sys-apps/less/files/less-608-CVE-2022-46663.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

https://bugs.gentoo.org/893530
https://github.com/gwsw/less/commit/a78e1351113cef564d790a730d657a321624d79c

From a78e1351113cef564d790a730d657a321624d79c Mon Sep 17 00:00:00 2001
From: Mark Nudelman <markn@greenwoodsoftware.com>
Date: Fri, 7 Oct 2022 19:25:46 -0700
Subject: [PATCH] End OSC8 hyperlink on invalid embedded escape sequence.

--- a/line.c
+++ b/line.c
@@ -633,8 +633,8 @@ ansi_step(pansi, ch)
 		/* Hyperlink ends with \7 or ESC-backslash. */
 		if (ch == '\7')
 			return ANSI_END;
-		if (pansi->prev_esc && ch == '\\')
-			return ANSI_END;
+		if (pansi->prev_esc)
+            return (ch == '\\') ? ANSI_END : ANSI_ERR;
 		pansi->prev_esc = (ch == ESC);
 		return ANSI_MID;
 	}