- The interesting bugs were in tic/infocmp's handling of user-defined
- capabilities. These were not recent bugs. Initially it was a simple
- problem:
- * The user-defined capabilities can be any type (boolean, number or
- string), but once given a type all uses of the name must conform
- to that type--unless some special support for a particular
- multi-typed name is built into ncurses.
- * One of simpleterm's contributors copied some definitions for using
- tmux's user-defined capabilities in late in 2016.
-
-diff --git a/st.info b/st.info
-@@ -185,7 +185,10 @@ st| simpleterm,
- tsl=\E]0;,
- xenl,
- vpa=\E[%i%p1%dd,
--
-+# Tmux unofficial extensions, see TERMINFO EXTENSIONS in tmux(1)
-+ Se,
-+ Ss,
-+ Tc,
-
- st-256color| simpleterm with 256 colors,
- use=st,
-
- * Later, in (referring to a version from mid-2017), a user asked to
- have it updated in ncurses.
- * However, it had an error from the change in late 2016. The
- terminal description made what tmux expected to be string actually
- a boolean.
- Over the years, there were problems with each of simpleterm's
- terminal descriptions. I repaired those, and usually dealt with
- the problem.
- * The difference in this case was that when compiling the terminal
- database, tic may have in memory the definitions for more than one
- terminal description (so that it can resolve "use=" clauses).
- Seeing two different types for the same name, in certain
- situations it would incorrectly merge the symbol tables for the
- two terminal descriptions.
- * On simpleterm's side, their bug was finally fixed in late 2019,
- three years after the bug was created.
-
- For ncurses, the elapsed time to fix this bug was less than three
- years. Someone reported a problem with the terminal description a few
- weeks after releasing ncurses 6.1 (in tmux #1264), and the terminal
- description was updated that week (ncurses patch 20180224):
-
-20180224
- + modify _nc_resolve_uses2() to detect incompatible types when merging
- a "use=" clause of extended capabilities. The problem was seen in a
- defective terminfo integrated from simpleterm sources in 20171111,
- compounded by repair in 20180121.
- + correct Ss/Ms interchange in st-0.7 entry (tmux #1264) -TD
-
- The larger part of that change added a check to prevent a simple merge
- of terminal descriptions where the same user-defined name was used
- with different types. But it raised some questions:
- * Was there a reliable way to manage terminal descriptions which
- used the same extended name in different ways?
- * Should ncurses provide a registry of well-known extended names,
- with their types?
-
- Since the correction to terminfo.src could have been readily adopted
- by packagers, there was nothing more to be done from ncurses'
- standpoint on that part. But improving ncurses to prevent issues like
- that is the reason for making a release.
-
- Nothing more (constructive) was mentioned with regard to simpleterm.
- But a few problems were found in the handling of user-defined
- capabilities:
- * Forward-references to user-defined capabilities in a "use=" clause
- did not allocate new data for each use. In tic, successive
- compilation of terminal entries could add user-defined
- capabilities to the wrong terminal entry.
- This was not noticed before, since xterm's terminal descriptions
- were the main users of the feature, and almost all of the uses of
- the building-blocks which contained user-defined capabilities were
- backward-references.
- * There is one (documented) case where ncurses 6.1 supports a
- user-defined capability that could be any type (i.e., "RGB"). The
- check added in February 2018 to guard against mismatches did not
- handle all of the combinations needed.
-
- Both of these issues dated from the original implementation of
- user-defined capabilities. Fixing them does not change the terminal
- database, but a older tic without the fixes will not be able to handle
- terminfo sources which rely upon those fixes. Starting in June 2019,
- the download link for the terminfo source file was capped at that
- date. The development sources have an up-to-date copy of the file, for
- people with a legitimate need for it.
-
- The "-c" (check) option of tic is not very useful if it cannot offer
- advice on parameters needed for user-defined capabilities. The various
- Caps files were reorganized to reduce redundancy, and in the common
- portion (Caps-ncurses), a registry of user-defined capabilities is
- provided for use by tic. While users can still define their own custom
- capabilities, tic will not offer any advice when their parameters do
- not match.
-
- In ncurses 6.2, tic makes a special check to allow any type for RGB,
- but its being able to do this relies upon fixes made in the ncurses
- library in mid-2019.
+ The interesting bugs were those dealing with memory leaks and buffer
+ overflows. Although the utilities are designed for text files (which
+ they do properly), some choose to test them with non-text files.
+ * Text files contain no embedded nulls. Also, they end with a
+ newline. Feeding tic non-text files exposed a few cases where the
+ program did not check for those issues. As a result, further
+ processing of the input found limit-checks whose assumptions were
+ invalid.
+ * Fixing the limit-checks (first) found a problem with tic managing
+ the list of strings in a terminal description. In merging two
+ terminal descriptions (i.e., the "use=" feature), tic was not
+ allocating a complete copy. A quick repair for that introduced a
+ memory leak.
+ * The checks for non-text files are improved (i.e., embedded nulls
+ in the input file will cause tic to reject it rather than
+ attempting to process it).
+ * The string allocations in tic are likewise improved.