Fix terminal title reportingvte-0-20

Fixed CVE-2003-0070 again.
See also http://marc.info/?l=bugtraq&m=104612710031920&w=2 .
(cherry picked from commit 6042c75b5a6daa0e499e61c8e07242d890d38ff1)

1 files changed, 16 insertions, 8 deletions

diff --git a/src/vteseq.c b/src/vteseq.c
index 072b19a0..7b850ec5 100644
--- a/src/vteseq.c
+++ b/src/vteseq.c
@@ -3341,21 +3341,29 @@ vte_sequence_handler_window_manipulation (VteTerminal *terminal, GValueArray *pa
 			vte_terminal_feed_child(terminal, buf, -1);
 			break;
 		case 20:
-			/* Report the icon title. */
+			/* Report a static icon title, since the real
+			   icon title should NEVER be reported, as it
+			   creates a security vulnerability.  See
+			   http://marc.info/?l=bugtraq&m=104612710031920&w=2
+			   and CVE-2003-0070. */
 			_vte_debug_print(VTE_DEBUG_PARSE,
-				"Reporting icon title.\n");
+				"Reporting fake icon title.\n");
+			/* never use terminal->icon_title here! */
 			g_snprintf (buf, sizeof (buf),
-				    _VTE_CAP_OSC "L%s" _VTE_CAP_ST,
-				    terminal->icon_title);
+				    _VTE_CAP_OSC "LTerminal" _VTE_CAP_ST);
 			vte_terminal_feed_child(terminal, buf, -1);
 			break;
 		case 21:
-			/* Report the window title. */
+			/* Report a static window title, since the real
+			   window title should NEVER be reported, as it
+			   creates a security vulnerability.  See
+			   http://marc.info/?l=bugtraq&m=104612710031920&w=2
+			   and CVE-2003-0070. */
 			_vte_debug_print(VTE_DEBUG_PARSE,
-					"Reporting window title.\n");
+					"Reporting fake window title.\n");
+			/* never use terminal->window_title here! */
 			g_snprintf (buf, sizeof (buf),
-				    _VTE_CAP_OSC "l%s" _VTE_CAP_ST,
-				    terminal->window_title);
+				    _VTE_CAP_OSC "lTerminal" _VTE_CAP_ST);
 			vte_terminal_feed_child(terminal, buf, -1);
 			break;
 		default: