Bugtraq mailing list archives

Re: pine/pico vt control characters bug

From: mouse () RODENTS MONTREAL QC CA (der Mouse)
Date: Sat, 25 Apr 1998 18:26:21 -0400

Pico, an editor included with pine 3.96 package, handles vt control
characters (eg. 0x9B) improperly, so it's possible to do almost
anything when normal text file is viewed with pico.


This depends entirely on the terminal (or emulator) in use; I just now
tried sending 0x9b 0x63 to one of my windows and got a greater-or-equal
sign and a lowercase c, nothing odd at all.

-    else if (c.c < 0x20 || c.c == 0x7F) {
+    else if (c.c < 0x20 || c.c == 0x7F || c.c == 0x9B) {


If you're going to blindly assume 00-20, 7f, and 9b, you probably want
to hit all of C1 space as well, as in

+    else if (c.c < 0x20 || (c.c >= 0x7F && c.c <= 0x9F)) {

(I'm assuming c.c is a specifically unsigned char, or something wider
than a char, or the "< 0x20" test breaks the whole high half anyway).

                                        der Mouse

                               mouse () rodents montreal qc ca
                     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Current thread:

pine/pico vt control characters bug Michal Zalewski (Apr 25)
- Special Report On Buffer Overfolws John Vranesevich (Apr 25)
- pine/pico vt control characters bug [2] Michal Zalewski (Apr 25)
- feature Re: pine/pico vt control characters bug GvS One (Apr 25)
  - Re: feature Re: pine/pico vt control characters bug Michal Zalewski (Apr 25)
  - Re: feature Re: pine/pico vt control characters bug Matt Barrie (Apr 25)
  - Leveraging search engines against Frontpage enabled servers frank darden (Apr 26)
- <Possible follow-ups>
- Re: pine/pico vt control characters bug der Mouse (Apr 25)