summaryrefslogtreecommitdiff
path: root/app/xterm
AgeCommit message (Collapse)Author
13 daysMissed removals in xterm 395 update.Matthieu Herrb
13 daysUpdate to xterm 395. Tested by tb@, jsg@ and others.Matthieu Herrb
2024-08-12Fix a crash in when printing decreased intensity unicode right quoteMatthieu Herrb
using bit-mapped fonts. Reported by Matthew Martin and fix confirmed by Thomas Dickey.
2024-07-25Update to xterm 393. tested by op@ and naddy@Matthieu Herrb
2023-12-19Substitute "100" for __default_termid__ instead of "vt100".Todd C. Miller
The "vt" prefix is optional for the default terminal ID. Fixes an instance of "vtvt100" in the installed man page. OK matthieu@
2023-02-05Update to xterm 378. tested/ok op@, tb@Matthieu Herrb
2023-01-22enlarge mkstemp() pattern to 10 'X'Matthieu Herrb
2022-11-10Prevent users from enabling allowFontOps by menu or via resources.Matthieu Herrb
This further protects from CVE-2022-2602 (although allowFontOps where disabled by default in OpenBSD since 2009).
2022-11-09Update xterm to version 375. ok tb@Matthieu Herrb
and also tested by Walter Alejandro Iglesias
2022-11-07missed CVS add/remove in previous update to 274. noticed by tb@Matthieu Herrb
2022-11-07Update xterm to version 374 ok tb@Matthieu Herrb
2022-09-03Revert parts of the changes in versions 368 and 369 that brokeMatthieu Herrb
support of 30bpp displays with TrueType fonts
2022-08-07kill extra space at EOLMatthieu Herrb
2022-08-07fix indentation style and space/tabMatthieu Herrb
2022-08-07If unveil(2) fails, display an error with the failing path.Matthieu Herrb
Discussed with deraadt@ ok millert@
2022-06-04allowMouseOps default is disabled. adjust documentation.Theo de Raadt
2022-05-22Document removal of exec-formatted(), exec-selectable() andMatthieu Herrb
spawn-new-terminal() functions.
2022-05-22Back in darker times, xterm was setuid root to add a user entry to theTheo de Raadt
utmp and wtmp files at startup. real-uid / effective-uid flipping was used to cleanup the records in these two files at logout-time. Over time it was recognized that setuid root is too dangerous, later on even uid flipping became an unacceptable practice (because an attacker who finds a bug will simply flip the uid back to root before continuing exploitation). Some OS's helped xterm (and other similar login-related tooling) by making utmp writeable by a new utmp group, but most did not do the same for wtmp. xterm started using this new utmp gid, and the wtmp code moved to "try, and if it fails, ignore the failure". The obvious way to use this uid is for xterm to open the utmp file for write (early on), discard the egid, and keep the file descriptor around until utmp cleanup at termination. 10-20 lines of code, maybe. But no,.... that's not what happened. The previous setuid root flipping code (which is nearly a hundred lines of #ifdef-wrapped code for portability reasons) was copied and repurposed by adding new #ifdef code for setgid utmp flipping, and thus nearly a hundred lines of #ifdef-wrapped code was added). setgid flipping has less severe security risks than setuid flipping, but it is remains an excessively strong and unneccessary power (compared to a single writeable fd). When pledge() arrived on the scene, "wpath" was required so that the utmp file could be opened late, and "id" was required to support egid flipping. unveil() arrived on the scene, and the utmp path was added to the list of viable paths, once again not considering that an incorrect approach was being taken by the code. I tried rewriting the portable USE_UTMP_SETGID code to follow the open-drop-reuse-fd approach, to help out upstream xterm, but it is such a brain-melting shitshow I gave up, we'll have a (small) intrusive patch which opens utmp early, drops the gid, and reuses the fd later on. Maybe upstream will take care of this eventually to reduce the risk of egid other operating systems. ok matthieu, much feedback from millert
2022-05-22Disable wtmp support on OpenBSD, it hasn't worked in nearly two decadesTheo de Raadt
because we dropped setuid root around the, but the code to attempt it it was erroneously left behind ok matthieu
2022-05-22Disable the exec-formatted and exec-selectable strictlyTheo de Raadt
ok matthieu
2022-05-22Avoid snprintf truncation near environment variablesTheo de Raadt
ok matthieu
2022-05-22A few support functions can be hidden using OPT_EXEC_XTERM, becauseTheo de Raadt
the top-level features are disabled because our xterm uses pledge without "exec" support. ok matthieu
2022-04-25Update to xterm 372. ok tb@, naddy@. Tested by others too.Matthieu Herrb
2022-02-21Merge Upstream fix for buffer overflow in sixel code.Matthieu Herrb
This code is not compiled on OpenBSD so the shipped xterm are not vulnerable to this (which is CVE-2022-24130) Committing the fix in case someone uses this for builds with sixel enabled.
