src/conio/cterm.c - Historico da BBS TELESC.NET.BR

BBS:      TELESC.NET.BR
Assunto:  src/conio/cterm.c
De:       Deuc¨
Data:     Sun, 15 Mar 2026 01:06:05 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/d5f6d74b83317aa52edd776d
Modified Files:
	src/conio/cterm.c
Log Message:
Fix musicbuf overflow and pixel checksum bounds in cterm.c

musicbuf overflow (line 5930): ANSI music mode (triggered by ESC[|,
ESC[N, or ESC[M with no params) appends each music character to
musicbuf[1024] via strcat with no length check. A malicious server
can send >1023 music characters to overflow the buffer. Add a
bounds check before the strcat.

Pixel checksum bounds (lines 3689/3691): The bounds checks for
param_int[2] and param_int[4] (row parameters) were comparing
against charwidth*width (the column pixel limit) instead of
charheight*height (the row pixel limit). This made the check too
permissive on wide screens and too strict on tall ones.

Co-Authored-By: Claude Opus 4.6 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]