From c52ee7f941fa3a31171c58879c11c9a744c25e93 Mon Sep 17 00:00:00 2001
From: simon <simon@cda61777-01e9-0310-a592-d414129be87e>
Date: Mon, 5 Jun 2000 16:33:58 +0000
Subject: [PATCH] Hack to work around the rootshell.com xterm DoS problem. A
 better fix might be possible, but it's unclear whether this is a productive
 strategy in the long term.

git-svn-id: svn://svn.tartarus.org/sgt/putty@495 cda61777-01e9-0310-a592-d414129be87e
---
 terminal.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/terminal.c b/terminal.c
index 1de4f3b6..392ce7ff 100644
--- a/terminal.c
+++ b/terminal.c
@@ -1209,7 +1209,11 @@ void term_out(void) {
 		 */
 		compatibility(VT340TEXT);
 		if (esc_nargs<=1 && (esc_args[0]<1 || esc_args[0]>=24)) {
-		    request_resize (cols, def(esc_args[0], 24), 0);
+		    unsigned int newrows = def(esc_args[0], 24);
+		    /* Hack: prevent big-resize DoS attack. */
+		    if (newrows > max(512, cfg.height))
+			newrows = max(512, cfg.height);
+		    request_resize (cols, newrows, 0);
 		    deselect();
 		}
 		break;
@@ -1221,7 +1225,11 @@ void term_out(void) {
 		 */
 		compatibility(VT420);
 		if (esc_nargs==1 && esc_args[0]>=24) {
-		    request_resize (cols, def(esc_args[0], cfg.height), 0);
+		    unsigned int newrows = def(esc_args[0], cfg.height);
+		    /* Hack: prevent big-resize DoS attack. */
+		    if (newrows > max(512, cfg.height))
+			newrows = max(512, cfg.height);
+		    request_resize (cols, newrows, 0);
 		    deselect();
 		}
 		break;
@@ -1232,7 +1240,11 @@ void term_out(void) {
 		 */
 		compatibility(VT340TEXT);
 		if (esc_nargs<=1) {
-		    request_resize (cols, def(esc_args[0], cfg.width), 0);
+		    unsigned int newcols = def(esc_args[0], cfg.width);
+		    /* Hack: prevent big-resize DoS attack. */
+		    if (newcols > max(512, cfg.width))
+			newcols = max(512, cfg.width);
+		    request_resize (newcols, rows, 0);
 		    deselect();
 		}
 		break;
-- 
2.11.0