Date: Fri, 19 May 2017 21:58:58 +0300 From: Yui Hirasawa <yui@...k.li> To: oss-security@...ts.openwall.com Subject: Re: terminal emulators' processing of escape sequences On Wed, May 17, 2017 at 02:25:52AM +0200, Robert Święcki wrote: > Hi, > > 2017-05-17 0:03 GMT+02:00 Solar Designer <solar@...nwall.com>: > > > > Jason, Robert - > > > > On Tue, May 02, 2017 at 12:05:27AM +0200, Robert ??wi??cki wrote: > > > A harmless example from rxvt - pushing back the new-line character: > > > > > > $ echo -ne "\eGQ;" > > > ;$ 0 > > > bash: 0: command not found > > > > Does this also affect rxvt-unicode? > > Yes, > > Tested with rxvt-unicode-9.22 > > $ echo -ne "\eGQ;" > ;$ 0 > bash: 0: command not found > $ For me on rxvt-unicode 9.22 this command goes into command mode and executes the first command in the history, thanks to vi-mode in bash. In clear history it of course goes into infinite loop of re-executing itself. Also works with the more portable `printf "\033GQ;"`
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.