Bug#296535: Followup

[Daniel Jacobowitz]

severity 296535 minor
tags 296535 -security
thanks

On Tue, Feb 22, 2005 at 09:25:17PM -0600, Adam Majer wrote:
> Just as a followup, the problem does not occur for bitchx under
> en_US.UTF-8. To reproduce it, you can paste the signoff in a UTF-8
> enabled terminal+bitchx and watch the results in a LANG=C bitchx.
> 
> - Adam
> 
> PS. This is important because it allows remote to manipulate local
> terminal (at the minimum).

This doesn't work under screen.  It does make the LANG=C bitchx eat its
status bar, but no input is fed back to the terminal.

Under xterm I do get the help screen.  Here's the transcript:

read(4, ":[EMAIL PROTECTED] PRIVMSG #dtest :02:39 -!- Md
[EMAIL PROTECTED] has quit [\"\346
\210\221\347\232\204\346\260\243\345\242\212\350\210\271\345\205\205\346\273\277\344\272\206\351\261\224
\351\255\232\"]\r\n", 8192) = 124
write(1, "\33[1;21r\33[21;1H\n", 15)    = 15
write(1, 
"\33[1;1H\33[1;24r\33[21;1H\33[K\33[m\17\33[27m\33[24m\33[34m(\33[m\17\33[27m\33[24mdrow3\33[1m\33[1m\33[30m/\33[m\17\33[m\17\33[27m\33[24m#dtest\33[m\17\33[27m\33[24m\33[34m)\33[m\17\33[27m\33[24m02:39
 -!- Md [EMAIL PROTECTED] has quit\33[K\n", 183) = 183
write(1, "\r\33[1;21r\33[21;1H\n", 16)  = 16
write(1, 
"\33[1;1H\33[1;24r\33[21;1H\33[K[\"\346\210\221\347\232\204\346\260\243\345\242\212\350\210\271\345\205\205\346\273\277\344\272\206\351\261\224\351\255\232\"]\33[m\17\33[27m\33[24m\33[m\17\33[27m\33[24m\33[m\17\33[27m\33[24m\33[K\n",
 118) = 118
write(1, "\r", 1)                       = 1
time(NULL)                              = 1113795917
write(1, "\33[24;10H", 8)               = 8
gettimeofday({1113795917, 856305}, NULL) = 0
gettimeofday({1113795917, 856372}, NULL) = 0
select(5, [0 3 4], [], NULL, {43, 0})   = 1 (in [0], left {43, 0})
time(NULL)                              = 1113795917
time([1113795917])                      = 1113795917
read(0, "\33[?1;2c\33[?1;2c", 2048)     = 14

The offending character is \232.  Try this:

bash -c "echo -e '\232'"

The string it prints back is u8, the acknowledge string.  Normally this
is printed in response to \033[c (u9).  0232 == 0x9a is DECID, an
obsolete form.

So, there is no control of the terminal.  I think this is only a minor
bug.  Yes, bitchx does not filter output and probably should.  However,
a corrupted display or this one particular response sequence are about
the only potential problems.

-- 
Daniel Jacobowitz
CodeSourcery, LLC


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]