2021-10-31Disable mouse tracking by default.Matthieu Herrb
This causes extra control sequences to be sent to the shell when an application that has it enabled crashes. Discussed with deraadt@
2021-10-17Update to xterm 369. Tested by many.Matthieu Herrb
2021-09-06Don't exit if unveil() fails. ok deraadt@Matthieu Herrb
2021-09-02Unveil paths needed by xterm at run-time. work with tb@ and deraadt@Matthieu Herrb
Only in (default) case where there are no exec-formatted or exec-selected resources set. In those case the commands and their arguments could be anywhere.
2021-08-31Make xterm use my_wcwidth unconditionally again.Martijn van Duren
CharWidth is a conditional wrapper that assumes that all wide characters in the range 32-126 and 160-255) are latin-1 characters and are identical with the unicode (UTF-8) codepoints and result in a width of 1. This is correct in so far that the names of these code-points are identical, but for SHY (soft-hyphen) the explanation of how it should be used differs between unicode and latin-1. Latin-1 assumes that it's always displayed, for unicode it should only be displayed after local grammar rules apply. This wrapper got introduced in xterm #334 and is on the short-list of Thomas Dickey to fix. Since we don't know when the next release is going to be, commit this one now, so we have it fixed before 7.0. Originally discrepency between xterm and wcwidth(3) pointed out by Lauri Tirkkonen (lauri <at> hacktheplanet <dot> fi). OK matthieu@
2021-04-02Update to xterm 367. Tested by abieber@, dv@ and Trondd. Thanks.Matthieu Herrb
2021-02-14Update to xterm 366. tested by jsg@Matthieu Herrb
2021-01-10Update to xterm 363. tested by jsg@ and others on tech@.Matthieu Herrb
2021-01-02Pass the proper widget pointer to getKeymapResources()Matthieu Herrb
Found while testing xterm 363
2021-01-02Pass proper widget pointer to SetCursorBlink() in local change.Matthieu Herrb
Found while testing upgrade to version 363.
2021-01-02Remove a now unused field that was added as part of a local change.Matthieu Herrb
2021-01-02Remove redundant / unused defines from CPPFLAGS. No binary changes.Matthieu Herrb
2020-01-20Disable the print-immediate and print-on-error functions in xterm.Matthieu Herrb
They a causing a pledge violation when called, and we can live without them. ok millert, also discussed with deraadt@
2020-01-18Disable PASTE64, TCAP_FKEYS and TCAP_QUERY explicitly.Matthieu Herrb
They got enabled in previous xterm update but we don't want those. PASTE64 issue and patch by deraadt@, discussed also with nicm@
2019-12-29Update to xterm 351. tested and ok solene@ jca@Matthieu Herrb
2019-03-09Make it possible to build xterm with OPT_TRACE.Matthieu Herrb
with tweaks from kn@.
2019-03-08Do not replace wcwidth(3) with a broken, hand-rolled re-implementationIngo Schwarze
that comes bundled with xterm(1). Issue found and based on a diff from Lauri Tirkkonen <lotheac at iki dot fi>. The final form of the diff follows a suggestion from tedu@. OK matthieu@
2019-03-08Update the OPENBSD SPECIFICS section to match reality:Ingo Schwarze
* Add the missing locale, modifyFunctionKeys, precompose, and scrollBar. * Move backarrowKeyIsErase to conform to alphabetical sorting. * Add a missing full stop. Diff found in my tree; i obviously forgot to commit it earlier.
2019-02-24Update to xterm version 344. ok jsg@Matthieu Herrb
2018-07-21use #define XXX 0 to explicitelty disable an option.Matthieu Herrb
2018-07-21Explicitely disable paste64 and readline options, to disable bracketed paste.Matthieu Herrb
readline was not enabled, but paste64 which was on by default enables it. requested by deraadt@
2018-05-20Change the 'Enable Blinking Cursor' menu item to 'Toggle Cursor Blinking'Matthieu Herrb
This is more coherent with how the menu item interacts with changes caused by sending escape sequences. Remove the check mark from the item which was getting out of sync.
2018-05-20Make 'reset terminal' also reset the blinking state of the cursor.Matthieu Herrb
Fix from Thomas Dickey.
2018-05-20set the default for cursorBlink to 'never'Matthieu Herrb
2018-03-29Update to xterm 331Matthieu Herrb
2018-03-29Update to xterm 331Matthieu Herrb