Bug#691642: xterm: outputting the mc5 sequence (prtr_on / turn on printer) makes xterm crash
On 2012-10-28 11:37:58 +0100, Nico Golde wrote:
> I can't reproduce this with xterm 278-2 on amd64.
A bug in xrdb introduced a confusion. The problem occurs with
non-default *printerCommand value, e.g. in my case this was:
xterm -xrm '*printerCommand: ""'
(AFAIK, there was no problem with that in the past, or it solved
a problem under some other condition.)
> > In addition to possible data loss due to the crash, this is a security
> > problem, because the sequence may appear in a remote file.
>
> Sorry, I couldn't parse this sentence. What exactly are the security
> implications? So far I don't see how this qualifies for a security bug.
If some external data (because they contain some unexpected byte
sequence) make a local program crash (so that user data are lost),
that's a security bug. Just like when you have a bug in the image
decoder used by your web browser that makes it crash on some image
files.
--
Vincent Lefèvre <vincent@vinc17.net> - Web: <http://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Reply to: