* remove escape 's' (support for seconds is dropped)
* remove 'password' command
* add 'O' escape for the count of screen windows
* update date and copyright year
Indeed, the test
strlen(home) > MAXPATHLEN - 8
is not sufficient due to the terminating null character
(if home has length MAXPATHLEN - 8, then MAXPATHLEN + 1
characters are written, which is larger than the buffer
size MAXPATHLEN).
See also:
b4e5968f0b
bug #63634
Instead of hard-coded tables, screen should use the standard
wcwdith() function, which will ensure consistency with other
software that already uses it (the real terminal and perhaps
libraries like ncurses).
We pass (1, 0) to calloc().
The ACLBYTE macro will return &NULL[(0 + 1) >> 3] equals 0.
On some systems (including OpenBSD) this will return
a zero sized object: a unique pointer that points to
unaccessable memory. This is permitted by the standards.
The chmod function comes from the header file sys/stat.h
which was not included in the source file display.c,
and thus the error.
This patch should fix the build error.
Signed-off-by: Brahmajit Das <brahmajit.xyz@gmail.com>
When run as setuid root, one can send a query message to the
privileged screen process via its unix socket in order to force
it to send SIGHUP to a PID that can be freely specified in the
query packet.
Processes that do not explicitly handle SIGHUP will simply terminate.
Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org>
As documented in libutempter:
"During execution of the privileged process spawned by these
functions, SIGCHLD signal handler will be temporarily set to
the default action."
Thus in case a SIGCHLD has been lost, we send a SIGCHLD to
oneself in order to avoid zombies:
https://savannah.gnu.org/bugs/?25089
It allows remote attackers to cause a denial of service
(invalid write access and application crash) or possibly
have unspecified other impact via a crafted UTF-8
character sequence.
bugfix: https://savannah.gnu.org/bugs/?60030
Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org>
