From f4a31b5b18a5f751edb46e106fcf9fd317cd380f Mon Sep 17 00:00:00 2001
From: Alexander Sedov <alex0player@gmail.com>
Date: Wed, 27 Feb 2013 00:00:57 +0400
Subject: [st] [PATCH 2/2] Fixed various bugs with CSI.
To: dev@suckless.org

1. strtol() was called on non-null-terminated buffer.
   This is now fixed at the cost of having buffer one character shorter than it was.
2. If strtol() advances no characters, it returns 0, no need to recheck.
---
 st.c |   13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/st.c b/st.c
index 6416b2b..dc74783 100644
--- a/st.c
+++ b/st.c
@@ -1303,7 +1303,7 @@ tnewline(int first_col) {
 
 void
 csiparse(void) {
-	char *p = csiescseq.buf, *np;
+	char *p = csiescseq.buf;
 	long int v;
 
 	csiescseq.narg = 0;
@@ -1312,15 +1312,12 @@ csiparse(void) {
 		p++;
 	}
 
-	while(p < csiescseq.buf+csiescseq.len) {
-		np = NULL;
-		v = strtol(p, &np, 10);
-		if(np == p)
-			v = 0;
+	csiescseq.buf[csiescseq.len] = '\0';
+	while(1) {
+		v = strtol(p, &p, 10);
 		if(v == LONG_MAX || v == LONG_MIN)
 			v = -1;
 		csiescseq.arg[csiescseq.narg++] = v;
-		p = np;
 		if(*p != ';' || csiescseq.narg == ESC_ARG_SIZ)
 			break;
 		p++;
@@ -2115,7 +2112,7 @@ tputc(char *c, int len) {
 		if(term.esc & ESC_CSI) {
 			csiescseq.buf[csiescseq.len++] = ascii;
 			if(BETWEEN(ascii, 0x40, 0x7E)
-					|| csiescseq.len >= ESC_BUF_SIZ) {
+					|| csiescseq.len >= sizeof(csiescseq.buf)-1) {
 				term.esc = 0;
 				csiparse();
 				csihandle();
-- 
1.7.10.4