1. Forum
  2. Fidonet
  3. SYNC PROGRAMMING

  • src/syncterm/term.c

    From Deucе@1:103/705 to Git commit to main/sbbs/master on Sun Mar 15 01:06:05 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/d5e37e7999b5adf959d31e60
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Fix buffer overflows and missing NULL checks in term.c

    apc_handler(): two strcat(fn, p) calls append data from APC escape
    sequences (received from the remote BBS) into fn[MAX_PATH+1] without
    length checks. Changed to strlcat(fn, p, sizeof(fn)).

    mousedrag(): sbufsize was declared int but holds
    width * sizeof(vmem_cell) * height, which is assigned to malloc().
    On very large terminal dimensions the int multiplication can wrap,
    causing an undersized allocation. Changed sbufsize to size_t with
    an explicit (size_t) cast on the first operand. Also added a NULL
    check on the three malloc() calls — previously a failed allocation
    would be passed straight to vmem_gettext()/gettext() and crash.

    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sun Mar 15 01:06:05 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/95e02a29689ac912ba72c058
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Fix NULL deref, buffer overflow, and over-allocation in term.c

    NULL deref in cet_telesoftware_try_get_block() (line 1269): malloc()
    result dereferenced without NULL check. The caller already handles a
    NULL return via retry loop.

    strncat overflow in apc_handler() (line 4352): The SyncTERM:C;S APC
    handler appended a network-controlled filename to fn[MAX_PATH+1]
    using strncat, whose third argument limits source bytes, not
    destination space. A malicious server sending a long filename in the
    APC sequence overflows the stack buffer. Replace with strlcat bounded
    by sizeof(fn).

    b64_decode_alloc() over-allocation (line 3538): Operator precedence
    bug: "slen * 3 + 3 / 4 + 1" computes slen*3+0+1 (since 3/4 is 0 in
    integer division) instead of the intended base64 size. This wastes 4x
    memory on 64-bit and can wrap size_t on 32-bit. Fix to the standard
    formula (slen+3)/4*3+1.

    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sun Mar 15 14:09:13 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/7b847a23bef419ee2ec96e6f
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Fix multiple bugs in term.c

    - CET telesoftware: invert success flag (was "success = st.aborted",
    now "success = !st.aborted").
    - CET telesoftware: when frame count exhausts without end-of-file
    marker, set frames_remaining to 999 (unknown) and continue rather
    than silently underflowing on next decrement.
    - CET block allocation: add +1 byte for NUL terminator to prevent
    off-by-one write past flexible array member.
    - get_cache_fn_base/get_cache_fn_subdir: add bounds checks before
    strcat to prevent buffer overflow with long BBS names or subdirs.

    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sun Mar 15 19:01:12 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/fe6b7aceafcd4768736620c7
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Fix truncated conn_send() lengths for keyboard escape sequences

    43 conn_send() calls were passing incorrect buffer lengths, causing
    truncated escape sequences to be sent to the remote host:

    - Delete key (non-DECBKM): sent 1 byte of "\x1b[3~" instead of 4
    - F1-F5: sent 3 bytes of 5-byte sequences (e.g. "\033[11~")
    - Shift+F1-F5, Ctrl+F1-F5, Alt+F1-F5: sent 3 bytes of 7-byte
    sequences (e.g. "\033[11;2~")
    - Shift+F6-F12, Ctrl+F6-F12, Alt+F6-F12: sent 5 bytes of 7-byte
    sequences (e.g. "\033[17;2~")

    The lengths appear to have been copy-pasted from the 3-byte arrow key
    sequences without being updated for the longer function key strings.

    Unmodified F6-F12 (5-byte) and arrow/nav keys (3-byte) were already
    correct.

    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Mon Mar 16 21:53:14 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/352aeaaf9bf5499ef4c558e0
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Skip hyperlink hover tracking when status bar is disabled

    Prevents stale hover_hyperlink_id state and avoids blocking
    update_status() when there is no status bar to update.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sat Mar 21 06:26:33 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/7e9259733b7e924106782f99
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Fix count_data_waiting() to return the number of bytes waiting.

    Previously returned the occupied buffer count, which was usually
    higher than the number of bytes waiting, causing the connected
    check to occur less often than intended.
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sat Mar 21 06:26:33 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/e5a31427d83c14b2d05cb9fa
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Refactor doterm() key translation from switch statements to sorted tables

    Replace 585 lines of per-emulation switch/case key translation with
    sorted lookup tables and bsearch(). Each emulation (ATASCII, PETSCII,
    Prestel, BEEB, VT52, ANSI-BBS) gets its own static const table in
    .rodata. Special cases (DECBKM backspace, ATASCII inverse toggle,
    Prestel reveal) remain as inline logic in send_emulation_key().

    Includes verify_key_tables() with assert() to catch sort-order
    regressions in debug builds.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sat Mar 21 06:26:33 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/15b1df0e751f258d2967dafe
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Extract open_hyperlink() and open_url_at_cursor() helpers

    Deduplicate the URL/hyperlink handling in BUTTON_1_PRESS and
    BUTTON_1_CLICK mouse handlers. The same open-or-copy-to-clipboard
    logic was inlined in both cases; now each is a single function call.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sat Mar 21 06:26:33 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/6b0467f15a64315685cf9fb0
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Replace Duff's device in CTRL-Q/Alt-X/Alt-H key handling with goto

    The CTRL-Q path used a Duff's device (entering mid-if-body across
    case labels) to share code with Alt-X and Alt-H. Replace with an
    explicit goto to the hangup label, which is clearer about the intent:
    CTRL-Q in curses/ansi modes skips the exit check and goes straight
    to the hangup confirmation.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sat Mar 21 06:26:33 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/a63525664c3899556a22a11b
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Extract speedwatch, zmodem detect, OOII, and mouse handlers from doterm()

    Extract four inline state machines / handlers from the doterm() main
    loop into separate functions:

    - check_speedwatch(): pure FSM for ESC[0;N*r speed response detection
    - feed_zmodem_detect(): ZDLE+ZHEX sequence matching for auto-download/upload
    - feed_ooii(): OOII command accumulation and init pattern detection
    - handle_mouse_event(): all mouse button/move/drag/scroll handling

    Move constant data (zrqinit/zrinit patterns, ooii_init1/ooii_init2
    patterns) to file-scope static const. Move ooii_buf/ooii_buf_len to
    file-scope statics (reset at doterm() entry). Make mouse_buf a local
    inside handle_mouse_event().

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sat Mar 21 17:30:26 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/e5b068aac93113fd0c2195c2
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Fix ticket 229

    When closing SyncTERM with confirm exit on, and connected to a BBS,
    a zombie process would be created.

    Now it won't.
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Sat Mar 21 20:46:07 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/c9dc88c28e05caac299becb3
    Modified Files:
    src/syncterm/term.c
    Log Message:
    Open hyperlinks/URLs on drag-start when click becomes drag (ticket 226)

    When mouse mode is OFF, any sub-character mouse movement between
    press and release converts a click into a drag, preventing hyperlink
    and Ctrl+URL clicks from working. This is especially noticeable on
    high-DPI displays or with jittery mice/touchpads.

    On DRAG_START in MM_OFF: if there's a hyperlink_id, drain the
    remaining drag events and open the hyperlink. If Ctrl is held
    (legacy URL detection), drain and try to open the URL. Otherwise
    fall through to normal text selection via mousedrag().

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)