1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00

Bounds-check terminal selection when clearing scrollback.

term_clrsb() was emptying the tree234 of scrollback, without checking
whether term->selstart, term->selend and term->selanchor were pointing
at places in the now-removed scrollback. If they were, then a
subsequent extend-selection operation could give rise to the dreaded
'line==NULL' assertion box.

Thanks to the user who sent in one of those debugging dumps, that
finally enabled us to track down (at least one case of) this
long- standing but extremely rare crash!
This commit is contained in:
Simon Tatham 2019-07-23 19:24:10 +01:00
parent c713ce4868
commit 80f5a009f6
2 changed files with 28 additions and 0 deletions

View File

@ -1600,6 +1600,24 @@ void term_reconfig(Terminal *term, Conf *conf)
term_copy_stuff_from_conf(term); term_copy_stuff_from_conf(term);
} }
/*
* Ensure the position variables describing the ends of the terminal
* selection are in bounds with respect to the actual extent of the
* screen and scrollback.
*/
static void term_selection_bounds_check(Terminal *term)
{
pos lo, hi;
lo.y = -count234(term->scrollback);
lo.x = 0;
hi.y = count234(term->screen);
hi.x = term->cols - 1;
term->selstart = bound_pos(term->selstart, lo, hi);
term->selend = bound_pos(term->selend, lo, hi);
term->selanchor = bound_pos(term->selanchor, lo, hi);
}
/* /*
* Clear the scrollback. * Clear the scrollback.
*/ */
@ -1621,6 +1639,11 @@ void term_clrsb(Terminal *term)
sfree(line); /* this is compressed data, not a termline */ sfree(line); /* this is compressed data, not a termline */
} }
/*
* Make sure we didn't invalidate selstart and selend in the process.
*/
term_selection_bounds_check(term);
/* /*
* When clearing the scrollback, we also truncate any termlines on * When clearing the scrollback, we also truncate any termlines on
* the current screen which have remembered data from a previous * the current screen which have remembered data from a previous

View File

@ -475,4 +475,9 @@ static inline bool decpos_fn(pos *p, int cols)
#define incpos(p) incpos_fn(&(p), GET_TERM_COLS) #define incpos(p) incpos_fn(&(p), GET_TERM_COLS)
#define decpos(p) decpos_fn(&(p), GET_TERM_COLS) #define decpos(p) decpos_fn(&(p), GET_TERM_COLS)
static inline pos bound_pos(pos p, pos lo, pos hi)
{
return poslt(p, lo) ? lo : poslt(p, hi) ? p : hi;
}
#endif #endif