https://salsa.debian.org/debian/screen/-/raw/debian/4.8.0-5/debian/patches/99_CVE-2021-26937.patch

Description: [CVE-2021-26937] Fix out of bounds array access
Author: Michael Schröder <mls@suse.de>
Bug-Debian: https://bugs.debian.org/982435
Bug: https://savannah.gnu.org/bugs/?60030
Bug: https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html
Bug-OSS-Security: https://www.openwall.com/lists/oss-security/2021/02/09/3
Origin: https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00010.html

--- a/encoding.c
+++ b/encoding.c
@@ -43,7 +43,7 @@
 # ifdef UTF8
 static int   recode_char __P((int, int, int));
 static int   recode_char_to_encoding __P((int, int));
-static void  comb_tofront __P((int, int));
+static void  comb_tofront __P((int));
 #  ifdef DW_CHARS
 static int   recode_char_dw __P((int, int *, int, int));
 static int   recode_char_dw_to_encoding __P((int, int *, int));
@@ -1263,6 +1263,8 @@
     {0x30000, 0x3FFFD},
   };
 
+  if (c >= 0xdf00 && c <= 0xdfff)
+    return 1;          /* dw combining sequence */
   return ((bisearch(c, wide, sizeof(wide) / sizeof(struct interval) - 1)) ||
           (cjkwidth &&
            bisearch(c, ambiguous,
@@ -1330,11 +1332,12 @@
 }
 
 static void
-comb_tofront(root, i)
-int root, i;
+comb_tofront(i)
+int i;
 {
   for (;;)
     {
+      int root = i >= 0x700 ? 0x801 : 0x800;
       debug1("bring to front: %x\n", i);
       combchars[combchars[i]->prev]->next = combchars[i]->next;
       combchars[combchars[i]->next]->prev = combchars[i]->prev;
@@ -1396,9 +1399,9 @@
     {
       /* full, recycle old entry */
       if (c1 >= 0xd800 && c1 < 0xe000)
-        comb_tofront(root, c1 - 0xd800);
+        comb_tofront(c1 - 0xd800);
       i = combchars[root]->prev;
-      if (c1 == i + 0xd800)
+      if (i == 0x800 || i == 0x801 || c1 == i + 0xd800)
 	{
 	  /* completely full, can't recycle */
 	  debug("utf8_handle_comp: completely full!\n");
@@ -1422,7 +1425,7 @@
   mc->font  = (i >> 8) + 0xd8;
   mc->fontx = 0;
   debug3("combinig char %x %x -> %x\n", c1, c, i + 0xd800);
-  comb_tofront(root, i);
+  comb_tofront(i);
 }
 
 #else /* !UTF8 */
88251df'>gnu</a>/<a href='/guix/log/gnu/installer.scm?id=ddc12778325f8f78fb737028f893a200188251df'>installer.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/installer.scm?id=ddc12778325f8f78fb737028f893a200188251df&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2022-12-05 14:57:15 +0100'>2022-12-05</span></td><td><a href='/guix/commit/gnu/installer.scm?id=241772d5c068fb7c4fa69d4673174254742eb410'>installer: Log provenance data.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/installer.scm (provenance-sexp): New procedure.
(installer-program)[installer-builder]: Add 'installer-log-line' call.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-11-15 12:16:43 +0100'>2022-11-15</span></td><td><a href='/guix/commit/gnu/installer.scm?id=94dc60841b1f5bc54e7da39b40ca38d5c22b18c1'>installer: Migrate to 'guile-gnutls'.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/installer.scm (installer-program): Replace GNUTLS with GUILE-GNUTLS.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-11-15 12:16:43 +0100'>2022-11-15</span></td><td><a href='/guix/commit/gnu/installer.scm?id=514fedbf3966b7fbab31a6c63b4210ec8b5b0c9a'>installer: Report known-unsupported PCI devices.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/installer/hardware.scm: New file.
* gnu/local.mk (INSTALLER_MODULES): Add it.
* po/guix/POTFILES.in: Add it.
* gnu/installer.scm (installer-steps): Pass #:pci-database to the
'welcome' step procedure.
* gnu/installer/newt.scm (welcome-page): Add #:pci-database and pass it
to 'run-welcome-page'.
* gnu/installer/newt/welcome.scm (check-hardware-support): Add #:pci-database.
Enumerate unsupported PCI devices and run an error page when unsupported
devices are found.
(run-welcome-page): Add #:pci-database and pass it to
'check-hardware-support' and to the recursive call.
* gnu/installer/record.scm (&lt;installer&gt;)[welcome-page]: Adjust comment.
* doc/guix.texi (Hardware Considerations): Mention it.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-11-15 12:16:43 +0100'>2022-11-15</span></td><td><a href='/guix/commit/gnu/installer.scm?id=938d6161cbebf96727ec01309e7b805c04b4bda4'>installer: Use 'current-guix' for extensions.</a><span class='msg-avail'>...<span class='msg-tooltip'>This lets us use the latest (gnu build linux-modules) for instance.
Note that items listed in 'with-extensions' come first in the load path,
before the directory containing the modules in 'with-imported-modules'.

