Many common terminals that set TERM=xterm and $COLORTERM support 256 colors. If
this is detected, use force the hardcoded xterm's setaf/setab capabilities.
- Removed term.c, term.h and term_defs.h
- Tests for T_* values were removed. screen.c was simplified as a
consequence(the best strategy for drawing is implemented in the UI layer)
- Redraw functions now call ui.c functions directly. Updates are flushed with
`ui_flush()`
- Removed all termcap options(they now return empty strings for compatibility)
- &term/&ttybuiltin options return a constant value(nvim)
- &t_Co is still available, but it mirrors t_colors directly
- Remove cursor tracking from screen.c and the `screen_start` function. Now the
UI is expected to maintain cursor state across any call, and reset it when
resized.
- Remove unused code
Problem : Out-of-bounds access @ 3730.
Diagnostic : Real issue.
Rationale : str is constructed step by step, str_l growing each time.
str_m is the maximum length of str. So, at every step,
avail is computed to see if the piece to be added fits in.
If not, piece is truncated to a max of `avail`, so that str
stays in bounds. Such blocks where pieces are added are of
the form `if (str_l < str_m)`. It then follows that once
one of those pieces exhausts available space on str, no
other such block should be entered. Formally:
str_l < strl_m && avail = str_m - str_l && x >= avail
-->
str_l + x >= str_m
Now, suggested error path successively enters blocks where
str is exhausted. We're not sure if coverity just fails to
follow above implications, or, on the contrary, it's aware
of them, but it's signaling the more complex possibility of
implications not being fulfilled because of possible
arithmetic overflows. We opt then to assume this last case,
as the possibility is in fact there.
Resolution : Refactor code so that tracked condition doesn't depend on
arithmetic implications. Check for overflow.
Problem : Negative array index read @ 5674.
Diagnostic : False positive.
Rationale : Problem occurs if for loop does not find any match, which
implies shl->lnum == 0, and then we enter the
`if (shl->lnum == lnum)` branch, which implies lnum == 0 as
well. That's not possible, as function should not be called
with lnum == 0.
Resolution : Change conditions `shl->lnum == lnum` into `bot != -1`.
For unibilium extension indexes, use signed integer type initialized with -1 to
distinguish from the first extension string which will always have index 0.
Note: Clint was failing because of recommending not to use long. But
converting to long is the proper refactoring here, in as far as other
longs exist. We could, then, disable clint rule, or remove this file
from checking. We choose the former, as it's being discussed what to do
with longs, but a decision has not been taken. So, it seems most
reasonable to allow longs for now, to enable proper refactorings, and
then, when a decision is taken, refactor all longs to some other thing.
- Add xterm/iterm sequences for changing cursor shape(with tmux wrapping).
Enabled by setting the NVIM_TUI_ENABLE_CURSOR_SHAPE environment variable.
- Remove nvim_override parameter from unibi_out. In the future another way of
overriding the terminal strings will be added.
- Remove abstract_ui global, now it is always active
- Remove some terminal handling code
- Remove unused functions
- Remove HAVE_TGETENT/TERMINFO/TERMIOS/IOCTL #ifdefs
- Remove tgetent/terminfo from version.c
- Remove curses/terminfo dependencies
- Only start/stop termcap when starting/exiting the program
- msg_use_printf will return true if there are no attached UIs(
messages will be written to stdout)
- Remove `ex_winpos`(implement `:winpos` with `ex_ni`)
The input buffer is only used for data that really came from another process and
is only visible to os/input.c. Remove the input_buffer_{save,restore} functions,
they are not necessary(Also can result in problems if data comes while the
typeahead is saved).
Problem : Out-of-bounds access @ 5815.
Diagnostic : False positive.
Rationale : Error occurs when event_name2nr() returns NUM_EVENTS, which
means an event with that name was not found. That cannot
happen, as previous check using find_end_event() @ 5744
ensures event name exists.
Resolution : Assert event_name2nr() result is less thatn NUM_EVENTS.
Problem : Read from pointer after free @ {242, 391}.
Diagnostic : Real issues.
Rationale : Channel gets indeed freed on error case, producing
incorrect accesses to freed pointer later on.
Resolution : Implement reference counting mechanism to know when to free
channel.
Problem : Resource leak @ 3324.
Diagnostic : Real issue.
Rationale : Stack is not being freed on error cases.
Resolution : Free stack before invoking EMSG_RET_NULL.
Problem : Out-of-bounds read @ 9514.
Diagnostic : Real issue.
Rationale : PFD_NOTSPECIAL (253) is defined as the maximum not-special
value a prefix can have. But stack (and other) arrays are
defined as having MAXWLEN (250) items.
Resolution : Define MAXWLEN = 254.
Problem : Out-of-bounds read @ 2213.
Diagnostic : Real issue.
Rationale : Error occurs if cmap == ARRAY_SIZE(prt_ps_mbfonts),
but code takes the `if (prt_out_mbyte)` branch. That's it,
if a matching encoding is found but not a matching charset.
In that case, the first matching encoding is used.
Resolution : Remember the value of cmap for the first matching encoding.
Reset cmap to that value if first matching encoding is
going to be used.
