https://gitlab.synchro.net/main/sbbs/-/commit/9ab3cfcb1eb84576fe44740f
Modified Files:
src/conio/cterm.c
Log Message:
Fix up the Prestel "Engineering Test Page" rendering

This was due to two main bugs... the simple one was a type where
the cutoff between separated and contiguous mosaics was incorrect,
which caused the first four separated mosaics to not be displayed.

The second was due to a number of bugs in the Hold Mosaic
implementation.

This fixes the first half of issue 172.

---
￭ Synchronet ￭ Vertrauen ￭ Home of Synchronet ￭ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/548763fda45f0d0db2bda11b
Modified Files:
src/conio/cterm.c
Log Message:
The final fixings for issue 172

Use 0 for "no held mosaic" to avoid confusion around printable bytes.
Store the state of the current cell *before* updating in fix_line()

---
￭ Synchronet ￭ Vertrauen ￭ Home of Synchronet ￭ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/348f1a7e91c6fbab5b81c9e9
Modified Files:
src/conio/cterm.c
Log Message:
Bump the CTerm revision.

Commands are added.

---
￭ Synchronet ￭ Vertrauen ￭ Home of Synchronet ￭ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/110f23bfdda7e6f7c96f8f1c
Modified Files:
src/conio/cterm.c
Log Message:
Add some paranoia around size of macros.

Initially set 1MB as the max macro size. I can't imagine wanting
one bigger than this, but I can bump it up if needed.

This likely fixes a vulerability where the BBS could at least crash
SyncTERM, and at most take control of the users system. This
likely isn't the only place that needs bounds checks like this.

---
￭ Synchronet ￭ Vertrauen ￭ Home of Synchronet ￭ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/c08f1613744351338e822c30
Modified Files:
src/conio/cterm.c
Log Message:
Fix NULL dereference in strbuf error

If strbuf is over 5MB, or the realloc() fails, clear strbuf and
break before writing to strbuf.
Found by scan-build

---
￭ Synchronet ￭ Vertrauen ￭ Home of Synchronet ￭ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/0b61127f46337d568bba8560
Modified Files:
src/conio/cterm.c
Log Message:
Set defaults for XTerm graphics query before checking

Fixes potential read of uninitialized data.
Found by scan-build

---
￭ Synchronet ￭ Vertrauen ￭ Home of Synchronet ￭ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/72b1a6ed7da07e08e677c471
Modified Files:
src/conio/cterm.c
Log Message:
Avoid read out of bounds in bad CSI m

In the CSI 38 : 2 : Z? : R : G : B m variant, if there was no
sub params (ie: CSI 38 : m), a read out of bounds would be
triggered.
Found by scan-build

---
￭ Synchronet ￭ Vertrauen ￭ Home of Synchronet ￭ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/dc75bc36a58f294681a71856
Modified Files:
src/conio/cterm.c
Log Message:
Handle malicious sequences with 2147483648 parameters.

Previously, this could (but likely wouldn't) result in accesses
outside of allocated memory, doing Very Bad Things.
Found by scan-build

---
￭ Synchronet ￭ Vertrauen ￭ Home of Synchronet ￭ [vert/cvs/bbs].synchro.net

https://gitlab.synchro.net/main/sbbs/-/commit/5ff8b9fe668544911d33451b
Modified Files:
src/conio/cterm.c
Log Message:
Another NULL dereference after overrunning the string buf.

Found by scan-build

---
￭ Synchronet ￭ Vertrauen ￭ Home of Synchronet ￭ [vert/cvs/bbs].synchro.net