editors/tweak: Fix buffer overflow in 'unknown key sequence' error report.

From upstream commit ad97e1337e1e1df934b7f3674fa6c9f7e8eb603f.
author: fcambus <fcambus@pkgsrc.org> 2021-11-01 21:33:26 +0000
committer: fcambus <fcambus@pkgsrc.org> 2021-11-01 21:33:26 +0000
commit: 6ebef373e8fd87f2a4e5e44c4830a77d9862f462 (patch)
tree: 76b364516b1be0e809c1b3cd4aa6889aad1845d3 /editors
parent: b80e1d7157160c3ee500c3ebb78b657d45305920 (diff)
download: pkgsrc-6ebef373e8fd87f2a4e5e44c4830a77d9862f462.tar.gz
3 files changed, 100 insertions, 2 deletions
diff --git a/editors/tweak/Makefile b/editors/tweak/Makefile
index 989ab2600ff..5f8e7657b47 100644
--- a/editors/tweak/Makefile
+++ b/editors/tweak/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.6 2021/01/10 11:20:17 fcambus Exp $
+# $NetBSD: Makefile,v 1.7 2021/11/01 21:33:26 fcambus Exp $
 #
 
 DISTNAME=	tweak-3.02
+PKGREVISION=	1
 CATEGORIES=	editors
 MASTER_SITES=	https://www.chiark.greenend.org.uk/~sgtatham/tweak/
 
@@ -10,6 +11,7 @@ HOMEPAGE=	https://www.chiark.greenend.org.uk/~sgtatham/tweak/
 COMMENT=	Efficient hex editor
 LICENSE=	mit
 
+USE_LANGUAGES=	c c99
 USE_TOOLS+=	gmake
 
 MAKE_FLAGS+=	PREFIX=${PREFIX} DESTDIR=${DESTDIR}
diff --git a/editors/tweak/distinfo b/editors/tweak/distinfo
index 9e4857c4d43..5401149fd0d 100644
--- a/editors/tweak/distinfo
+++ b/editors/tweak/distinfo
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.8 2021/10/26 10:21:42 nia Exp $
+$NetBSD: distinfo,v 1.9 2021/11/01 21:33:26 fcambus Exp $
 
 BLAKE2s (tweak-3.02.tar.gz) = 170eca560ea496ce821c273c481e638ef65fa22d81d3179a8c1fbdeffbe23376
 SHA512 (tweak-3.02.tar.gz) = 4cf16eae1c48073ca77b0577585473288d7ecbc2d261a359db2cff372c1850cd809becb46bc745ac7d07e982d5eae9a0e0332402267ebab6b12cc952a02cff4e
 Size (tweak-3.02.tar.gz) = 71939 bytes
 SHA1 (patch-Makefile) = 43041b78d4bb28c84ab53792cbd39603c8ece038
+SHA1 (patch-keytab.c) = 369ec87681d21cc26f104ba5ef9cd59a2c99707a
 SHA1 (patch-rcfile.c) = 82bf8d167537de068650d3feaf5552ff7bb2be1b
diff --git a/editors/tweak/patches/patch-keytab.c b/editors/tweak/patches/patch-keytab.c
new file mode 100644
index 00000000000..294d56316ff
--- /dev/null
+++ b/editors/tweak/patches/patch-keytab.c
@@ -0,0 +1,95 @@
+$NetBSD: patch-keytab.c,v 1.1 2021/11/01 21:33:26 fcambus Exp $
+
+Fix buffer overflow in 'unknown key sequence' error report.
+
+Upstream commit ad97e1337e1e1df934b7f3674fa6c9f7e8eb603f.
+
+--- keytab.c.orig	2021-11-01 18:58:59.087368560 +0000
++++ keytab.c
+@@ -1,5 +1,6 @@
+ #include "tweak.h"
+ 
++#include <stdbool.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -61,16 +62,33 @@ void bind_key (char *sequence, int len, 
+ /*
+  * Format an ASCII code into a printable description of the key stroke.
+  */
+-static void strkey (char *s, int k) {
+-    k &= 255;			       /* force unsigned */
+-    if (k==27)
+-	strcpy(s, " ESC");
+-    else if (k<32 || k==127)
+-	sprintf(s, " ^%c", k ^ 64);
+-    else if (k<127)
+-	sprintf(s, " %c", k);
+-    else
+-	sprintf(s, " <0x%2X>", k);
++struct strkey_state {
++    char *s, *end;
++    bool truncated;
++};
++static void strkey (struct strkey_state *sks, int k) {
++    char thisbuf[32];
++
++    if (sks->truncated)
++        return;
++
++    if (sks->end - sks->s < 16) {
++        sks->truncated = true;
++        strcpy(thisbuf, " ...");
++    } else {
++        k &= 255;			       /* force unsigned */
++        if (k==27)
++            strcpy(thisbuf, " ESC");
++        else if (k<32 || k==127)
++            sprintf(thisbuf, " ^%c", k ^ 64);
++        else if (k<127)
++            sprintf(thisbuf, " %c", k);
++        else
++            sprintf(thisbuf, " <0x%2X>", k);
++    }
++
++    strcpy(sks->s, thisbuf);
++    sks->s += strlen(sks->s);
+ }
+ 
+ /*
+@@ -89,12 +107,18 @@ void proc_key (void) {
+     safe_update = FALSE;
+ #endif
+     strcpy(message, "Unknown key sequence");
+-    strkey(message+strlen(message), last_char);
++
++    struct strkey_state sks;
++    sks.s = message + strlen(message);
++    sks.end = message + sizeof(message);
++    sks.truncated = false;
++
++    strkey(&sks, last_char);
+     kt = base[(unsigned char) last_char];
+     if (!kt) {
+ 	display_beep();
+ 	while (display_input_to_flush())
+-	    strkey(message+strlen(message), display_getkey());
++	    strkey(&sks, display_getkey());
+ 	return;
+     }
+ 
+@@ -108,12 +132,12 @@ void proc_key (void) {
+ #if defined(unix) && !defined(GO32)
+ 	safe_update = FALSE;
+ #endif
+-	strkey(message+strlen(message), last_char);
++	strkey(&sks, last_char);
+ 	kt = kt->e.extended[(unsigned char) last_char];
+ 	if (!kt) {
+ 	    display_beep();
+ 	    while (display_input_to_flush())
+-		strkey(message+strlen(message), display_getkey());
++		strkey(&sks, display_getkey());
+ 	    return;
+ 	}
+     }
author	fcambus <fcambus@pkgsrc.org>	2021-11-01 21:33:26 +0000
committer	fcambus <fcambus@pkgsrc.org>	2021-11-01 21:33:26 +0000
commit	6ebef373e8fd87f2a4e5e44c4830a77d9862f462 (patch)
tree	76b364516b1be0e809c1b3cd4aa6889aad1845d3 /editors
parent	b80e1d7157160c3ee500c3ebb78b657d45305920 (diff)
download	pkgsrc-6ebef373e8fd87f2a4e5e44c4830a77d9862f462.tar.gz