From feeee4b5832b17641e505b7083e0d299fdae318e Mon Sep 17 00:00:00 2001
From: Christian Persch <chpe@gnome.org>
Date: Sat, 19 May 2012 17:36:09 +0000
Subject: emulation: Limit integer arguments to 65535

To guard against malicious sequences containing excessively big numbers,
limit all parsed numbers to 16 bit range. Doing this here in the parsing
routine is a catch-all guard; this doesn't preclude enforcing
more stringent limits in the handlers themselves.

https://bugzilla.gnome.org/show_bug.cgi?id=676090
---
diff --git a/src/table.c b/src/table.c
index 140e8c8..85cf631 100644
--- a/src/table.c
+++ b/src/table.c
@@ -550,7 +550,7 @@ _vte_table_extract_numbers(GValueArray **array,
 		if (G_UNLIKELY (*array == NULL)) {
 			*array = g_value_array_new(1);
 		}
-		g_value_set_long(&value, total);
+		g_value_set_long(&value, CLAMP (total, 0, G_MAXUSHORT));
 		g_value_array_append(*array, &value);
 	} while (i++ < arginfo->length);
 	g_value_unset(&value);
diff --git a/src/vteseq.c b/src/vteseq.c
index 457c06a..46def5b 100644
--- a/src/vteseq.c
+++ b/src/vteseq.c
@@ -557,7 +557,7 @@ vte_sequence_handler_multiple(VteTerminal *terminal,
                               GValueArray *params,
                               VteTerminalSequenceHandler handler)
 {
-        vte_sequence_handler_multiple_limited(terminal, params, handler, G_MAXLONG);
+        vte_sequence_handler_multiple_limited(terminal, params, handler, G_MAXUSHORT);
 }
 
 static void
--
cgit v0.9.0.2
m'><form class='right' method='get' action='/guix/log/etc/snippets'>
<input type='hidden' name='id' value='8630a0809966a86213c132fbedad5268047757d0'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=8630a0809966a86213c132fbedad5268047757d0'>root</a>/<a href='/guix/log/etc?id=8630a0809966a86213c132fbedad5268047757d0'>etc</a>/<a href='/guix/log/etc/snippets?id=8630a0809966a86213c132fbedad5268047757d0'>snippets</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/etc/snippets?id=8630a0809966a86213c132fbedad5268047757d0&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2019-05-09 00:22:37 -0400'>2019-05-09</span></td><td><a href='/guix/commit/etc/snippets?id=4ac69ea10f54384ac893313ef738e5ad554ac328'>Add (guix bzr-download).</a><span class='msg-avail'>...<span class='msg-tooltip'>* guix/bzr-download.scm, guix/build/bzr.scm,
etc/snippets/scheme-mode/guix-bzr-reference: New files.
* Makefile.am (MODULES): Add them.
* etc/snippets/scheme-mode/guix-origin: Add "bzr-fetch" to the origin choices.
</span></span></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2019-03-26 14:18:12 +0100'>2019-03-26</span></td><td><a href='/guix/commit/etc/snippets?id=6994e6743603ab73cc32d32786a55672f4fa46f0'>etc: Add "rename" snippet.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/snippets/text-mode/guix-commit-message-rename-package: New file.
</span></span></td><td>Pierre Neidhardt</td></tr>
<tr><td><span title='2019-03-08 00:17:30 +0100'>2019-03-08</span></td><td><a href='/guix/commit/etc/snippets?id=95803946c7dbdff88db09fa5fe98e70d607712a7'>etc: snippets: Prefill package name.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/snippets/text-mode/guix-commit-message-add-package: Extract package
name from diff.
</span></span></td><td>Ricardo Wurmus</td></tr>
<tr><td><span title='2019-03-07 23:55:24 +0100'>2019-03-07</span></td><td><a href='/guix/commit/etc/snippets?id=d6234620ace1863d8102b065311ef3d94e0931da'>etc: snippets: Prefill package name and version.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/snippets/text-mode/guix-commit-message-update-package: Extract package
name and version from git diff output.
</span></span></td><td>Ricardo Wurmus</td></tr>
<tr><td><span title='2018-10-10 17:33:42 +0200'>2018-10-10</span></td><td><a href='/guix/commit/etc/snippets?id=d634db9401ac320383d45e24431442259cf6a2a4'>etc: Use git-file-name if origin is git-fetch.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/snippets/scheme-mode/guix-origin: Use git-file-name.
</span></span></td><td>Pierre Neidhardt</td></tr>
<tr><td><span title='2018-07-13 12:45:11 +0530'>2018-07-13</span></td><td><a href='/guix/commit/etc/snippets?id=9286c2950494b110e12d58d4ebd693d614120afe'>etc: snippets: Add guix-commit-message-use-https-home-page.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/snippets/text-mode/guix-commit-message-use-https-home-page: New file.
* doc/contributing.texi (The Perfect Setup): Document new snippet.
</span></span></td><td>Arun Isaac</td></tr>
<tr><td><span title='2018-07-13 09:27:31 +0530'>2018-07-13</span></td><td><a href='/guix/commit/etc/snippets?id=202befb4ae775cfdab1566f4a69ec184406a56be'>etc: snippets: Add new build systems to package snippet.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/snippets/scheme-mode/guix-package: Add android-ndk-build-system and
scons-build-system as possibilities for the build-system field.
</span></span></td><td>Arun Isaac</td></tr>
<tr><td><span title='2017-12-15 23:15:32 +0100'>2017-12-15</span></td><td><a href='/guix/commit/etc/snippets?id=42cdcdff1945b112452029c6a79445aac15ffd16'>etc: Add snippets.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/snippets/scheme-mode/guix-cvs-reference,
etc/snippets/scheme-mode/guix-git-reference,
etc/snippets/scheme-mode/guix-hg-reference,
etc/snippets/scheme-mode/guix-origin,
etc/snippets/scheme-mode/guix-package,
etc/snippets/scheme-mode/guix-svn-reference,
etc/snippets/text-mode/guix-commit-message-add-package,
etc/snippets/text-mode/guix-commit-message-update-package: New files.
* doc/contributing.texi (The Perfect Setup): Document snippets.
</span></span></td><td>Ricardo Wurmus</td></tr>

