X Strike Force XFree86 SVN commit: r1954 - in trunk/debian: . local

To: debian-x@lists.debian.org
Subject: X Strike Force XFree86 SVN commit: r1954 - in trunk/debian: . local
From: X Strike Force SVN Repository Admin <branden+svnadmin@deadbeast.net>
Date: Fri, 15 Oct 2004 11:36:05 -0500 (EST)
Message-id: <[🔎] 20041015163605.017485C045@necrotic.deadbeast.net>
Reply-to: debian-x@lists.debian.org

Author: branden
Date: 2004-10-15 11:36:01 -0500 (Fri, 15 Oct 2004)
New Revision: 1954

Modified:
   trunk/debian/CHANGESETS
   trunk/debian/changelog
   trunk/debian/local/FAQ.xhtml
Log:
Add FAQ entry: Sometimes I get garbage characters like 1;2c in my xterm
windows; what's happening?


Modified: trunk/debian/CHANGESETS
===================================================================
--- trunk/debian/CHANGESETS	2004-10-13 17:39:17 UTC (rev 1953)
+++ trunk/debian/CHANGESETS	2004-10-15 16:36:01 UTC (rev 1954)
@@ -142,4 +142,8 @@
 XFree86?
     1948, 1949
 
+Add FAQ entry: Sometimes I get garbage characters like 1;2c in my xterm
+windows; what's happening?
+    1954
+
 vim:set ai et sts=4 sw=4 tw=80:

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2004-10-13 17:39:17 UTC (rev 1953)
+++ trunk/debian/changelog	2004-10-15 16:36:01 UTC (rev 1954)
@@ -51,6 +51,9 @@
   * Add FAQ entry: What are Debian's plans with respect to X.Org and
     XFree86?
 
+  * Add FAQ entry: Sometimes I get garbage characters like 1;2c in my xterm
+    windows; what's happening?
+
   Changes by Denis Barbier and Fabio M. Di Nitto:
 
   * Edit xc/programs/xkbcomp/symbols/pc/Imakefile so that the new pc/us_intl
@@ -121,7 +124,7 @@
     + Set UseBios default to "no" for PROSAVAGE_DDR and PROSAVAGE_DDRK, as
       described at <URL: http://www.probo.com/timr/savage40.html >.
 
- -- Branden Robinson <branden@debian.org>  Tue, 12 Oct 2004 13:32:51 -0500
+ -- Branden Robinson <branden@debian.org>  Fri, 15 Oct 2004 11:34:49 -0500
 
 xfree86 (4.3.0.dfsg.1-8) unstable; urgency=high
 

Modified: trunk/debian/local/FAQ.xhtml
===================================================================
--- trunk/debian/local/FAQ.xhtml	2004-10-13 17:39:17 UTC (rev 1953)
+++ trunk/debian/local/FAQ.xhtml	2004-10-15 16:36:01 UTC (rev 1954)
@@ -158,6 +158,9 @@
   why is it messed up now?</a></li>
 <li><a href="#composeinput">Why does composing characters work in some
   applications but not others?</a></li>
+<li><a href="#xtermresizenoise">Sometimes I get garbage characters like
+  <code class="other">1;2c</code> in my <code class="command">xterm</code>
+  windows; what's happening?</a></li>
 </ul>
 <h2><a href="#acknowledgements">Acknowledgements</a></h2>
 
@@ -3035,6 +3038,50 @@
 class="filespec">.profile</code>, <code class="filespec">.bashrc</code>, or
 whatever your shell uses as an initialization file.</p>
 
+<h3><a id="xtermresizenoise">Sometimes I get garbage characters like
+  <code class="other">1;2c</code> in my <code class="command">xterm</code>
+  windows; what's happening?</a></h3>
+
+<p><em>Thanks to Thomas Dickey for contributing much of this entry.</em></p>
+
+<p>Occasionally people are concerned that this is a security problem &mdash;
+they fear that some rogue application may be trying to inject keystrokes at
+their shell prompt, for example.  While <code class="command">xterm</code> and
+other terminal emulators have had bugs like that in the past (see <a
+href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0063";>MITRE's CVE
+candidate CAN-2003-0063</a>), this is not such a situation.</p>
+
+<p>What you're seeing is part of the VT100 escape sequence that uses the cursor
+position of the lower-right corner to determine the screen size.  You're only
+seeing part of it because the "wrong" application had eaten part of the
+response.  (I get that sort of thing if I log into certain machines from the
+FreeBSD console &mdash; it doesn't respond as a VT100 would).</p>
+
+<p>Normally I'd see this only due to a misconfiguration and/or combination with
+a timeout.  It's annoying but relatively harmless.  It's not like the answerback
+or title strings &mdash; the response is determined by the terminal geometry and
+can't contain arbitrary text.</p>
+
+<p>If <code class="command">resize</code> cannot get useful information by a
+system call, it positions the cursor far right/down, and then asks the terminal
+where it really got to.  Real VT100 terminals won't wrap when positioning the
+cursor to (999,999), but will just move it in that direction until it
+stops<sup>*</sup>.</p>
+
+<p>The response looks like:</p>
+
+<p><code class="other">ESC [ <em>row</em> ; <em>column</em> R</code></p>
+
+<p>where <em>row</em> and <em>column</em> are positive decimal integers.  If one
+is in the habit of filling up their <code class="filespec">bin</code> directory
+with malicious scripts named <code class="filespec">79R</code>, <code
+class="filespec">80R</code>, etc., that could be a problem &mdash; but I think
+it's a fairly low probability.</p>
+
+<p><sup>*</sup> Some day I'll see a bug report from someone who's got a
+1200x1200 <code class="command">xterm</code>, and (with a script of course),
+they'll determine that resize doesn't give the correct result.</p>
+
 <h2><a id="acknowledgements">Acknowledgements</a></h2>
 
 <p>The author would like to thank Andreas Metzler, Guillem Jover, Ingo Saitz,

Reply to:

Prev by Date: Bug#255011: xlibs: mapping for macintosh/ca
Next by Date: Re: Bug#258399: xlibs: dvorak keyboard layout is missing right alt key
Previous by thread: Bug#276447: xterm sometimes leaves some of the highlighted selection out of the X selection
Next by thread: Processed: retitle 263399 to xserver-xfree86: [debconf] keyboard localisation set during install is not active afterwards ...
Index(es):
- Date
- Thread