
-			%t%p1%{30}%+
+			%t
+			%p1%{30}%+
 		%e
 			%p1%{82}%+
 		%;
 		%dm,
 	setb=
-		%p1%{8}%/%{6}%*%{4}%+\E[%d%p1%{8}%m%Pa
+		%p1%{8}%/%{6}%*%{3}%+\E[%d
+		%p1%{8}%m%Pa
 		%?%ga%{1}%=
 			%t4
 		%e%ga%{3}%=
@@ -1869,15 +1879,20 @@ xterm+256color|original xterm 256-color feature,
 	colors#0x100,
 	pairs#0x10000,
 	initc=\E]4;
-		%p1%d;rgb\:%p2%{255}%*%{1000}%/%2.2X/%p3%{255}%*%{1000}%/%2.2X/%p4%{255}%*%{1000}%/%2.2X\E\\,
+		%p1%d;rgb:
+		%p2%{255}%*%{1000}%/%2.2X/
+		%p3%{255}%*%{1000}%/%2.2X/
+		%p4%{255}%*%{1000}%/%2.2X\E\\,
 	oc=\E]104\007,
 	setab=\E[
 		%?
 			%p1%{8}%<
-			%t4%p1%d
+			%t4
+			%p1%d
 		%e
 			%p1%{16}%<
-			%t10%p1%{8}%-%d
+			%t10
+			%p1%{8}%-%d
 		%e48;5;
 			%p1%d
 		%;
@@ -1885,10 +1900,12 @@ xterm+256color|original xterm 256-color feature,
 	setaf=\E[
 		%?
 			%p1%{8}%<
-			%t3%p1%d
+			%t3
+			%p1%d
 		%e
 			%p1%{16}%<
-			%t9%p1%{8}%-%d
+			%t9
+			%p1%{8}%-%d
 		%e38;5;
 			%p1%d
 		%;
@@ -1899,22 +1916,26 @@ xterm+256color2|xterm 256-color feature,
 	setab=\E[
 		%?
 			%p1%{8}%<
-			%t4%p1%d
+			%t4
+			%p1%d
 		%e
 			%p1%{16}%<
-			%t10%p1%{8}%-%d
-		%e48\:5\:
+			%t10
+			%p1%{8}%-%d
+		%e48:5:
 			%p1%d
 		%;
 		m,
 	setaf=\E[
 		%?
 			%p1%{8}%<
-			%t3%p1%d
+			%t3
+			%p1%d
 		%e
 			%p1%{16}%<
-			%t9%p1%{8}%-%d
-		%e38\:5\:
+			%t9
+			%p1%{8}%-%d
+		%e38:5:
 			%p1%d
 		%;
 		m,
@@ -1950,17 +1971,23 @@ xterm+direct|xterm with direct-color indexing,
 	setab=\E[
 		%?
 			%p1%{8}%<
-			%t4%p1%d
-		%e48\:2\:\:
-			%p1%{65536}%/%d\:%p1%{256}%/%{255}%&%d\:%p1%{255}%&%d
+			%t4
+			%p1%d
+		%e48:2::
+			%p1%{65536}%/%d:
+			%p1%{256}%/%{255}%&%d:
+			%p1%{255}%&%d
 		%;
 		m,
 	setaf=\E[
 		%?
 			%p1%{8}%<
-			%t3%p1%d
-		%e38\:2\:\:
-			%p1%{65536}%/%d\:%p1%{256}%/%{255}%&%d\:%p1%{255}%&%d
+			%t3
+			%p1%d
+		%e38:2::
+			%p1%{65536}%/%d:
+			%p1%{256}%/%{255}%&%d:
+			%p1%{255}%&%d
 		%;
 		m,
 	setb@,
@@ -2143,7 +2170,8 @@ xterm-8bit|xterm terminal emulator with 8-bit controls (X Window System),
 		%;
 		%?
 			%p1%p3%|
-			%t;7
+			%p1
+			%p3%|
 		%;
 		%?
 			%p4
@@ -2370,7 +2398,8 @@ xterm-xf86-v44|xterm terminal emulator (XFree86 4.4 Window System),
 			%t;4
 		%;
 		%?
-			%p1%p3%|
+			%p1
+			%p3%|
 			%t;7
 		%;
 		%?
diff --git a/xterm.appdata.xml b/xterm.appdata.xml
index cd9ab6e..f4e8fbe 100644
--- a/xterm.appdata.xml
+++ b/xterm.appdata.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!-- Copyright 2014-2019,2020 Thomas Dickey <dickey@invisible-island.net> -->
+<!-- Copyright 2014-2021,2022 Thomas Dickey <dickey@invisible-island.net> -->
 <component type="desktop">
   <id>xterm.desktop</id>
   <metadata_license>CC-BY-3.0</metadata_license>
diff --git a/xterm.log.html b/xterm.log.html
index 3d5ed4c..8433c6e 100644
--- a/xterm.log.html
+++ b/xterm.log.html
@@ -30,7 +30,7 @@
  * sale, use or other dealings in this Software without prior written        *
  * authorization.                                                            *
  *****************************************************************************
-  $XTermId: xterm.log.html,v 1.2289 2020/12/26 15:38:13 tom Exp $
+ $XTermId: xterm.log.html,v 1.2384 2022/01/30 19:30:18 tom Exp $
   -->
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">
 <html>
@@ -50,7 +50,7 @@
 <body>
   <hr>
 
-  <p>Copyright &copy; 1997-2019,2020 by <a href=
+  <p>Copyright &copy; 1997-2021,2022 by <a href=
   "mailto:dickey@invisible-island.net">Thomas E. Dickey</a></p>
 
   <hr>
-- 
2.27.0