[dev] [st] [patch] multi-line selection causes core dump on OpenBSD

From: Maurice Quennet <mjq_AT_gmx.net>
Date: Sat, 21 Sep 2013 23:33:56 +0200

Hello everyone,

I'm running OpenBSD 5.3 amd64 release version with the most current st
version from git and I noticed that st was crashing and dumping core
when selecting multiple lines whith the cursor. This happens, because
on line 964 of st.c (gp-1)->mode is accessed, although gp is still
pointing at the beginning of the array term.line[y] (see line 939 for
initialization of gp). A patch follows at the end of the mail. I
_quickly_ tested it and it _seems_ to work, but this should be verified
by someone else, since I don't know the st code and I only came up with
it by inspecting the core dump.

Best regards,
Maurice Quennet

diff --git a/st.c b/st.c
index 3321c31..e63573e 100644
--- a/st.c
+++ b/st.c
_AT_@ -961,7 +961,8 @@ selcopy(void) {
                          * st.
                          * FIXME: Fix the computer world.
                          */
- if(y < sel.ne.y && !((gp-1)->mode & ATTR_WRAP))
+ if(y < sel.ne.y && gp != (&term.line[y][0]) &&
+ !((gp-1)->mode & ATTR_WRAP))
                                 *ptr++ = '\n';
 
                         /*
Received on Sat Sep 21 2013 - 23:33:56 CEST