src/conio/cterm.c - Historico da BBS TELESC.NET.BR

BBS:      TELESC.NET.BR
Assunto:  src/conio/cterm.c
De:       Deuc¨
Data:     Sun, 15 Mar 2026 20:35:47 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/1105669b6db24c1bc1f73351
Modified Files:
	src/conio/cterm.c
Log Message:
Fix integer overflow in dellines() clamp check

The check (sy + lines - 1) > maxy overflows when lines is near
INT_MAX (e.g. ESC[2147483647M), wrapping to negative and bypassing
the clamp. The unclamped value then causes the clear loop at line 1075
to iterate ~2 billion times (TERM_MAXY - lines + 1 goes hugely
negative, looping up to TERM_MAXY).

Rearrange to lines > maxy - sy + 1, which cannot overflow since
maxy >= sy is guaranteed by the prior bounds check.

Found by ANSI fuzz testing (termtest.js).

Co-Authored-By: Claude Opus 4.6 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]