[screen] clear scrollback buffer before locking linux terminal (#683733)

Tue Jul 19 14:43:45 UTC 2011

commit 3f891b186962bd73756acc28b8bc94bc475020e4
Author: Miroslav Lichvar <mlichvar at redhat.com>
Date:   Tue Jul 19 16:39:37 2011 +0200

    clear scrollback buffer before locking linux terminal (#683733)

 screen-E3.patch |   62 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 screen.spec     |    2 +
 2 files changed, 64 insertions(+), 0 deletions(-)
---

diff --git a/screen-E3.patch b/screen-E3.patch
new file mode 100644
index 0000000..7438929
--- /dev/null
+++ b/screen-E3.patch
@@ -0,0 +1,62 @@
+commit 0aec2900f63820c3405ba38a4d1cd67cc22f0715
+Author: Miroslav Lichvar <mlichvar at redhat.com>
+Date:   Mon Jul 18 17:26:47 2011 +0200
+
+    Clear scrollback buffer when locking terminal
+    
+    Linux kernel 3.0 adds a new command to clear the scrollback buffer in
+    the linux console. It's available in the ncurses terminfo entry as
+    extended capability E3. This is useful to prevent an attacker to read
+    content of a locked terminal via Shift-PgUp key.
+
+diff --git a/src/display.c b/src/display.c
+index 5fa11cb..038c435 100644
+--- a/src/display.c
++++ b/src/display.c
+@@ -3779,4 +3779,10 @@ char **cmdv;
+ 
+ #endif /* BLANKER_PRG */
+ 
++void
++ClearScrollbackBuffer()
++{
++  if (D_CE3)
++    AddCStr(D_CE3);
++}
+ 
+diff --git a/src/extern.h b/src/extern.h
+index c787d99..d3fecf0 100644
+--- a/src/extern.h
++++ b/src/extern.h
+@@ -316,6 +316,7 @@ extern int   color256to88 __P((int));
+ extern void  ResetIdle __P((void));
+ extern void  KillBlanker __P((void));
+ extern void  DisplaySleep1000 __P((int, int));
++extern void  ClearScrollbackBuffer __P((void));
+ 
+ /* resize.c */
+ extern int   ChangeWindowSize __P((struct win *, int, int, int));
+diff --git a/src/screen.c b/src/screen.c
+index cc8f565..3efb67b 100644
+--- a/src/screen.c
++++ b/src/screen.c
+@@ -1967,6 +1967,7 @@ int mode;
+ #endif
+     case D_LOCK:
+       ClearAll();
++      ClearScrollbackBuffer();
+       sign = SIG_LOCK;
+       /* tell attacher to lock terminal with a lockprg. */
+       break;
+diff --git a/src/term.c b/src/term.c
+index 991de1b..7485900 100644
+--- a/src/term.c
++++ b/src/term.c
+@@ -83,6 +83,7 @@ struct term term[T_N] =
+   { "CD", T_STR  },
+   { "ce", T_STR  },
+   { "cb", T_STR  },
++  { "E3", T_STR  },
+ 
+ /* initialise */
+   { "is", T_STR  },
diff --git a/screen.spec b/screen.spec
index 3e31fbb..f71da09 100644
--- a/screen.spec
+++ b/screen.spec
@@ -23,6 +23,7 @@ Patch1: screen-4.0.3-libs.patch
 Patch2: screen-4.0.3-screenrc.patch
 Patch3: screen-ipv6.patch
 Patch4: screen-cc.patch
+Patch5: screen-E3.patch
 
 %description
 The screen utility allows you to have multiple logins on just one
@@ -40,6 +41,7 @@ support multiple logins on one terminal.
 %patch2 -p1 -b .screenrc
 %patch3 -p2 -b .ipv6
 %patch4 -p2 -b .cc
+%patch5 -p2 -b .E3
 
 %build
 ./autogen.sh
