summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/less/files/CVE-2022-46663.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-extended/less/files/CVE-2022-46663.patch')
-rw-r--r--meta/recipes-extended/less/files/CVE-2022-46663.patch28
1 files changed, 28 insertions, 0 deletions
diff --git a/meta/recipes-extended/less/files/CVE-2022-46663.patch b/meta/recipes-extended/less/files/CVE-2022-46663.patch
new file mode 100644
index 0000000000..20f9d89ed8
--- /dev/null
+++ b/meta/recipes-extended/less/files/CVE-2022-46663.patch
@@ -0,0 +1,28 @@
+CVE: CVE-2022-46663
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From a78e1351113cef564d790a730d657a321624d79c Mon Sep 17 00:00:00 2001
+From: Mark Nudelman <markn@greenwoodsoftware.com>
+Date: Fri, 7 Oct 2022 19:25:46 -0700
+Subject: [PATCH] End OSC8 hyperlink on invalid embedded escape sequence.
+
+---
+ line.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/line.c b/line.c
+index 236c49ae..cba7bdd1 100644
+--- a/line.c
++++ b/line.c
+@@ -633,8 +633,8 @@ ansi_step(pansi, ch)
+ /* Hyperlink ends with \7 or ESC-backslash. */
+ if (ch == '\7')
+ return ANSI_END;
+- if (pansi->prev_esc && ch == '\\')
+- return ANSI_END;
++ if (pansi->prev_esc)
++ return (ch == '\\') ? ANSI_END : ANSI_ERR;
+ pansi->prev_esc = (ch == ESC);
+ return ANSI_MID;
+ }
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-01 17:52:45 +0000