ag@amix.commodore.com (Keith Gabryelski) (05/26/91)
Crossposted to comp.bugs.sys5 becausethe bug is in SVR4, also. In article <7961@awdprime.UUCP> jfh@greenber.austin.ibm.com (John F Haugh II) writes: >In .../src/ucb/finger.c, there is a code fragment down around line 1074 >(version 5.8 dated 3/13/86) that reads > > if (isprint(c) || isspace(c)) > putchar(c); > else > putchar(c ^ 100); > >Now what are they doing XOR'ing that poor character against 100 =decimal=? I noticed this happens in three places in the code. Even if the code used ``c ^ 0100'' a user could still send a CSI (0x9b). Pax, Keith Ps, My diffs: (for a SVR4 machine so line numbers may be bogus) *** finger.c- Sun May 26 10:49:02 1991 --- finger.c Sun May 26 10:50:28 1991 *************** *** 491,497 **** if (isprint(c) || isspace(c)) putchar(c); else ! putchar(c ^ 100); } fclose(fp); putchar('\n'); --- 491,497 ---- if (isprint(c) || isspace(c)) putchar(c); else ! break; } fclose(fp); putchar('\n'); *************** *** 511,517 **** if (isprint(c) || isspace(c)) putchar(c); else ! putchar(c ^ 100); fclose(fp); } free(s); --- 511,517 ---- if (isprint(c) || isspace(c)) putchar(c); else ! break; fclose(fp); } free(s); *************** *** 1022,1028 **** if (isprint(c) || isspace(c)) putchar(c); else ! putchar(c ^ 100); } if (lastc != '\n') putchar('\n'); --- 1022,1028 ---- if (isprint(c) || isspace(c)) putchar(c); else ! break; } if (lastc != '\n') putchar('\n'); -- Keith Gabryelski Advanced Products Group ag@amix.commodore.com ...!cbmvax!amix!ag