Age	Commit message (Expand)	Author
2019-05-09	Add (guix bzr-download)....* guix/bzr-download.scm, guix/build/bzr.scm, etc/snippets/scheme-mode/guix-bzr-reference: New files. * Makefile.am (MODULES): Add them. * etc/snippets/scheme-mode/guix-origin: Add "bzr-fetch" to the origin choices.	Maxim Cournoyer
2019-03-26	etc: Add "rename" snippet....* etc/snippets/text-mode/guix-commit-message-rename-package: New file.	Pierre Neidhardt
2019-03-08	etc: snippets: Prefill package name....* etc/snippets/text-mode/guix-commit-message-add-package: Extract package name from diff.	Ricardo Wurmus
2019-03-07	etc: snippets: Prefill package name and version....* etc/snippets/text-mode/guix-commit-message-update-package: Extract package name and version from git diff output.	Ricardo Wurmus
2018-10-10	etc: Use git-file-name if origin is git-fetch....* etc/snippets/scheme-mode/guix-origin: Use git-file-name.	Pierre Neidhardt
2018-07-13	etc: snippets: Add guix-commit-message-use-https-home-page....* etc/snippets/text-mode/guix-commit-message-use-https-home-page: New file. * doc/contributing.texi (The Perfect Setup): Document new snippet.	Arun Isaac
2018-07-13	etc: snippets: Add new build systems to package snippet....* etc/snippets/scheme-mode/guix-package: Add android-ndk-build-system and scons-build-system as possibilities for the build-system field.	Arun Isaac
2017-12-15	etc: Add snippets....* etc/snippets/scheme-mode/guix-cvs-reference, etc/snippets/scheme-mode/guix-git-reference, etc/snippets/scheme-mode/guix-hg-reference, etc/snippets/scheme-mode/guix-origin, etc/snippets/scheme-mode/guix-package, etc/snippets/scheme-mode/guix-svn-reference, etc/snippets/text-mode/guix-commit-message-add-package, etc/snippets/text-mode/guix-commit-message-update-package: New files. * doc/contributing.texi (The Perfect Setup): Document snippets.	Ricardo Wurmus