* gnu/installer.scm (installer-program): Use (current-guix) instead of
'guix' in 'with-extensions'.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-11-02 15:52:19 +0100'>2022-11-02</span></td><td><a href='/guix/commit/gnu/installer.scm?id=62a3756bd90c922c701e899a6c01c556d8e3c75a'>installer: Skip the backtrace page on user abort.</a><span class='msg-avail'>...<span class='msg-tooltip'>When the user aborts the installation because a core dump is discovered or the
installation command failed, displaying the abort backtrace doesn't make much
sense. Hide it when the abort condition is &amp;user-abort-error and skip directly
to the dump page.

* gnu/installer/steps.scm (&amp;user-abort-error): New variable.
(user-abort-error?): New procedure.
* gnu/installer/newt/final.scm (run-install-failed-page): Raise a
user-abort-error.
* gnu/installer/newt/welcome.scm (run-welcome-page): Ditto.
* gnu/installer.scm (installer-program): Hide the backtrace page and directly
propose to dump the report when the a &amp;user-abort-error is raised.
</span></span></td><td>Mathieu Othacehe</td></tr>
<tr><td><span title='2022-11-02 15:52:19 +0100'>2022-11-02</span></td><td><a href='/guix/commit/gnu/installer.scm?id=80387bc7c3966602800116f5be3893c3d3044a96'>installer: Add core dump support.</a><span class='msg-avail'>...<span class='msg-tooltip'>Fixes: &lt;https://issues.guix.gnu.org/58733&gt;

* gnu/installer.scm (installer-program): Enable core dump generation.
* gnu/installer/dump.scm (%core-dump): New variable.
(prepare-dump): Copy the core dump file.
* gnu/installer/newt/welcome.scm (run-welcome-page): Propose to report an
installation that previously generated a core dump.
</span></span></td><td>Mathieu Othacehe</td></tr>
<tr><td><span title='2022-08-08 11:54:24 +0200'>2022-08-08</span></td><td><a href='/guix/commit/gnu/installer.scm?id=cd1a98b928be9602ebf103744164ace7bfcae22c'>installer: Render the final configuration with (guix read-print).</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/installer.scm (module-to-import?): Return #t for (guix read-print).
* gnu/installer/steps.scm (configuration-&gt;file): Use
'pretty-print-with-comments/splice' instead of 'for-each' and 'pretty-print'.
</span></span></td><td>Ludovic Courtès</td></tr>

Age	Commit message (Expand)	Author
2022-12-05	installer: Log provenance data....* gnu/installer.scm (provenance-sexp): New procedure. (installer-program)[installer-builder]: Add 'installer-log-line' call.	Ludovic Courtès
2022-11-15	installer: Migrate to 'guile-gnutls'....* gnu/installer.scm (installer-program): Replace GNUTLS with GUILE-GNUTLS.	Ludovic Courtès
2022-11-15	installer: Report known-unsupported PCI devices....* gnu/installer/hardware.scm: New file. * gnu/local.mk (INSTALLER_MODULES): Add it. * po/guix/POTFILES.in: Add it. * gnu/installer.scm (installer-steps): Pass #:pci-database to the 'welcome' step procedure. * gnu/installer/newt.scm (welcome-page): Add #:pci-database and pass it to 'run-welcome-page'. * gnu/installer/newt/welcome.scm (check-hardware-support): Add #:pci-database. Enumerate unsupported PCI devices and run an error page when unsupported devices are found. (run-welcome-page): Add #:pci-database and pass it to 'check-hardware-support' and to the recursive call. * gnu/installer/record.scm (<installer>)[welcome-page]: Adjust comment. * doc/guix.texi (Hardware Considerations): Mention it.	Ludovic Courtès
2022-11-15	installer: Use 'current-guix' for extensions....This lets us use the latest (gnu build linux-modules) for instance. Note that items listed in 'with-extensions' come first in the load path, before the directory containing the modules in 'with-imported-modules'. * gnu/installer.scm (installer-program): Use (current-guix) instead of 'guix' in 'with-extensions'.	Ludovic Courtès
2022-11-02	installer: Skip the backtrace page on user abort....When the user aborts the installation because a core dump is discovered or the installation command failed, displaying the abort backtrace doesn't make much sense. Hide it when the abort condition is &user-abort-error and skip directly to the dump page. * gnu/installer/steps.scm (&user-abort-error): New variable. (user-abort-error?): New procedure. * gnu/installer/newt/final.scm (run-install-failed-page): Raise a user-abort-error. * gnu/installer/newt/welcome.scm (run-welcome-page): Ditto. * gnu/installer.scm (installer-program): Hide the backtrace page and directly propose to dump the report when the a &user-abort-error is raised.	Mathieu Othacehe
2022-11-02	installer: Add core dump support....Fixes: <https://issues.guix.gnu.org/58733> * gnu/installer.scm (installer-program): Enable core dump generation. * gnu/installer/dump.scm (%core-dump): New variable. (prepare-dump): Copy the core dump file. * gnu/installer/newt/welcome.scm (run-welcome-page): Propose to report an installation that previously generated a core dump.	Mathieu Othacehe
2022-08-08	installer: Render the final configuration with (guix read-print)....* gnu/installer.scm (module-to-import?): Return #t for (guix read-print). * gnu/installer/steps.scm (configuration->file): Use 'pretty-print-with-comments/splice' instead of 'for-each' and 'pretty-print'.	Ludovic Courtès